ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

Google Books Downloader - WARNING - contains search hijack "arccosine.com"

<< < (2/3) > >>

PhilB66:
Thank you for the warning, IainB.

Google Books Downloader Website is at http://www.gbooksdownloader.com/. I thought CodePlex is for hosting .Net programs only. I guess not.

The installer has an opt out option though. Select 'custom' installation and deselect "arccosine". Sneaky, I know.

As for the program itself... it does download complete books (the free ones) and can convert them to other formats then just .pdf.

Btw, when I try to go to the CodePlex page I get a message about security certificate errors. Also, the installer is not digitally signed.

Stephen66515:
you forgot to upload the image attachment : :(
[ ERROR: SPECIFIED ATTACHMENT MISSING ]
--- End quote ---
-Stephen66515 (March 19, 2012, 06:21 PM)
--- End quote ---
Crikey, that was fast!
-IainB (March 19, 2012, 06:27 PM)
--- End quote ---

Thats what my wife said  ;D

Oh...wait... :huh:

 :(  :redface:

IainB:
Well, I downloaded the proggy and the hijack from Codeplex, and I didn't notice any "options" for getting the hijack during install.
By the looks of things, neither did any of the people posting in the Mozilla Help forum on this subject.

After @wraith808's suggestion that I post to Codeplex, I registered there, then registered and at the Mozilla forum also.
When I tried to post to Codeplex (after registering/confirmation), I just could not get in. After messing about for ages, I decided that they must have a broken/moronic front end on the sign-in page, and, not wishing to waste any more time on the matter I abandoned the attempt.
After that, I successfully made a post to the Mozilla Help/Support forum.

Google Books Downloader Website is at http://www.gbooksdownloader.com/. I thought CodePlex is for hosting .Net programs only. I guess not.
The installer has an opt out option though. Select 'custom' installation and deselect "arccosine". Sneaky, I know.
As for the program itself... it does download complete books (the free ones) and can convert them to other formats then just .pdf.
Btw, when I try to go to the CodePlex page I get a message about security certificate errors. Also, the installer is not digitally signed.
-PhilB66 (March 19, 2012, 07:16 PM)
--- End quote ---
Yes, well, evidently I didn't get the download from gbooksdownloader.com. I am disgusted by this in any event, because packing a scam hijack into a download either with or without a warning is categorically wrong in my book.

EDIT: Against my better judgement (I have wasted far too much time on this subject already), I have also emailed the contact point at the Google Books Downloader Website at http://www.gbooksdownloader.com/
Thanks for providing their link.
Yes, I know GBD outputs into other formats too, but I wasn't doing a review of the product and so omitted to mention its other features. All I was interested in was the .PDF output.
Anyway, I think I can guarantee that, after this experience, I shall never knowingly use this nor any product they might be peddling in the future.

Yours,
        Disgusted.

wraith808:
Update: from the codeplex team...


Hi -

Thanks for contacting us.

We have escalated this request to our next level support team.
As soon as this has been completed, you will be notified.

Thanks -
Hengzhe Li

--- End quote ---

Another update:
Thanks for reporting.  I have unpublished the project.
 
Thanks,
Jonathan

--- End quote ---

Patriciann:
 >:( I got taken in by this 'bugger' also.  


I wanted to read a Google Book off line and downloaded a Good Book reader and it changed my home page to ‘arccosine.com’ which gave me a ‘Google Search’ screen ‘look-a-like’  I changed my homepage back to Google search and then discovered my wireless internet connection had been changed from ‘public’ to ‘home’ creating an unsecured internet connection.  I switched it back to ‘public’ and went looking into my ‘Services’ to see if anything ‘popped’ out at me as unusual.  I don’t know enough about how computers work but am trying to learn.  

I downloaded an application called ‘GooReader’ and think this may be where the ‘infection’ came from as it offered several services I have never even heard of before and I did not opt into any of them.  By the time I was finished with the screens they presented offering all of these unwanted services I began to notice ‘changes’ made to my computer.  The name of signer on this ‘GooReader’ is “Solimba Aplcaciones SL” The time stamp is Wednesday March 12, 2012.  I have searched for this in my registry – no show.  I have searched for this in my installed programs – no show.  When I clicked on the application again it let me know it was already installed and asked if I want it to reinstall.  I closed the dialog box and decided this is ‘bad news’.  Can someone guide me through the process of figuring this out?  I ran McAfree and it showed all clear.  

Two individual ‘Diagnostic System Host’ (WdiSystemHost) are listed in ‘Services’ – One has me locked completely out and one I can modify.
I downloaded the ‘SvchostAnalyzer’ from A&M Neuber Software and it gave two warning instances as follows:
Process: svchost.exe
ID: 1900
File Access is denied, Run program as Administrator!
Group: No Microsoft file
Services: 0

The second instance which showed up later appearing along with this one:
Process: svchost.exe
ID: 8664
File Access is denied, Run program as Administrator!
Group: No Microsoft file
Services: 0

How can I investigate if someone has ‘remote’ use of my computer?  What are the steps I need to follow to track this down?  Or what should I be looking for?
DcomLaunch has me frozen out.  

I don’t know enough about this subject to be of much good at tracking down what damage may have been done and what was ‘snagged’ from my computer and perhaps ‘sent’ to some unknown person.  Just very creepy and it takes a real CREEP to do this to people.  Time for me to learn what these JERKS are doing to us and how to intervene for our protection.  

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version