Spyware, Viruses, & Security forum

General discussion

The Download File for Advanced System Care has a Trojan!

by CattRose / November 4, 2009 10:07 AM PST

McAfee SiteAdvisor has found "Exploit-ObscuredHtml trojan" in the download file for Advanceed System Care (asc-setup.exe). I almost downloaded it before I knew anything about this, and the only reason why I became aware of the Trojan is because when I went to IOBit's website, the SiteAdvisor out of nowhere flashed red.


IOBit also has just been accused of stealing MalwareBytes database for another program they have.

It seems as of now IOBit is very unsafe to download from. Shouldn't CNET do something about this since they advertise how safe their site's downloads are? Is their staff aware of this threat?

Post a reply
Discussion is locked
You are posting a reply to: The Download File for Advanced System Care has a Trojan!
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: The Download File for Advanced System Care has a Trojan!
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Iobit...
by Marianna Schmudlach / November 4, 2009 10:40 AM PST
Collapse -
That's good...
by CattRose / November 4, 2009 11:29 AM PST
In reply to: Iobit...

I'm glad it's being reviewed. If one program they have has a trojan, and another program they have is made up of stolen data, then who knows about the other programs they have to download...

Collapse -
trojan from Iobit download
by davidwholt / November 5, 2009 9:38 AM PST

First, let's look at this McAfee trojan detection.

http://m8software.com/***/mcafee.htm
<snip>
To the best of our knowledge, there is no such thing as the "Exploit-Obscure.HTML" Trojan. McAfee have arbitrarily decided to delete any file they find containing both HTML and non ASCII characters just in case it might be a trojan.
<snip>

Hardly reason to ban Iobit from CNET
and connect this to MalwareByte's as yet unsubstantiated allegation.

Maybe wait and see what all the facts are
before we decide Iobit is the anti-Christ of software?

Collapse -
About that
by CattRose / November 5, 2009 12:37 PM PST

I just want CNET to review the program again, that's all.

And Malwarebytes' has a lot of proof for their case. I guess only time will tell...

And though this might make me considered a hypocrite, I love their software Smart Defrag. I don't want the negative rumors of IOBit to be true either.

Collapse -
Did you know you cannot uninstall it?
by Chigal48 / January 11, 2010 9:57 AM PST

I've tried and there's no way to get iobit.com toolbar off your computer.

Collapse -
Trojan or not, I won't use Iobit until they come clean
by dizzyqueen / November 27, 2009 2:15 PM PST

Whether this is a valid trojan issue or not doesn't matter to me. Iobit's theft of data from another company puts all of Iobit's products off limits to me. Why should I support criminal activity? Besides, if this indicates their corporate culture, then end user BEWARE!

Collapse -
In Response to 'Until They Come Clean'..
by Carol~ Moderator / November 28, 2009 12:22 AM PST

dizzyqueen..

I'm ONLY posting this as an "informational piece". Maybe with a slight bent to it. Plain Keep in mind, the original allegations against IOBit. Ten days after IOBit's postulations of no wrongdoing, they seemed to have "changed their tune". Or at least that's my interpretation.

On November 3rd, the following (in part) was posted at IOBit's Blog:

'In consideration of Malwarebytes? fallacy and calumniation, and its terrible effect to our company, products and reputation, we hereby demand that Malwarebytes immediately discontinue to spread all rumors regarding this issue. Otherwise we will consider all appropriate action to protect our legal rights.' I construe 'appropriate actions', to mean they would consider taking legal action. (I may be wrong)

Unless, by "appropriate action to protect themselves", they meant what was in their latest (and last) declaration issued on November 13th:

The Latest Declaration from IObit

'........Due to the serious flaws and defects of our sample submission system and management, the old database includes malware names from non-IObit data sources. We are willing to face all of the problems and take responsibility for the disputes.'

They further go on to say, '...We have apologized for all the inconvenience, meanwhile, we have taken immediate actions to remove all disputed data and updated the whole database online on November 3.'

I don't know if you consider this "coming clean", but read it for yourself and decide.

With a slight bent...
Carol

PS: In fairness to IOBit, I should have included an important statement made, as part of their declaration on November 3rd:

'IObit Security 360 scans faster, detects and removes more malware than any other anti-malware vendors, including Malwarebytes. Why a superior vendor need steal database from a lower-class one?' Devil

Collapse -
I give - I'm going back to Iobit
by dizzyqueen / December 22, 2009 4:36 AM PST

Thank you Carol, for taking time to research this and respond to my post. I appreciate it.

Well, I've been trying other products and they just can't replace what Iobit does with Advanced System Care. I can't find any that make it as easy to verify registry errors with HijackThis.de, which has saved me (a dangerous novice) from deleting essential registry items.

I've read Iobit's statement posted on their forum at http://forums.iobit.com/showthread.php?t=4807 and I'm satisfied with their explanation. That, plus your reference to their Nov. 13 statement assures me that they are taking this seriously. I now believe there was no criminal intent involved. Should Malwarebytes sue Iobit and win, I'll have to take that back. But for now, my computer NEEDS ASC! LOL!

Cheers,
Izzy

If the link is disabled, just type in without the spaces: http:// forums. iobit.com /showthread.php?t=4807 ]

Collapse -
All Things Considered...
by Carol~ Moderator / December 23, 2009 3:49 AM PST

lzzy..

Sounds like you have your mind made up. Especially so, because "your computer NEEEEDS ASC!" Grin I'm not going to try to convince you otherwise. Please know, I have nothing against ASC, per se. I would only ask you to consider one thing.

You wrote: "I can't find any that make it as easy to verify registry errors with HijackThis.de, which has saved me (a dangerous novice) from deleting essential registry items". Wouldn't you want to make sure the scanner is up-to-date and accurate?

It goes without saying, the best (and recommended) way of having a HijackThis log analyzed, is in the hands of a trained expert. With THAT said, if you feel you must use a log analyzer, I strongly suggest you go directly to http://www.hijackthis.de/ , instead of using the analyzer built into ASC.

While HijackThis.de is intergrated into ASC, it's not their's. They're only using the service. The site itself, affords you more accurate and up-to-date results. It's not perfect by any means, but it might prevent you from removing a critical or important file. Something you would be more apt to do, with the integrated scanner. I don't say this lightly, as I've witnessed the damage first hand. Not on my system, but one I maintain. Please consider this.

As far as the Malwarebytes' and IObit controversy is concerned, you might want to read this. It's the most unbiased "take" of the situation, I've read thus far.

Good luck! And have a great holiday season.
Carol

Collapse -
Hijack This vs. Malwarebytes
by dizzyqueen / December 31, 2009 2:55 AM PST

Thanks, Carol,

I didn't see your post until after I responded to David's post. On the HijackThis.de site, I don't see an option to scan. I did find TrendMicro's version of HijackThis on CNET and did my usual procedure - I list the user ratings by most negative. After I weed out people who are generally disgruntled about everything, I read the CONS from those who appear to know something about the issue. While on that page, I noted that the most popular anti-malware download via CNET is Malwarebytes. Is their registry evaluation as good as HijackThis, and is it useful for people like me who don't read registry entries very well?

As far as Iobit and Malwarebytes, I've decided to let the courts sort that out. Thanks for the link to the article.

Thanks,
Izzy

Collapse -
Apples vs Oranges
by Carol~ Moderator / December 31, 2009 5:54 AM PST

Hi lzzy..

'On the HijackThis.de site, I don't see an option to scan.'

HijackThis.de is an automated system, which was set up to analyze logs, after downloading and scanning with the HijackThis utility. The utility generates a log, which would then be copied and pasted, where indicated at the site. Read Trend's HijackThis Overview. It should give you, a better idea of what HJT does and how it works.

I still feel the need to stress, that the recommended way of having a log analyzed is by going to a support forum, with trained analysts. The analyzer was only meant to supply "additional support". The forums also make use of various other tools, when HJT (or even MBAM) can't do the job. An automated scanner can't do the same thing. Be it the one built into ASC, or the site itself.

When referring to Malwarebytes' Anti-Malware, you wrote 'Is their registry evaluation as good as HijackThis, and is it useful for people like me who don't read registry entries very well?'

I likened HJT and MBAM to apples and oranges, only because they were meant to be used in different ways. Malwarebtyes' Anti-Malware scans your system, evaluates the results and indicates what needs removal. HJT generates a report of registry and file settings. It doesn't determine what needs removal, as MBAM does. Each accomplishes something different, depending on the problem. But for the most part, I think MBAM does a very good overall job. HJT wasn't designed to be a registry cleaner. Hopefully, you'll rarely (if ever) have a need for it.

With ALL the above said, I know you're fond of ASC and it's works for you. That's the most important thing! It truly is.

My last 25

Collapse -
diagnostic software
by davidwholt / December 23, 2009 7:44 AM PST

Nowhere near as profound a post as Carol's latest link,
but have you considered Ccleaner or Glary Utilities
as alternatives to ASC?

Don't they all offer competing capabilities?

FWIW I also use Iobit 360 and Smart Defrag,
I'm not boycotting them.

Collapse -
CCleaner, Glary Utilities
by dizzyqueen / December 31, 2009 2:35 AM PST
In reply to: diagnostic software

Thanks, David.

I have used CCleaner for some time as an alternative and am happy with it. I just downloaded Glary Utilities last week on my new Windows 7, so I need some time to know how well that works for me.

The one most helpful thing about AWC for me, not a novice but not a pro, is the ability to copy/paste the registry item it detects to HijackThis.de, which shows what the registry key does, other users' rating of how safe it is, etc. That has saved me from deleting essential registry items. None of the other utilities I've found so far allow the ability to copy/paste the "suspect" registry entries that are found.

Collapse -
have used both
by jimbo7535 / October 24, 2016 6:44 AM PDT

and that just not true Malwarebite is one of the best as reflexed in most tech magazines

Collapse -
the Iobit Toolbor won't disappear it won't delete!!!
by Chigal48 / January 11, 2010 3:41 PM PST

Oh my god, I updated smart degrag and the doggone toolbar came with it. I can't get rid of it. And the support people won't reply to my emails.

Collapse -
The Iobit file is "defragsetup.exe"
by Chigal48 / January 11, 2010 3:45 PM PST

How do I find it in the Vista O/S?

Collapse -
remove toolbar
by davidwholt / January 11, 2010 8:21 PM PST
Collapse -
I think it's gone
by Chigal48 / January 11, 2010 9:16 PM PST
In reply to: remove toolbar

I used Revo Uninstaller Pro to remove Firefox, which I'm not using again. I think the toolbar is gone with Firefox.

It wouldn't uninstall from FF. Using Chrome and IE again.

Collapse -
managing browser toolbars
by davidwholt / January 12, 2010 5:30 AM PST
In reply to: I think it's gone
Collapse -
I can't explain what happened
by Chigal48 / January 12, 2010 6:23 AM PST

So to answer your question, I cannot answer your question.

Collapse -
ASC IMF.exe ws2_32.dll
by cricket_three / September 4, 2015 9:26 AM PDT

When I was doing a routinely maintenance on my laptop I decided to try cleaning the registry using ASC tools. After that my machine became unstable and I uninstall Asc, as well as Malware Fighter, it became even worse. Then I downloaded a new version of both trying to reinstall. My machine is now a total mess with system files corrupted.
I have now to format the HD and loose very important data which after reading this article I believe is compromised.
I'm feeling very sad, because they are work of years.

Collapse -
Where's the backups? EDITED!
by R. Proffitt Forum moderator / September 4, 2015 12:14 PM PDT
In reply to: ASC IMF.exe ws2_32.dll

DON'T FORMAT YET. Copy your files out before you wipe the drive.

Hard drives fail, a slip of the mouse and file vanish.

There long discussions about these cleaners but no moderator here uses them.

Post was last edited on September 4, 2015 12:19 PM PDT

Collapse -
Advanced System Care Has Win32/Deceptor.AdvancedSystemCare.A
by rod-1954 / March 6, 2017 4:22 PM PST

ESET just found the above virus and deleted the program...
F:\Advanced System Care 10 Pro 14 month\advanced-systemcare-setup.exe » INNO » {app}\ASC.exe - Win32/Deceptor.AdvancedSystemCare.A application - cleaned by deleting [1]

Collapse -
Advanced System care.
by Dafydd Forum moderator / March 6, 2017 4:31 PM PST

Avoid at all costs.
Dafydd.

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

GIVEAWAY

We are giving away 'Black Panther' swag!

Four lucky readers will be taking home *Marvel*ous "Black Panther" prizes, including magazines autographed by the King of Wakanda himself! Giveaway ends Feb. 25, 2018.