Announcement

Collapse
No announcement yet.

Spyware in Daemon Tools Lite installer?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #31
    We'll try to figure out and fix this problem. In any case, you can temporarily disable your Internet connection while installing DT to prevent any additional software installation.

    Comment


    • #32
      F U Daemon Tools!!!!!

      I've read your lame excuse about not having control about what your partner SOMOTO or whoever else might be does with your install.
      LAME.
      LAME.
      LAME.
      As far as I'm concern, after downloading Daemon Tools Light from a link fro YOUR website and then installing YOUR software - THERE WAS ABSOLUTELY NO OPTIONS, WARNINGS, OR OTHER CHOICES for software installation - the setup simply went through and installed god damn "DO SEARCHES" hijack.

      I'm an IT professional with 25 years in the field and it freaking took me a good hour to get rid of the damn thing!

      As far as I can tell - DEAMON TOOLS LITE IS A VIRUS SPREADING outfit.

      Instead of pointing fingers, Deamon Tools, take control of your distribution, morons. Your suggestion to "temporary disable internet" for the installation is borderline moronic and idiotic as no self-respecting company or admin would do. How about YOU fix your software by making sure no spyware get packaged with it!!!!


      I'll spread the word, imbeciles.

      Comment


      • #33
        Bullsh*t there was no recommendation, I denied the ones there were and still got "Do Searches" as my homepage and search engine.

        Comment


        • #34
          SO C A N C E L YOUR AGREEMENT WITH SOMOTO. GRAB A BRAIN YOU'VE GOT PAGES AND PAGES OF FORMER CUSTOMERS PISSED OFF AT YOU.

          Originally Posted by Sway View Post
          Dear g836847,

          According to the agreement with Somoto, we are not able to make an impact on which offer is shown for a certain user and how it behaves. We just show the offer page in our DT installation wizard. During our tests, we didn't meet any harmful software or software which can be installed in spite of user's rejection. Please be attentive during installation.

          We appreciate your awareness!

          Comment


          • #35
            For all affected, visit this page for tools and instructions on how to remove the damn thing:

            Remove "Do Searches" hijack (Virus Removal Guide)

            Comment


            • #36
              Originally Posted by MasterVal View Post
              ...THERE WAS ABSOLUTELY NO OPTIONS, WARNINGS, OR OTHER CHOICES for software installation - the setup simply went through and installed god damn "DO SEARCHES" hijack.
              We've reproduced very few cases where opting-out didn't work.
              But afaik not a single case where the opt-out screen didn't come up at all.
              We have no way to prove you got the opt-out screens and you've no way to prove you didn't - unless you just happened to be recording your screen at the time.
              Originally Posted by MasterVal View Post
              ...as no self-respecting company or admin would do.
              It's exactly the other way round.
              But in avoidance of injured pride you can do a silent installation as mentioned here.
              Many IT professionals do it that way.
              Last edited by Terramex; 07.11.2013, 16:39.
              I'm not employed by Disc Soft and my views do not necessarily reflect the ones of the company.

              Comment


              • #37
                Originally Posted by Terramex View Post
                It's exactly the other way round.
                But in avoidance of injured pride you can do a silent installation as mentioned here.
                Many IT professionals do it that way.
                Did you read the entire sentence? Did I mention a silent install anywhere? It appears that all you were looking for is a plug to shine in with your "silent installation" "skills" and a link.

                Once again: Your suggestion to "temporary disable internet" for the installation is borderline moronic and idiotic as no self-respecting company or admin would do.

                Show me an installation manual of a major software company that says "disable internet before installing our software".

                Comment


                • #38
                  Originally Posted by MasterVal View Post
                  I'm an IT professional with 25 years in the field and it freaking took me a good hour to get rid of the damn thing!
                  Originally Posted by MasterVal View Post
                  How about YOU fix your software by making sure no spyware get packaged with it!!!!
                  Originally Posted by MasterVal View Post
                  Did you read the entire sentence? Did I mention a silent install anywhere? It appears that all you were looking for is a plug to shine in with your "silent installation" "skills" and a link.

                  Once again: Your suggestion to "temporary disable internet" for the installation is borderline moronic and idiotic as no self-respecting company or admin would do.

                  Show me an installation manual of a major software company that says "disable internet before installing our software".
                  Being an IT professional with 25 years in the field, you should know that "Do Searches" mentioned above is not a spyware. DAEMON Tools software does not contain any spyware.

                  Moreover, we've checked the case with "Do Searches". When all proper options are disabled, nothing is installed against user's choice. So, be attentive please.

                  Concerning silent installation and disabling internet, this is only the alternative. It's all up to you You can you this method if you don't want to care about additional options during installation.

                  Comment


                  • #39
                    Final remark

                    Next time simply read the EULA - another thing many IT professionals (should) do in a business environment.
                    That way you would have also learned the requirements for using a free license, and furthermore about the presence of third party software (which doesn't come into use with a paid license).

                    P.S.: maybe someone installed a burst fire script
                    I'm not employed by Disc Soft and my views do not necessarily reflect the ones of the company.

                    Comment


                    • #40
                      Originally Posted by Terramex View Post
                      Next time simply read the EULA - another thing many IT professionals (should) do in a business environment.
                      That way you would have also learned the requirements for using a free license, and furthermore about the presence of third party software (which doesn't come into use with a paid license).

                      P.S.: maybe someone installed a burst fire script
                      Well I have purchase the full version of Daemon Tools Ultra and Eset detect a virus in the installation files and also on web site connection. So virus is detected even if not install

                      Journal de l'analyse
                      Version de la base de données des signatures de virus : 9086 (20131123)
                      Date : 23/11/2013 Heure : 12:05:00
                      Disques, dossiers et fichiers analysés : E:\Download\DAEMONToolsPro540-0377.exe
                      E:\Download\DAEMONToolsPro540-0377.exe = NSIS = Script.nsi - Win32/DownWare.L application potentiellement indésirable
                      E:\Download\DAEMONToolsPro540-0377.exe = NSIS = Script.nsi - Win32/DownWare.L application potentiellement indésirable
                      Nombre d'objets analysés : 102
                      Nombre de menaces détectées : 1
                      Nombre d'objets nettoyés : 1
                      Heure d'achèvement : 12:05:17 Temps d'analyse total : 17 s (00:00:17)

                      Remarques :
                      [1] L'objet a été supprimé, car il ne contenait que le corps du virus.

                      So you should removed these garbadge from the retail version we paid to make youre living !

                      Comment


                      • #41
                        Please keep in mind that the "virus" (=Adware) doesn't come into play at all for paid licenses.
                        The temp files extracted from the installer (=your Eset findings) will be deleted after the DT Pro/Ultra installation is completed.
                        Last edited by Terramex; 11.12.2013, 20:35.
                        I'm not employed by Disc Soft and my views do not necessarily reflect the ones of the company.

                        Comment


                        • #42
                          So, is Sway saying that Conduit and Babylon are customers? These are known and aggressive malware that takes over your search. Please confirm this because no one will ever use Daemon again.



                          Originally Posted by bpz2 View Post
                          Thanks for your reply Sway.



                          Maybe I was not specific but after the alert I already ran Daemon Tools Lite installer in Wireshark and this list about my system is sending to nsis.bisrv.com -

                          Code:
                          installer_data={"uid":"B43DE587EB164BCFB239BCDE74CD65D0","muid":"af80b63072ef4fa6b059bd38b2d723d0","affid":"daemontoolslite","sid":"daemontoolslitemdma","installerVersion":"2.0.0u","osVersion":"6.1.7601 64bit","ieVersion":"9.0.8112.16421","ff_installed":"0","ff_version":"","ff_default_homepage":"not_found","ff_is_default":"0","ie_installed":"1","ie_version":"9.0.8112.16421","ie_default_homepage":"","ie_is_default":"1","chrome_installed":"0","chrome_version":"","chrome_default_homepage":"not_found","chrome_is_default":"0","opera_installed":"0","opera_version":"","opera_default_homepage":"not_found","opera_is_default":"0","safari_installed":"0","safari_version":"","safari_default_homepage":"not_found","safari_is_default":"0","couponamazing":"false","couponamazing_check2":"false","couponamazing_check3":"false","default_browser_not_chrome":"null","default_browser_not_chrome_xp":""C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome","addlyrics":"false","FiftyonRED_2":"false","FiftyonRED_3":"false","FiftyonRED_4":"false","FiftyonRED_5":"false","firefox_version_not_8_to_12_XP":"null","firefox_version_not_8_to_12_Win7":"null","default_browser_ff_1":""C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome","default_browser_ff_2":"null","default_browser_not_ff_1":""C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome","default_browser_not_ff_2":"null","CouponCaddy_1":"false","CouponCaddy_2":"false","CouponCaddy_3":"false","sdp":"false","iminent_32bit":"false","iminent_64bit":"false","dotnet_4":"1","conduit":"false","babylon":"false","claro":"false","incredibar_1":"false","incredimail":"false","incredimail_2":"false","fixie":"false","incredibar_post":"false","pcfixspeed":"false"}


                          It is downloading the files bitool.dll from nsis.bisrv.com and bi_downloader.exe and installercdn.filebulldog.com with Riskware.Win32.Somoto.AMN without asking. I checked the signature like you said and one is not signed and one is signed by Somoto, so it is not a false positive.

                          Is this riskware supposed to be there? It is not even mentioned.

                          Comment


                          • #43
                            Originally Posted by Sway View Post
                            DAEMON Tools Lite is absolutely free for personal use. We have several legal partners to monetize our freeware. SOMOTO is one of these partners. Such services recommend users to install 3rd party software (toolbars, search engines or some useful software) during DAEMON Tools Lite installation. BUT it is absolutely optional. You can uncheck appropriate options in installation wizard, and nothing will be installed together with DAEMON Tools Lite. Also you can disable your Internet connection during installation to prevent any offers. And of course, paid version of DAEMON Tools Lite does not contain any partner offers.
                            Well, maybe you all need to have a talk with your Somoto friends because I know I unchecked everything and clicked cancel when that window popped up, and MalwareBytes is detecting 3 PUPs in my Temp folder, and they're all from Somoto. I haven't scanned the rest of my system, but I expect Somoto found a way of installing more than just in the Temp folder. Perhaps they have your source code and are somehow inputting a line or two that tells it to install their software or in some other way introduce it to the machine installing your Daemon Tools Lite.

                            If it's a simple matter of the install files are still copied to the Temp folder regardless of whether I choose to accept it, well, it's still fishy, and it doesn't provide a positive company image.

                            Comment


                            • #44
                              Disgusting Tactic

                              Originally Posted by MasterVal View Post
                              F U Daemon Tools!!!!!

                              I've read your lame excuse about not having control about what your partner SOMOTO or whoever else might be does with your install.
                              LAME.
                              LAME.
                              LAME.
                              As far as I'm concern, after downloading Daemon Tools Light from a link fro YOUR website and then installing YOUR software - THERE WAS ABSOLUTELY NO OPTIONS, WARNINGS, OR OTHER CHOICES for software installation - the setup simply went through and installed god damn "DO SEARCHES" hijack.

                              I'm an IT professional with 25 years in the field and it freaking took me a good hour to get rid of the damn thing!

                              As far as I can tell - DEAMON TOOLS LITE IS A VIRUS SPREADING outfit.

                              Instead of pointing fingers, Deamon Tools, take control of your distribution, morons. Your suggestion to "temporary disable internet" for the installation is borderline moronic and idiotic as no self-respecting company or admin would do. How about YOU fix your software by making sure no spyware get packaged with it!!!!


                              I'll spread the word, imbeciles.
                              While he may be vulgar, I completely agree with MasterVal. This is a disgusting tactic used by unscrupulous software developers. I will not only NEVER use any product made by this company, but I will actively speak out about why everyone else should avoid them, as well. I am a part time college student, I own my own PC repair business, and am very active in social media. I will do everything in my power to spread the word to my fellow students, professors, employees, clients, friends, family, and anyone willing to listen. Everyone needs to know how shady you guys are.

                              Like others have said, you need to stop pointing fingers and take responsibility for your own decisions. You've decided to partner with malicious software developers, not us. We will now decide to never do business with you, or any of your partners.

                              Comment


                              • #45
                                Originally Posted by southpointtech View Post
                                So, is Sway saying that Conduit and Babylon are customers? These are known and aggressive malware that takes over your search. Please confirm this because no one will ever use Daemon again.
                                Is this "issue" resolved?

                                Comment

                                Working...
                                X