Tired of everytime I install calibre or do an update - Page 3

DiapDealer · 01-26-2015, 10:29 AM

Quote:

Originally Posted by cvkemp

I have found the issue. The issue was with google chrome allowing the adware to be installed when opening the calibre install page. This does not happen with IE nor does it happen on a linux OS with google chrome. So sorry but there is adware on the site and the issue is that chrome will not block it from being installed even when you set the security to prevent it.

I download the latest calibre from the official page using Chrome on Windows all the time. Never had any of my anti-malware software bark once about adware trying to be installed. And scans show that nothing HAS been installed on my PC on the sly. And I'd know, because I'm actually quite savvy.

eschwartz · 01-26-2015, 10:36 AM

Are you saying Google Chrome has a security vulnerability that allows an attacker to install software on your PC merely by browsing to a specific page?

... and that this is calibre's fault for using a common platform (Google Adsense I think) to deliver standardized ads which contain malware (delivered via Google no less)?

Anyway, I cannot replicate your success with malware...

darryl · 01-26-2015, 10:40 AM

Quote:

Originally Posted by cvkemp

I have found the issue. The issue was with google chrome allowing the adware to be installed when opening the calibre install page. This does not happen with IE nor does it happen on a linux OS with google chrome. So sorry but there is adware on the site and the issue is that chrome will not block it from being installed even when you set the security to prevent it.

Then please enlighten us. What is your basis for concluding that "there is adware on the site"? Why do you seem to be the only one who has encountered this mysterious adware? If you now have warnings that your software has blocked installation of adware from the Calibre site then I suspect your system still has problems. If you would like to post some screenshots we may be able to assist you.

eschwartz · 01-26-2015, 10:42 AM

Quote:

Originally Posted by cvkemp

even when you set the security to prevent it.

This part is confusing me.

I was not aware that you must set a security setting to prevent Google Chrome, or indeed any piece of non-malware software, from installing stuff on its own.

What security settings are these? I haven't seen them, even though I use Chrome quite a bit.

This sounds tremendously sketchy. But then, the whole thread does.

cybmole · 01-26-2015, 11:19 AM

if a site is serving up syndicated ads, i.e. if the site owner is letting a 3rd party choose & display the ads & does not know exactly what ad will be served at a specific time to a specific user, then yes there is a risk of rogue malware infested ads being delivered.

[ e.g. There's an on-going debate at virginmedia.com community forum about virginmedia.com ad-infested home pages servicing up rogue update flash ads & thus malware, to VM customers ( who have to visit that page when accessing webmail)
VM are a reputable company, most would agree, but seem to have no knowledge or control over what gets served up on their home page, according to the critics. ]

if google ad servers are involved then what they serve is related to whether google knows who is browsing and what it knows about that person, so the OP could be served ads that you & I are not served, all without Kovid or whoever runs the calibre download site begin any the wiser

I am not quite curious/rash enough to go visit the calibre download page with all my adblockers and AV disabled, but if someone is, perhaps they can "view source" & report back.

in the case we have here, we need to know what URL the OP is using, to check if that's the same one the rest of use use. then view source on that page will reveal exactly what goes on under the bonnet.

As for "set a security setting in chrome" - installing the adblock extension does block much of the malware infestations within ads, by blocking the ads. without such an extension it is very likely that chrome will happily display a rogue you need to update flash advert which leads to the installation of all sorts of crap for anyone who clicks OK.

DoctorOhh · 01-26-2015, 11:23 AM

Quote:

Originally Posted by cvkemp

I have found the issue. The issue was with google chrome allowing the adware to be installed when opening the calibre install page.

I would love to be able to replicate what you see, but as of now I can't. Exactly what adware is being installed? Knowing this might help us in our search.

@cybmole good point. Knowing the adware would most likely give us insight into the possible nature of this adware.

Until then the OP should simply bookmark one of the the alternate download pages and go there for updates.

JSWolf · 01-26-2015, 11:27 AM

Quote:

Originally Posted by cvkemp

I have found the issue. The issue was with google chrome allowing the adware to be installed when opening the calibre install page. This does not happen with IE nor does it happen on a linux OS with google chrome. So sorry but there is adware on the site and the issue is that chrome will not block it from being installed even when you set the security to prevent it.

f you really think there is an issue with Calibre's site causing Chrome to install adware, please find the place on the site that's doing it, gather all the evidence you can and pass that on to Kovid so he can deal with it.

But are you sure your Windows Chrome is not already infected and that infection is installing adware When you've removed the adware and then run Chrome?

eschwartz · 01-26-2015, 11:34 AM

Quote:

Originally Posted by JSWolf

Chrome is and always will be crap. I tried it and could not stand it. I use Firefox with plugins that protect from dodgy advertising. As an "IT Professional" you should know that Chrome is crap and to use Firefox if you want to be protected. I use Adblock Edge along with Ghostery and I do tot get crap installed.

IE is crap.

Chrome is a good browser that is incidentally less extensible than Firefox, which means I prefer Firefox. Also, it makes several stupid policy choices that make it less attractive.

Are you aware that the Chrome Webstore has a perfectly working port of AdblockPlus as well?
It also has Ghostery.

In short -- Chrome is just as safe as Firefox. The inferior Web Developer tools, restricted and artificially held back extensibility options (for "security") and simplifiedmoronified menubar, or lack thereof, makes it very much a casual-use browser IMHO.

cvkemp · 01-26-2015, 11:36 AM

Well I just removed chrome from a test box then installed calibre without an issue. This I know for sure it is chrome. I can install on a new box then install calibre and I will get the adware. But if I install calibre on a box using only IE I do not get the adware. So for now I am kissing chrome good bye.

cvkemp · 01-26-2015, 11:38 AM

I believe that IE was crap too but I will live with IE on windows and chrome on my Linux boxes. At least with Linux adware is not going to install. And I am not sure how that the adware is installing while I have windows set to not install anything with out me accepting it. But I will be testing that too.

DiapDealer · 01-26-2015, 11:49 AM

Quote:

Originally Posted by cvkemp

Well I just removed chrome from a test box then installed calibre without an issue. This I know for sure it is chrome. I can install on a new box then install calibre and I will get the adware. But if I install calibre on a box using only IE I do not get the adware. So for now I am kissing chrome good bye.

You still haven't given us the exact url you are downloading calibre from. And your terminology is a bit confusing. You don't "install" calibre using a browser on Windows. You download an installer package that you then execute locally.

When, exactly, in that process are you "getting" adware?
And how do you know you're getting adware?
Is your anti-malware software complaining about adware?
If so, what is it that your anti-malware software is saying is being installed?

Be specific, not vague.

eschwartz · 01-26-2015, 12:11 PM

Quote:

Originally Posted by cvkemp

I believe that IE was crap too but I will live with IE on windows and chrome on my Linux boxes. At least with Linux adware is not going to install. And I am not sure how that the adware is installing while I have windows set to not install anything with out me accepting it. But I will be testing that too.

Well, I sure hope adware won't install on your linux boxes. But maybe you should take pains to avoid Google's DNS and stuff, since clearly someone at Google is specifically targeting you to try installing malware on your computers (and they are incredibly sneaky...).

You seem to have a custom Chrome build that installs programs rather than merely being... a downloader.

icallaci · 01-26-2015, 12:14 PM

Quote:

Originally Posted by DiapDealer

And your terminology is a bit confusing. You don't "install" calibre using a browser on Windows. You download an installer package that you then execute locally.

IE lets you "Run" the installer without saving the installer package to disk first. That's how I install and update Calibre, and I've never had a problem with that method installing adware.

eschwartz · 01-26-2015, 12:18 PM

Chrome and Firefox do the same thing.

They all have the ability to launch a download using the system default file handler.

IE allows you to save to $TMP (windows equivalent, obviously

) to run it, Chrome not at all, and Firefox only if an app handles it, not for executables and MSIs... but you can always click on the downloaded file in the Downloads list and it is equivalent to double-clicking in Explorer.

BetterRed · 01-26-2015, 12:52 PM

@cvkemp - as others have said Chrome shouldn't be doing the install - msiexec.exe should do the install. Have a look at the file association for .msi files.

Here are the file sizes and checksums for the 32bit and 64bit msi files I have downloaded from the calibre downloads area.

Code:

32bit 60.8 MB (63,836,160 bytes)
CRC32     25893d5a
MD5	      80e2d2e15e130c4c759318f69d5a1c49
SHA-1     95fabe784521e9bd2b33fc7ce27fb8d79d7d0d08

64bit 66.2 MB (69,439,488 bytes)
CRC32    76c0e56f
MD5	    3537394c9213ed57c7974855d8208c51
SHA-1    c98c0b69be7ff001433be11cf06b28262fe26d7d

The 32bit 2.17 was downloaded within the past hour from http://calibre-ebook.com/download_windows using Chrome Version 40.0.2214.91 m (which is vanilla - ie no addons, extensions etc).

I double clicked C:\Downloads\From Chrome\calibre-2.17.0.msi to install it. Windows asked me if I trusted the source of the file - I clicked Yes and then Trusted Installer kicked in to do its job.

I then did scans with malewarebytes and adwcleaner, no malware was reported. I also ran a very aggressive malware removal tool which also found nothing (I wont name it because it can create havoc if used indiscriminately).

If the Windows install was done from a a third party slipstream then that is possibly the source of the problem. The safest way to reinstall Win7 is to download and install the official iso with the SP1 slipstream from MS, and then keep running Windows Update until it runs out of things to do - tedious to be sure, but safest for certain.

3rd party slipstream installs are notorious as vectors for malware.

BR

01-26-2015, 10:36 AM	#32
eschwartz Ex-Helpdesk Junkie Posts: 19,421 Karma: 85400180 Join Date: Nov 2012 Location: The Beaten Path, USA, Roundworld, This Side of Infinity Device: Kindle Touch fw5.3.7 (Wifi only)	Are you saying Google Chrome has a security vulnerability that allows an attacker to install software on your PC merely by browsing to a specific page? ... and that this is calibre's fault for using a common platform (Google Adsense I think) to deliver standardized ads which contain malware (delivered via Google no less)? Anyway, I cannot replicate your success with malware... Last edited by eschwartz; 01-26-2015 at 10:39 AM.

01-26-2015, 12:18 PM	#44
eschwartz Ex-Helpdesk Junkie Posts: 19,421 Karma: 85400180 Join Date: Nov 2012 Location: The Beaten Path, USA, Roundworld, This Side of Infinity Device: Kindle Touch fw5.3.7 (Wifi only)	Chrome and Firefox do the same thing. They all have the ability to launch a download using the system default file handler. IE allows you to save to $TMP (windows equivalent, obviously ) to run it, Chrome not at all, and Firefox only if an app handles it, not for executables and MSIs... but you can always click on the downloaded file in the Downloads list and it is equivalent to double-clicking in Explorer. Last edited by eschwartz; 01-26-2015 at 12:22 PM.

01-26-2015, 12:52 PM	#45
BetterRed null operator (he/him) Posts: 21,671 Karma: 29711016 Join Date: Mar 2012 Location: Sydney Australia Device: none	@cvkemp - as others have said Chrome shouldn't be doing the install - msiexec.exe should do the install. Have a look at the file association for .msi files. Here are the file sizes and checksums for the 32bit and 64bit msi files I have downloaded from the calibre downloads area. Code: 32bit 60.8 MB (63,836,160 bytes) CRC32 25893d5a MD5 80e2d2e15e130c4c759318f69d5a1c49 SHA-1 95fabe784521e9bd2b33fc7ce27fb8d79d7d0d08 64bit 66.2 MB (69,439,488 bytes) CRC32 76c0e56f MD5 3537394c9213ed57c7974855d8208c51 SHA-1 c98c0b69be7ff001433be11cf06b28262fe26d7d The 32bit 2.17 was downloaded within the past hour from http://calibre-ebook.com/download_windows using Chrome Version 40.0.2214.91 m (which is vanilla - ie no addons, extensions etc). I double clicked C:\Downloads\From Chrome\calibre-2.17.0.msi to install it. Windows asked me if I trusted the source of the file - I clicked Yes and then Trusted Installer kicked in to do its job. I then did scans with malewarebytes and adwcleaner, no malware was reported. I also ran a very aggressive malware removal tool which also found nothing (I wont name it because it can create havoc if used indiscriminately). If the Windows install was done from a a third party slipstream then that is possibly the source of the problem. The safest way to reinstall Win7 is to download and install the official iso with the SP1 slipstream from MS, and then keep running Windows Update until it runs out of things to do - tedious to be sure, but safest for certain. 3rd party slipstream installs are notorious as vectors for malware. BR

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Calibre Update/Install App for OS X	faraz	Related Tools	9	07-16-2015 05:28 PM
Calibre Install/Update Script for OS X	faraz	Calibre	2	11-11-2012 12:16 PM
Unable to update Calibre as original install file is missing?	El_Splendido	Calibre	1	08-24-2012 04:43 PM
calibre update 0.8.1 to 0.8.2 custom install directory	Dopedangel	Calibre	5	05-21-2011 01:15 PM
warning about 2.9.5 update install	xyzzy	iRex	3	04-26-2007 08:06 AM

01-26-2015, 11:19 AM	#35
cybmole Wizard Posts: 3,720 Karma: 1759970 Join Date: Sep 2010 Device: none	if a site is serving up syndicated ads, i.e. if the site owner is letting a 3rd party choose & display the ads & does not know exactly what ad will be served at a specific time to a specific user, then yes there is a risk of rogue malware infested ads being delivered. [ e.g. There's an on-going debate at virginmedia.com community forum about virginmedia.com ad-infested home pages servicing up rogue update flash ads & thus malware, to VM customers ( who have to visit that page when accessing webmail) VM are a reputable company, most would agree, but seem to have no knowledge or control over what gets served up on their home page, according to the critics. ] if google ad servers are involved then what they serve is related to whether google knows who is browsing and what it knows about that person, so the OP could be served ads that you & I are not served, all without Kovid or whoever runs the calibre download site begin any the wiser I am not quite curious/rash enough to go visit the calibre download page with all my adblockers and AV disabled, but if someone is, perhaps they can "view source" & report back. in the case we have here, we need to know what URL the OP is using, to check if that's the same one the rest of use use. then view source on that page will reveal exactly what goes on under the bonnet. As for "set a security setting in chrome" - installing the adblock extension does block much of the malware infestations within ads, by blocking the ads. without such an extension it is very likely that chrome will happily display a rogue you need to update flash advert which leads to the installation of all sorts of crap for anyone who clicks OK.

01-26-2015, 11:36 AM	#39
cvkemp Loving life Posts: 1,430 Karma: 7991496 Join Date: Mar 2009 Location: Hot Springs Village, Arkansas Device: PaperWhite 6 SE, Fire HD8	Well I just removed chrome from a test box then installed calibre without an issue. This I know for sure it is chrome. I can install on a new box then install calibre and I will get the adware. But if I install calibre on a box using only IE I do not get the adware. So for now I am kissing chrome good bye.

01-26-2015, 11:38 AM	#40
cvkemp Loving life Posts: 1,430 Karma: 7991496 Join Date: Mar 2009 Location: Hot Springs Village, Arkansas Device: PaperWhite 6 SE, Fire HD8	I believe that IE was crap too but I will live with IE on windows and chrome on my Linux boxes. At least with Linux adware is not going to install. And I am not sure how that the adware is installing while I have windows set to not install anything with out me accepting it. But I will be testing that too.