To post new answers or open threads, you need to log in. The registration is closed now, sorry. If you are not a member, you are welcome to read the posted content without any limitations. If you have any DAEMON Tools related question, contact our support team.
spywares are very common in softwares nowadays, but we are in the childhood of the internet era and most people are way too stupid to realize that, in a couple of centuries from now people will say "wow they were really that stupid to let the whole world inspect their house like that?"
anyway remember this golden rule, never grant internet access to a software which isn't 100% open source, only grant that access to a select few softwares which need it (like your web browser) and which are fully open source (including every plugin) and when you're not 100% sure if you can trust, simply choose the safer path and do not trust it
digital sigs don't mean anything in regards to whether you can trust or not, it's just a way to verify the editor, but in no way means that editor can be trusted, has never been the point of it
Maybe I was not specific but after the alert I already ran Daemon Tools Lite installer in Wireshark and this list about my system is sending to nsis.bisrv.com -
It is downloading the files bitool.dll from nsis.bisrv.com and bi_downloader.exe and installercdn.filebulldog.com with Riskware.Win32.Somoto.AMN without asking. I checked the signature like you said and one is not signed and one is signed by Somoto, so it is not a false positive.
Is this riskware supposed to be there? It is not even mentioned.
I have the same problem with my machine. I carefully un-checked everything, and on the popup message that Terramex posted, I clicked the "Cancel" prompt so it would not install any of the adware/malware.
My Anti virus software still picked up malware after installing Daemon Tools Lite v4.47.1.0335. I've installed Daemon tools many times, so I'm quite familiar with the tricks involved in making sure you don't install anything else.
7/25/2013 8:07:15 AM
Real-time file system protection
file
C:\Users\Merlin\AppData\Local\Temp\bitool.dll
Win32/Somoto.C
potentially unwanted application
cleaned by deleting - quarantined
NT AUTHORITY\SYSTEM
Event occurred during an attempt to access the file by the application:
C:\Windows\System32\rundll32.exe.
Please tell us only one thing: Why you force us to install this trash additional "software". When we click Next button (you know very well what about I am talking now) - we not only accept the terms of Babylon, but also install it! The fact that we don't check the options for default home page, doesn't change the fact that you force us to install this files if we want to install the Daemon Tools itself!
Behave like adults and just answer to your users to this one simple question - Why? Why did you do that? Is it some legal agreement with this Somoto partner?
If this is it - Thank you Somoto that you f***ed and this free software in such a brutal way!
According to the agreement with Somoto, we are not able to make an impact on which offer is shown for a certain user and how it behaves. We just show the offer page in our DT installation wizard. During our tests, we didn't meet any harmful software or software which can be installed in spite of user's rejection. Please be attentive during installation.
Dear Sway and Terramex,
Note that in the past I have already used your software who is really amazing, the problem comes from Somoto.
I have Sophos Network Security Professional on my computer.
I just double click on your software "DTLite4471-0337.exe" and nothing else.
On my screen i can see the first step of your installer who ask me to choose the setup language.
Note that I don't click on the next button at this step (so i didn't install anything at the moment).
And what a surprise, Sophos (one of the better anti spyware in the world) says : Adware or PUA detected from Somoto BetterInstaller
Components:
- C:\Users\Administrateur\AppData\Local\Microsoft\Wi ndows\Temporary Internet Files\Content.IE5\JS4C9GED\bi_downloader[1].exe\FILE:0001
- C:\Users\Administrateur\AppData\Local\Microsoft\Wi ndows\Temporary Internet Files\Content.IE5\LI0PJH67\bi_downloader[1].exe\FILE:0001
- C:\Users\Administrateur\AppData\Local\Temp\nsn4ED9 .tmp\FILE:0001
- C:\Users\Administrateur\AppData\Local\Temp\nsrB6DF .tmp\FILE:0001
I'm curious to know how you can justify that to us?
You said: During our tests, we didn't meet any harmful software or software which can be installed in spite of user's rejection
But this Somoto software is on my hard disk before starting the installation (ahahah ^_^).
I finished the installation on an other computer (i have uncheck the free trash Tools of course) and i can tell you what your software does (because it seems you are not able to see it):
It add some advertising on Google main page for exemple and i suppose it replaces many Google advertising on many web pages in order to hijack money of advertising.
I'm curious to know what google will say about that? or what Microsoft will think of a third party software that modify internet explorer?
I strongly advise you to reconsider your answer "you're just idiots who do not know uncheck radio buttons"
Respectfully, Gosu User, a beginner with 20 years experience in IT
nb:sorry for my broken English
But this Somoto software is on my hard disk before starting the installation (ahahah ^_^).
When you just launch installation wizard, installation package must be temporarily extracted to your hard disk drive. But it does not mean that all extracted files are used during installation. Normally, BetterInstaller downloader should not be run if all appropriate option are unchecked. BUT there can be some issues on BetterInstaller's side. We have already met such problem with SweetPacks Toolbar and SearchProtect installation (http://forum.daemon-tools.cc/f16/spy...51/#post140557) and reported this issue to BetterInstaller team.
I finished the installation on an other computer (i have uncheck the free trash Tools of course) and i can tell you what your software does (because it seems you are not able to see it):
It add some advertising on Google main page for exemple and i suppose it replaces many Google advertising on many web pages in order to hijack money of advertising.
I'm curious to know what google will say about that? or what Microsoft will think of a third party software that modify internet explorer?
Please specify software or browser extension which was installed together with DT product. I'll try to reproduce this issue.
Thank you in advance!
Dear Sway
First, let me thank you for publishing my message in full and uncensored, it is very rare nowadays on forums to be noted!
And thank you for answering so fast.
I tested it with Internet Explorer 10.
Unfortunately, I can not say exactly which version because it was there a few months
(I try to install again your software few days ago but when I see "Adware or PUA detected" by Sophos, I just stop the setup because I thank that the problem I have met a few months earlier is still not resolved).
I'm sorry, I did'nt think to take screenshots to show you the changes made to my browser by the software "Somoto better installer" at the time.
I did not really want to try again today because the problem is hard to properly fix and i like to have a clean computer.
If you'll update your software in a near future to make Somoto better installer not appear on hard disk when we launch the setup, thank you to inform us.
I think the community will be very grateful if you fix this.
Respectfully, Gosu User.
We process personal data about users of our site, through the use of cookies and other technologies, to deliver our services, personalize advertising, and to analyze site activity. We may share certain information about our users with our advertising and analytics partners. For additional details, refer to our Privacy Policy.
By clicking "I AGREE" below, you agree to our Privacy Policy and our personal data processing and cookie practices as described therein. You also acknowledge that this forum may be hosted outside your country and you consent to the collection, storage, and processing of your data in the country where this forum is hosted.
Tweet
Comment