Welcome Guest.   Make a donation to an author on the site April 19, 2014, 12:13:05 AM  *

Please login or register.
Or did you miss your validation email?


Login with username and password (forgot your password?)
Why not become a lifetime supporting member of the site with a one-time donation of any amount? Your donation entitles you to a ton of additional benefits, including access to exclusive discounts and downloads, the ability to enter monthly free software drawings, and a single non-expiring license key for all of our programs.


You must sign up here before you can post and access some areas of the site. Registration is totally free and confidential.
 
The N.A.N.Y. Challenge 2010! Download 24 custom programs!
   
   Forum Home   Thread Marks Chat! Downloads Search Login Register  
Pages: [1]   Go Down
  Reply  |  New Topic  |  Print  
Author Topic: Veoh crapware - its Web Player installs stealth virus  (Read 734 times)
bit
Supporting Member
**
Posts: 174


View Profile Give some DonationCredits to this forum member
« on: February 08, 2014, 05:56:32 PM »

At this location: download Veoh Player.
I'm in the US, and if I visit without a proxie, it says 'Oops! Google Chrome could not connect to www.softologic.com', and 'softologic download gkcmr'.
If I use a proxie to go to the download page, then it offers the download.
Upon downloading, if I scan it with malwarebytes, it says there is a PUP, or 'Potentially Unwanted Program' (i.e. actually, it qualifies as a 'virus' in my book), so I told it to delete the PUP and the Veoh Player download disappeared.

If I go to CNET and download it from there, scans come back 'clean', but when I prepare to install, it tells me that using normal install I 'agree' to allow the installation of some offbeat search engine, change my home page in IE, Firefox, and Chrome, and prevent changing back of my home page.
I didn't have to scan further, I just deleted it.

So what's the deal? Why am I being blocked from accessing the Veoh Player from America?
Is there a 'clean' version of the Veoh Player download that isn't infested with a PUP?



« Last Edit: February 09, 2014, 12:30:35 PM by bit » Logged
40hz
Supporting Member
**
Posts: 9,858



A'Tuin

see users location on a map View Profile Read user's biography. Give some DonationCredits to this forum member
« Reply #1 on: February 08, 2014, 07:11:24 PM »

Suggest reading the Wikipedia entry for Veoh. There's a whole section on countries it's blocked on. Veoh had more than its share of legal issues (being somewhat ahead of its time when it came out) because the content providers weren't ready for it. 
Logged

Don't you see? It's turtles all the way down!
bit
Supporting Member
**
Posts: 174


View Profile Give some DonationCredits to this forum member
« Reply #2 on: February 08, 2014, 11:53:13 PM »

Thank you, I sort of see what they mean.
Veoh is bad news. From wikipedia;
https://en.wikipedia.org/wiki/Veoh

"Included with recent installations of Veoh is a program called OpenCandy, which some security programs, including Microsoft Security Essentials, classify as adware. It also installs Delta Search, setting all the user's browsers to use an ad and tracking-loaded search engine without prompting for user confirmation."

"Veoh restricts users from playing full-length videos on Veoh.com, unless the Veoh Web Player is installed within their browser. The player also enables users to download video from Veoh.com and other websites."

A.K.A. 'adware', or PUP (Potentially Unwanted Program).

Veoh's Web Player and its unannounced hijacking of your home web page through stealth installation of a PUP, is very 'impolite', as a friend puts it.
Veoh's squeaky clean mainstream image puts you off your guard, then hits you below the belt.
I've retitled this thread to something that seems a little more appropriate: 'Veoh Web Player installs stealth virus'.

And here is one good place to go to deal with the 'virus infection' (it's not a PUP in my book), after uninstalling Veoh's crapware; http://malwaretips.com/blogs/trovi-com-removal/
« Last Edit: February 09, 2014, 01:42:10 AM by bit » Logged
tomos
Charter Member
***
Posts: 8,059



see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #3 on: February 09, 2014, 07:00:17 AM »

"Included with recent installations of Veoh is a program called OpenCandy, which some security programs, including Microsoft Security Essentials, classify as adware. It also installs Delta Search, setting all the user's browsers to use an ad and tracking-loaded search engine without prompting for user confirmation."

to be fair, OpenCandy facilitates the installation of additional toolbars/software, but is not in and of itself adware. Lots of very 'respectable' apps use it these days. If the settings are install by default - without asking the user, I dont think that's acceptable, but otherwise it's the price we pay for the freeware craze. See e.g. this post here http://www.donationcoder....18297.msg164027#msg164027. Ren has also posted very positively about it from the developer POV.

As to what Veoh installs and it's settings during install, I have no idea and no comment beyond repeating: If the settings are install [additional software/toolbars] by default - without asking the user, I dont think that's acceptable.
Logged

Tom
tomos
Charter Member
***
Posts: 8,059



see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #4 on: February 09, 2014, 07:05:30 AM »

I'm not sure whether it qualifies for the title "stealth virus".**
Then I read that Delta Search is "an ad and tracking-loaded search engine" and thought, yeah, "stealth virus" is maybe okay.

.. but then I thought - that's actually a good description of google - ironic innit? cheesy


** see http://en.wikipedia.org/w..._virus#Stealth_strategies
no I dont think it qualifies for that description.

Edit/ and, no, I'm not defending it. But do think that (especially in a software community) it's important to be accurate.
Logged

Tom
bit
Supporting Member
**
Posts: 174


View Profile Give some DonationCredits to this forum member
« Reply #5 on: February 09, 2014, 03:02:33 PM »

^You've got a point.
My complaint is directed at Veoh, not OpenCandy.

At the above link at 'Remove Trovi Redirect'.
The clean-up includes running four different anti-malware tools, in the following order (quote);
How to remove Trovi.com Homepage – Virus Removal Guide

This page is a comprehensive guide, which will remove Trovi.com from your Internet Explorer, Firefox and Google Chrome.
Please perform all the steps in the correct order. If you have any questions or doubt at any point, STOP and ask for our assistance.
STEP 1: Remove Trovi.com browser hijacker from your computer with AdwCleaner
STEP 2: Remove Trovi.com from Internet Explore, Firefox and Google Chrome with Junkware Removal Tool (JRT).
STEP 3: Remove Trovi.com malicious files with Malwarebytes Anti-Malware Free
STEP 4: Double-check for the Trovi.com infection with HitmanPro
(end quote)

These are fantastic programs, and really do a job on PUPs and other unwanted items.
HitmanPro gave a free one-time trial run and cleaned out a few other things as well.
But like it says, you have to follow the above steps in correct order, and now I have all four.
« Last Edit: February 10, 2014, 03:23:39 AM by bit » Logged
Curt
Supporting Member
**
Posts: 6,258

see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #6 on: February 11, 2014, 04:19:05 PM »

... without a proxie, it says 'Oops! Google Chrome could not connect to www.softologic.com', and 'softologic ...

info:
softologic.com is "InstallBrain" (no wiki), not "OpenCandy".

Both are repeatedly said to be harmless on their own, but to me InstallBrain is too dodgy (although not "dangerous") to stay on my computer. I have a couple of times had OpenCandy installed, when I was testing some program, and I saw nothing dangerous happen.
Logged
tomos
Charter Member
***
Posts: 8,059



see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #7 on: February 11, 2014, 04:51:14 PM »

^If I understand correctly, OpenCandy does not install at all - it is, or becomes, part of the installer, and facilitates the installation of something(s)-you-should-probably-avoid ;-)
Logged

Tom
Pages: [1]   Go Up
  Reply  |  New Topic  |  Print  
 
Jump to:  
   Forum Home   Thread Marks Chat! Downloads Search Login Register  

DonationCoder.com | About Us
DonationCoder.com Forum | Powered by SMF
[ Page time: 0.042s | Server load: 0.99 ]