Virus in CoreTemp

Off topic discussions or chats
Post Reply
mk66
New User
Posts: 1
Joined: Thu Jul 17, 2014 9:17 am

Virus in CoreTemp

Post by mk66 »

I downloaded CoreTemp from the official site and uploaded the file to VirusTotal. There's so many warnings:
http://imgur.com/JIXm0Zx
Your FAQ has a minor section on virus reports but when I read the VirusTotal additional info, your installer does a lot more than what you describe. What's going here?

User avatar
The Coolest
Site Admin
Site Admin
Posts: 3379
Joined: Tue Feb 18, 2003 7:48 pm
Location: Tel Aviv, Israel
Contact:

Re: Virus in CoreTemp

Post by The Coolest »

What you see in the list is the installer being categorized as a 'PUP' which stands for 'Potentially unwanted program'.
Many similar installer packages with 3rd party software offers are categorized as such and are flagged by some AV software.
Main rig:
AMD Ryzen 9 5950X (True Spirit 140 Direct) / Mobo: Asrock Fatal1ty X470 / EVO 970 500GB + WD Blue 250GB + HDD / GPU: Dell RX 570 4GB / Mem: 2x16GB DDR4-3200 G.Skill 32GTZKW TridentZ - 32GB total / PSU: Seasonic Prime Ultra Gold 650W
NAS:
Core i7 2600K 3.4GHz @ 4.3GHz (Scythe Mugen2) / Mobo: Biostar TP67XE / 2x Inland Pro 120GB + HDDs / GPU: ATi Mach64 VT2 / Mem: 4x4GB DDR3-1600 G.Skill 8GBXL RipJawsX - 16GB total / PSU: Seasonic S12II 620W.
Secondary rigs:
Core i3 7130U / MiniPC / SanDisk SDSSDP-128G / GPU: Intel HD 620 / Mem: 1x8GB DDR3L-1600
Xeon X3430 2.40GHz @ 3.06GHz or Core i3 540 3.06GHz @ 4.0GHz (Freezer 7 Pro) / Mobo: MSI H55M-ED55 / PNY CS1111 240GB / GPU: ATI FirePro V3800 / Mem: 4x2GB DDR3-1600 G.Skill 4GBRL RipJaws - 8GB total / PSU: Seasonic S12II 620W
AMD Phenom II X4 B93 / Mobo: ASUS M2A-VM / GPU: ATI Radeon Xpress X1250 / Crucial M4 120GB / Mem: 2x2GB DDR2-800 - 4GB total / PSU: Antec 380W.

Core Temp - Accurate temperature monitor for Intel's Core/Core 2 and AMD64 processors

Kougeru
New User
Posts: 1
Joined: Sun Aug 24, 2014 4:21 pm

Re: Virus in CoreTemp

Post by Kougeru »

Your installer has virus/malware. I'm sure you'll deny it, but yesterday I downloaded Core Temp RC6 and installed it and suddenly had this malware/virus all over my browser. After doing some research I discovered the program (CinemaP) installed on my computer. I remember Core Temp asking if I wanted to install Google Chrome, which I declined but never was I asked to install anything else. I havnt installed anything else in months besides games on Steam. It HAS to be from Core Temp. Image Downloaded straight from the official Core Temp site. There was no "offer" to install this crap, only Google Chrome...which as I said before, I declined because I just uninstalled Chrome. I'm sure my post will either be deleted or just ignored, but this won't be the only place I report this on. Shame because I've been using Core Temp for nearly a decade now.

Pre-post edit: I understand you need money but malware is NOT the way to do it. Maybe it was by accident that you forgot to give people the OPTION to install this crap or not, but it's not an "offer". I just tested the installer again before posting it and it most definitely does NOT ask to install CinemaP, but it did install again. Confirmed from Core Temp on the official site.

User avatar
The Coolest
Site Admin
Site Admin
Posts: 3379
Joined: Tue Feb 18, 2003 7:48 pm
Location: Tel Aviv, Israel
Contact:

Re: Virus in CoreTemp

Post by The Coolest »

Can you check what was the installer file you downloaded? There are currently two in circulation.
The current installer I'm running right now is using the standard Inno installer, with a 3rd party offer path.
The offers are displayed during the installation process and it's optional. I have the source code of the offer path, and I have looked at it. It does not install anything the user has declined.
In case it did so, it must be some sort of bug, and requires attention. I'll let the relevant party know and see what they have to say about it.
Main rig:
AMD Ryzen 9 5950X (True Spirit 140 Direct) / Mobo: Asrock Fatal1ty X470 / EVO 970 500GB + WD Blue 250GB + HDD / GPU: Dell RX 570 4GB / Mem: 2x16GB DDR4-3200 G.Skill 32GTZKW TridentZ - 32GB total / PSU: Seasonic Prime Ultra Gold 650W
NAS:
Core i7 2600K 3.4GHz @ 4.3GHz (Scythe Mugen2) / Mobo: Biostar TP67XE / 2x Inland Pro 120GB + HDDs / GPU: ATi Mach64 VT2 / Mem: 4x4GB DDR3-1600 G.Skill 8GBXL RipJawsX - 16GB total / PSU: Seasonic S12II 620W.
Secondary rigs:
Core i3 7130U / MiniPC / SanDisk SDSSDP-128G / GPU: Intel HD 620 / Mem: 1x8GB DDR3L-1600
Xeon X3430 2.40GHz @ 3.06GHz or Core i3 540 3.06GHz @ 4.0GHz (Freezer 7 Pro) / Mobo: MSI H55M-ED55 / PNY CS1111 240GB / GPU: ATI FirePro V3800 / Mem: 4x2GB DDR3-1600 G.Skill 4GBRL RipJaws - 8GB total / PSU: Seasonic S12II 620W
AMD Phenom II X4 B93 / Mobo: ASUS M2A-VM / GPU: ATI Radeon Xpress X1250 / Crucial M4 120GB / Mem: 2x2GB DDR2-800 - 4GB total / PSU: Antec 380W.

Core Temp - Accurate temperature monitor for Intel's Core/Core 2 and AMD64 processors

shaolin
New User
Posts: 1
Joined: Mon Sep 01, 2014 2:42 pm

Re: Virus in CoreTemp

Post by shaolin »

I can confirm what the OP says but instead it installed something called Snap.do, http://malwaretips.com/blogs/remove-snapdo-virus/. If you try to uninstall it, it will first ask if you want to remove it from the browser. I have three so I had to go and click uninstall 3 separate times just to get past the browser uninstall prompts, which it really doesn't uninstall itself as I will explain below. After 4 tries to uninstall it through add/remove programs, it finally says, "Do you want to uninstall blah blah?". I clicked yes and nothing happens. I go back and click uninstall again and says, "Please allow program to finish", which it never does. This program will not uninstall!!

After 2 hours and 3 different anti-malware programs!! I was able to clean my PC. Even though I told it to uninstall from the browser it still had cookies and other stuff ready to spy on my browsing habits. I should have you pay me for the amount of time I wasted getting this POS off my PC.

I installed it into a Sandbox shortly after I cleaned it off my PC because I couldn't remember if I saw any extra options to disable install of the PUPs but there are NO OPTIONS GIVEN to do this. I installed it twice in a Sandbox just to make sure and there is no "advanced settings" or other obscure buttons to hit to prevent their install.

Users shouldn't have to go through this crap to install a program. There shouldn't be hidden or obscure options to click on during the install process to prevent installation of PUPs. A stand-alone version shouldn't be hidden in a area called "more downloads". Why not have it side by side and let people choose which version to download? Let me guess, you wouldn't get paid that way would you.

Man, if I were you, I would drop the Adware crap and go to donations or charging a few bucks for the program instead of pissing people off. I was so pissed yesterday, you just don't know.

User avatar
The Coolest
Site Admin
Site Admin
Posts: 3379
Joined: Tue Feb 18, 2003 7:48 pm
Location: Tel Aviv, Israel
Contact:

Re: Virus in CoreTemp

Post by The Coolest »

It seems to be an issue, and I took steps to get rid of it from the offered software path ASAP.

On VMs and Sandboxes the installer is unlikely to display any offers at all and will continue normally, without installing anything at all.
I ran tests on my VMs and dedicated systems. The installer did not install anything 'behind the scenes' without any kind of screen or prompt during the installation.
I went over the source code for the displayed offers and the installer will only install offers which were not declined by users.

In either case I do apologize for this snap.do issue, it wasn't intended. This software does not meet the criteria for the installer and it will be removed as soon as possible, so no more users should encounter this in the future.
Main rig:
AMD Ryzen 9 5950X (True Spirit 140 Direct) / Mobo: Asrock Fatal1ty X470 / EVO 970 500GB + WD Blue 250GB + HDD / GPU: Dell RX 570 4GB / Mem: 2x16GB DDR4-3200 G.Skill 32GTZKW TridentZ - 32GB total / PSU: Seasonic Prime Ultra Gold 650W
NAS:
Core i7 2600K 3.4GHz @ 4.3GHz (Scythe Mugen2) / Mobo: Biostar TP67XE / 2x Inland Pro 120GB + HDDs / GPU: ATi Mach64 VT2 / Mem: 4x4GB DDR3-1600 G.Skill 8GBXL RipJawsX - 16GB total / PSU: Seasonic S12II 620W.
Secondary rigs:
Core i3 7130U / MiniPC / SanDisk SDSSDP-128G / GPU: Intel HD 620 / Mem: 1x8GB DDR3L-1600
Xeon X3430 2.40GHz @ 3.06GHz or Core i3 540 3.06GHz @ 4.0GHz (Freezer 7 Pro) / Mobo: MSI H55M-ED55 / PNY CS1111 240GB / GPU: ATI FirePro V3800 / Mem: 4x2GB DDR3-1600 G.Skill 4GBRL RipJaws - 8GB total / PSU: Seasonic S12II 620W
AMD Phenom II X4 B93 / Mobo: ASUS M2A-VM / GPU: ATI Radeon Xpress X1250 / Crucial M4 120GB / Mem: 2x2GB DDR2-800 - 4GB total / PSU: Antec 380W.

Core Temp - Accurate temperature monitor for Intel's Core/Core 2 and AMD64 processors

Impissoff
New User
Posts: 2
Joined: Mon Jan 19, 2015 9:49 pm

Re: Virus in CoreTemp

Post by Impissoff »

Don't play the fool, you knew your installer was installing crap behind the scenes, without asking us if we want it or not. I decline two ads in the installation and then it installed a add ons on all my browsers. This is called malware and I liked to know a solution in order to take your crap out of my computer.

Post Reply

Return to “General Discussions”