Closed
Bug 806345
Opened 12 years ago
Closed 12 years ago
Block SweetIM toolbar (Malware Issue) and website
Categories
(Toolkit :: Blocklist Policy Requests, defect)
Toolkit
Blocklist Policy Requests
Tracking
()
RESOLVED
FIXED
People
(Reporter: david.weir, Unassigned)
References
Details
(Whiteboard: [squeaky])
what is the chance of getting the sweetim toolbar as blocklisted it is coming up on all websites what is is a malware toolbar it was on my grans machime for examplewh when she never installed it
Reporter | ||
Comment 1•12 years ago
|
||
http://sweetim.sweetpacks.com/ for full details
Reporter | ||
Updated•12 years ago
|
Severity: major → normal
Reporter | ||
Comment 2•12 years ago
|
||
Link to the internet search i done https://isearch.avg.com/search?cid={E5AB174F-1A6B-4BB2-8F93-FF8F222BF9E9}&mid=dcd16a6af59d47d098d0c94a354eebb0-a274b711aba3314c4dc98391299627c452309086&ds=AVG&lang=en&v=12.2.5.34&pr=fr&d=2012-07-01%2015:11:27&sap=dsp&q=sweetim+toolbar+malware
Comment 3•12 years ago
|
||
Kris, please look into this toolbar and let us know what you discover.
Reporter | ||
Updated•12 years ago
|
Summary: Block SweetIM toolbar and website → Block SweetIM toolbar (Malware Issue) and website
Comment 4•12 years ago
|
||
Yeah, it's definitely a silent install. Wouldn't be surprised if it comes bundled as tag-along crapware with something else. The installer from the linked site changes the homepage, the newtab page, the keyword URL, and the default search engine, too. Disable it from about:addons and it gives you a confirmation (https://people.mozilla.com/~kmaglione/images/d8aecdf2716894b0.png) Urgh. And a second confirmation (https://people.mozilla.com/~kmaglione/images/7d37e927d1e90e4d.png) Doesn't reset the above changes regardless. On the other hand, its fancy home page/new tab page is blinking at me and saying I've got an unclaimed prize, which seems to be a blinking iPad. \o/ ID: {EEE6C361-6118-11DC-9C72-001320C79847} It also installed some crapware called DealPly in the process. Not exactly sure what it does. It hasn't shown up in about:addons yet. I think it's an external application that watches what I'm browsing and will eventually open an external popup window.
Reporter | ||
Comment 5•12 years ago
|
||
Kris can we get this blocked ASAP if possible I would do it in a whole for all Firefox and os
Comment 6•12 years ago
|
||
We won't block it immediately because we want to contact the developers first and try to get them to fix the problem. Also, I'll be away at a MozCamp for the remainder of the week, so don't expect much activity on this bug until next week.
Comment 7•12 years ago
|
||
I contacted the developers. If they don't reply within a week, we will proceed with the block.
Updated•12 years ago
|
Whiteboard: [squeaky]
Comment 9•12 years ago
|
||
Just as one more data point, Web Of Trust has some comments on this toolbar/site: "Changed my browser home page ( without permission ) to sweetim search page." "Installed without permission apparently as part of divx install" "The program is often hidden in freeware software." https://www.mywot.com/en/scorecard/sweetim.sweetpacks.com
Comment 10•12 years ago
|
||
Blocked: https://addons.mozilla.org/en-US/firefox/blocked/i236
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Comment 11•12 years ago
|
||
Sweetpacks and SweetIM are intrusive and insidious. I got them without permission after downloading KMplayer via Softonics. They affected not only Mozilla, IE and Chrome, but they also disabled my Avira Premium 'Web Protection' service. Mozilla is my primary browser and Sweetpacks didn't appear for a few days so I was unaware it had installed itself. I didn't understand why Avira wasn't working properly until I saw and removed Sweetpacks, then the Avira 'Web Protection' started immediately. I deleted every reference to Sweetpacks and SweetIM from the registry. Someone should look into the payoff for this malware to see what information has been gleaned and what other possible damage may have occured. Disabling antivirus services is serious.
Comment 12•12 years ago
|
||
RMH, Firefox is not anti-malware software and blocklisting its add-on part is the only thing Mozilla can do. See also https://support.mozilla.org/kb/troubleshoot-firefox-issues-caused-malware#w_how-do-i-prevent-malware-from-being-installed
Comment 13•12 years ago
|
||
(In reply to Scoobidiver from comment #12) > RMH, Firefox is not anti-malware software and blocklisting its add-on part > is the only thing Mozilla can do. > See also > https://support.mozilla.org/kb/troubleshoot-firefox-issues-caused- > malware#w_how-do-i-prevent-malware-from-being-installed Scoobidiver, I also posted the same comment to an Avira forum. My intent was that all parties affected be aware that Sweetpacks and SweetIM are more than a simple annoyance, they are potentially dangerous and should be taken seriously.
Comment 14•12 years ago
|
||
This block has been updated to cover all versions < 1.8. Version 1.8 addresses the main reasons we decided to block this add-on in the first place.
Assignee | ||
Updated•8 years ago
|
Product: addons.mozilla.org → Toolkit
You need to log in
before you can comment on or make changes to this bug.
Description
•