Login | Register

Virus in CoreTemp

Off topic discussions or chats
  • Author
    Message

Virus in CoreTemp

Postby mk66 » Thu Jul 17, 2014 9:22 am

I downloaded CoreTemp from the official site and uploaded the file to VirusTotal. There's so many warnings:
http://imgur.com/JIXm0Zx
Your FAQ has a minor section on virus reports but when I read the VirusTotal additional info, your installer does a lot more than what you describe. What's going here?
mk66
New User
 
Posts: 1
Joined: Thu Jul 17, 2014 9:17 am

Re: Virus in CoreTemp

Postby The Coolest » Sat Aug 02, 2014 1:10 am

What you see in the list is the installer being categorized as a 'PUP' which stands for 'Potentially unwanted program'.
Many similar installer packages with 3rd party software offers are categorized as such and are flagged by some AV software.
Member of our O/C Folding @ Home team
"<The_Coolest> you can't unwaste wasted CPU cycles" - Start FOLDing now!
Main rig:
Core i7 2600K 3.4GHz @ 4.5GHz (Scythe Mugen2) / Mobo: Biostar TP67XE / SSD: Crucial M4 128GB (+ HDDs) / GPU: HD5450 / Mem: 4x4GB DDR3-1600 G.Skill 4GBXL RipJaws X - 16GB total / PSU: Seasonic S12II 620W.
Secondary rig:
Core i3 540 3.06GHz @ Stock / Mobo: MSI H55M-ED55 / GPU: Integrated / Mem: 2x2GB DDR3-1600 G.Skill 4GBRL RipJaws - 4GB total / PSU: FSP ATX350-PNR 350W.

Core Temp - Accurate temperature monitor for Intel's Core/Core 2 and AMD64 processors
User avatar
The Coolest
Site Admin
Site Admin
 
Posts: 2961
Joined: Tue Feb 18, 2003 7:48 pm
Location: Tel Aviv, Israel

Re: Virus in CoreTemp

Postby Kougeru » Sun Aug 24, 2014 4:34 pm

Your installer has virus/malware. I'm sure you'll deny it, but yesterday I downloaded Core Temp RC6 and installed it and suddenly had this malware/virus all over my browser. After doing some research I discovered the program (CinemaP) installed on my computer. I remember Core Temp asking if I wanted to install Google Chrome, which I declined but never was I asked to install anything else. I havnt installed anything else in months besides games on Steam. It HAS to be from Core Temp. Image Downloaded straight from the official Core Temp site. There was no "offer" to install this crap, only Google Chrome...which as I said before, I declined because I just uninstalled Chrome. I'm sure my post will either be deleted or just ignored, but this won't be the only place I report this on. Shame because I've been using Core Temp for nearly a decade now.

Pre-post edit: I understand you need money but malware is NOT the way to do it. Maybe it was by accident that you forgot to give people the OPTION to install this crap or not, but it's not an "offer". I just tested the installer again before posting it and it most definitely does NOT ask to install CinemaP, but it did install again. Confirmed from Core Temp on the official site.
Kougeru
New User
 
Posts: 1
Joined: Sun Aug 24, 2014 4:21 pm

Re: Virus in CoreTemp

Postby The Coolest » Sun Aug 24, 2014 5:26 pm

Can you check what was the installer file you downloaded? There are currently two in circulation.
The current installer I'm running right now is using the standard Inno installer, with a 3rd party offer path.
The offers are displayed during the installation process and it's optional. I have the source code of the offer path, and I have looked at it. It does not install anything the user has declined.
In case it did so, it must be some sort of bug, and requires attention. I'll let the relevant party know and see what they have to say about it.
Member of our O/C Folding @ Home team
"<The_Coolest> you can't unwaste wasted CPU cycles" - Start FOLDing now!
Main rig:
Core i7 2600K 3.4GHz @ 4.5GHz (Scythe Mugen2) / Mobo: Biostar TP67XE / SSD: Crucial M4 128GB (+ HDDs) / GPU: HD5450 / Mem: 4x4GB DDR3-1600 G.Skill 4GBXL RipJaws X - 16GB total / PSU: Seasonic S12II 620W.
Secondary rig:
Core i3 540 3.06GHz @ Stock / Mobo: MSI H55M-ED55 / GPU: Integrated / Mem: 2x2GB DDR3-1600 G.Skill 4GBRL RipJaws - 4GB total / PSU: FSP ATX350-PNR 350W.

Core Temp - Accurate temperature monitor for Intel's Core/Core 2 and AMD64 processors
User avatar
The Coolest
Site Admin
Site Admin
 
Posts: 2961
Joined: Tue Feb 18, 2003 7:48 pm
Location: Tel Aviv, Israel

Re: Virus in CoreTemp

Postby shaolin » Mon Sep 01, 2014 3:12 pm

I can confirm what the OP says but instead it installed something called Snap.do, http://malwaretips.com/blogs/remove-snapdo-virus/. If you try to uninstall it, it will first ask if you want to remove it from the browser. I have three so I had to go and click uninstall 3 separate times just to get past the browser uninstall prompts, which it really doesn't uninstall itself as I will explain below. After 4 tries to uninstall it through add/remove programs, it finally says, "Do you want to uninstall blah blah?". I clicked yes and nothing happens. I go back and click uninstall again and says, "Please allow program to finish", which it never does. This program will not uninstall!!

After 2 hours and 3 different anti-malware programs!! I was able to clean my PC. Even though I told it to uninstall from the browser it still had cookies and other stuff ready to spy on my browsing habits. I should have you pay me for the amount of time I wasted getting this POS off my PC.

I installed it into a Sandbox shortly after I cleaned it off my PC because I couldn't remember if I saw any extra options to disable install of the PUPs but there are NO OPTIONS GIVEN to do this. I installed it twice in a Sandbox just to make sure and there is no "advanced settings" or other obscure buttons to hit to prevent their install.

Users shouldn't have to go through this crap to install a program. There shouldn't be hidden or obscure options to click on during the install process to prevent installation of PUPs. A stand-alone version shouldn't be hidden in a area called "more downloads". Why not have it side by side and let people choose which version to download? Let me guess, you wouldn't get paid that way would you.

Man, if I were you, I would drop the Adware crap and go to donations or charging a few bucks for the program instead of pissing people off. I was so pissed yesterday, you just don't know.
shaolin
New User
 
Posts: 1
Joined: Mon Sep 01, 2014 2:42 pm

Re: Virus in CoreTemp

Postby The Coolest » Mon Sep 01, 2014 9:22 pm

It seems to be an issue, and I took steps to get rid of it from the offered software path ASAP.

On VMs and Sandboxes the installer is unlikely to display any offers at all and will continue normally, without installing anything at all.
I ran tests on my VMs and dedicated systems. The installer did not install anything 'behind the scenes' without any kind of screen or prompt during the installation.
I went over the source code for the displayed offers and the installer will only install offers which were not declined by users.

In either case I do apologize for this snap.do issue, it wasn't intended. This software does not meet the criteria for the installer and it will be removed as soon as possible, so no more users should encounter this in the future.
Member of our O/C Folding @ Home team
"<The_Coolest> you can't unwaste wasted CPU cycles" - Start FOLDing now!
Main rig:
Core i7 2600K 3.4GHz @ 4.5GHz (Scythe Mugen2) / Mobo: Biostar TP67XE / SSD: Crucial M4 128GB (+ HDDs) / GPU: HD5450 / Mem: 4x4GB DDR3-1600 G.Skill 4GBXL RipJaws X - 16GB total / PSU: Seasonic S12II 620W.
Secondary rig:
Core i3 540 3.06GHz @ Stock / Mobo: MSI H55M-ED55 / GPU: Integrated / Mem: 2x2GB DDR3-1600 G.Skill 4GBRL RipJaws - 4GB total / PSU: FSP ATX350-PNR 350W.

Core Temp - Accurate temperature monitor for Intel's Core/Core 2 and AMD64 processors
User avatar
The Coolest
Site Admin
Site Admin
 
Posts: 2961
Joined: Tue Feb 18, 2003 7:48 pm
Location: Tel Aviv, Israel

Re: Virus in CoreTemp

Postby Impissoff » Mon Jan 19, 2015 9:55 pm

Don't play the fool, you knew your installer was installing crap behind the scenes, without asking us if we want it or not. I decline two ads in the installation and then it installed a add ons on all my browsers. This is called malware and I liked to know a solution in order to take your crap out of my computer.
Impissoff
New User
 
Posts: 2
Joined: Mon Jan 19, 2015 9:49 pm

Return to General Discussions

Who is online

Users browsing this forum: No registered users and 1 guest