CPU-Z CNET Tag-Alongs

[writhziden]

I know I have recommended the use of CPU-Z in the past, but they are now hosting their installer through CNET. CNET has bundled some tag-alongs that even if you choose not to install through the checkboxes still get installed and have an accept/decline button. Declining is the only way to prevent their installation. Unfortunately, I found this out too late. I now have a re-direct browser add-on and some other nasties.

Be careful when advising people install CPU-Z for screenshots of the RAM to also let them know to decline all other software during installation.

The safer route is to tell them to scroll down to Version history, option 8 on the CPU-Z main page. Direct links to the latest version are available there or on the right-hand side of the CPU-Z main page under Download the latest release


I may need some malware removal help now... I was checking my memory configuration on my desktop to make sure my 32 GB was in Quad mode and timings/voltages were correct.

 

[Corrine]

Thus my recommendation to always look for the download at the developer/vendor site. In the case of CPU-Z, see CPU-Z CPUID - System & hardware benchmark, monitoring, reporting.

 

[writhziden]

Thus my recommendation to always look for the download at the developer/vendor site. In the case of CPU-Z, see CPU-Z CPUID - System & hardware benchmark, monitoring, reporting.

Actually, that's where I downloaded it from. I now see the sneakiness of why I downloaded it from CNET. Sometimes, one of the ads says "Download CPU-Z from CNET" which made me think that was where CPUID wanted me to obtain the software. In reality, it was just an ad, and the true links are on the side and in the previous versions links.

 

[Wrench97]

Use the link to the .zip CPUz file> ftp://ftp.cpuid.com/cpu-z/cpu-z_1.67-en.zip

 

[Corrine]

Let's take a look at what C|Net added to the download.

Please download AdwCleaner by Xplode and save to your Desktop.

• Double-click AdwCleaner.exe to run the tool.
  Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
• Click the Scan button.
• AdwCleaner will begin. Be patient as the scan may take some time to complete.
• After the scan has finished, click the Report button. A logfile (AdwCleaner[R0].txt) will open in Notepad for review.
• The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, please let me know about it.
• Copy and paste the contents of that logfile in your next reply.
• A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

[writhziden]

Use the link to the .zip CPUz file> ftp://ftp.cpuid.com/cpu-z/cpu-z_1.67-en.zip

I try not to provide direct links since some forum owners don't like them. Maybe I'll just change my canned speeches to have the link to the versions history page.

CPU-Z CPUID - System & hardware benchmark, monitoring, reporting​

That page has less ads and will be easier to provide download instructions to.

 

[writhziden]

Let's take a look at what C|Net added to the download.

Please download AdwCleaner by Xplode and save to your Desktop.

• Double-click AdwCleaner.exe to run the tool.
  Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
• Click the Scan button.
• AdwCleaner will begin. Be patient as the scan may take some time to complete.
• After the scan has finished, click the Report button. A logfile (AdwCleaner[R0].txt) will open in Notepad for review.
• The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, please let me know about it.
• Copy and paste the contents of that logfile in your next reply.
• A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

FYI: Interestingly, AdwCleaner is not a trusted program by Microsoft. I had to jump through some hoops to run it.



# AdwCleaner v3.013 - Report created 26/11/2013 at 13:03:06
# Updated 24/11/2013 by Xplode
# Operating System : Windows 8 Pro with Media Center (64 bits)
# Username : Mike - ZIGGY
# Running from : C:\Users\Mike\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Windows\System32\Tasks\Dealply
File Found : C:\Windows\Tasks\Dealply.job
Folder Found C:\Program Files (x86)\DealPly

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dealplylive.exe

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537


*************************

AdwCleaner[R0].txt - [1069 octets] - [26/11/2013 13:00:57]
AdwCleaner[R1].txt - [991 octets] - [26/11/2013 13:03:06]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1050 octets] ##########

 

[Corrine]

That is the first time I've heard of anyone having a problem with AdwCleaner. Most likely EPM in IE11. Microsoft detects DealPly as Adware:Win32/DealPly.

Double-click AdwCleaner.exe to run the tool again.

• Click the Scan button.
• AdwCleaner will begin to scan your computer like it did before.
  Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
• After the scan has finished,
• This time click on the Clean button.
• Press OK when asked to close all programs and follow the onscreen prompts.
• Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
• After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
• Copy and paste the contents of that logfile in your next reply.
• A copy of that logfile will also be saved in the C:\AdwCleaner folder.

I suggest you follow that with the Junkware Removal Tool since it frequently picks up additional registry changes that AdwCleaner misses:

Please download Junkware Removal Tool to your desktop.

• Disable your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

 

[Tekno Venus]

That is the first time I've heard of anyone having a problem with AdwCleaner. Most likely EPM in IE11.

I had an issue this afternoon too on IE11 on my mother's computer.

SmartScreen Filter blocked the download, and I had to repeatedly allow it for it to run.

 

[writhziden]

That is the first time I've heard of anyone having a problem with AdwCleaner. Most likely EPM in IE11. Microsoft detects DealPly as Adware:Win32/DealPly.

Double-click AdwCleaner.exe to run the tool again.

• Click the Scan button.
• AdwCleaner will begin to scan your computer like it did before.
  Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
• After the scan has finished,
• This time click on the Clean button.
• Press OK when asked to close all programs and follow the onscreen prompts.
• Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
• After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
• Copy and paste the contents of that logfile in your next reply.
• A copy of that logfile will also be saved in the C:\AdwCleaner folder.

I suggest you follow that with the Junkware Removal Tool since it frequently picks up additional registry changes that AdwCleaner misses:

Please download Junkware Removal Tool to your desktop.

• Disable your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8 Pro with Media Center x64
Ran by Mike on Tue 11/26/2013 at 15:41:31.48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 11/26/2013 at 15:45:15.11
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

[writhziden]

That is the first time I've heard of anyone having a problem with AdwCleaner. Most likely EPM in IE11.

I had an issue this afternoon too on IE11 on my mother's computer.

SmartScreen Filter blocked the download, and I had to repeatedly allow it for it to run.

I'm running IE10. Got the message that it is not a file that is downloaded often and may not be trusted; I downloaded it anyway. Upon running it, I was greeted with the message that Windows 8 blocked it from running and had to tell it to run anyway.

 

[Corrine]

I guess 4,466,997 total downloads just from BleepingComputer for AdwCleaner isn't often.

You can delete JRT from your desktop and then do the following to clean up AdwCleaner:

Double-click on AdwCleaner.exe to run the tool again.

• Click on the Uninstall button.
• Click Yes when asked are you sure you want to uninstall.
• Both AdwCleaner.exe, its folder and all logs will be removed.

 

[Digerati]

Thus my recommendation to always look for the download at the developer/vendor site

Me too. But sadly, some programs are a little sneaky about this. For example, CCleaner lists FileHippo.com and Download.com before Piriform.com.

That said, I really don't see how you ended up at CNet. When I search for cpuz with Bing or Google, the first hit goes directly to the cpuid.com and from there, the links on the right to download the product are locally hosted at cpuid.

I try not to provide direct links since some forum owners don't like them.

I personally don't like them! And I have expressed my opposition of their use (most often by malware removal experts during the process of helping user disinfect their systems). I personally feel their use contradicts the very "practicing safe computing" principles we preach. We tell users to know what they are downloading but direct links prevent that. Sure, we are asking these folks to trust us, but "trust me" is the first words out of a badguy's mouth! I am just saying, "do as I say, not what I do" is not really a safe security, or coaching discipline. But that's really for another discussion.

As for AdwCleaner, I found it frustrating the developer's site is in French. And though it allows you to switch to English, it only partially does so from there, you really don't know what you are getting into. Other than that, it does work with W8.1 and IE11 here.

 

[writhziden]

That said, I really don't see how you ended up at CNet.

I've had a long, trying week personally, so stress and exhaustion probably played a factor. I followed my search to cupid.com, and the link "Download CPU-Z from CNET" showed up on the CPU-Z webpage in a big green button in the middle of the screen, so I doubt I'm the first one to fall prey to it.

 

[Digerati]

"Download CPU-Z from CNET" showed up on the CPU-Z webpage in a big green button

Ah, now I see how you got there (I think). When I search for cpu z download, the CNet download page comes up first. But if I enter just cpu z, cpuid.com is on top.

Lesson learned: never use the word "download" in your searches!

 

[Corrine]

I try not to provide direct links since some forum owners don't like them.

I personally don't like them! And I have expressed my opposition of their use (most often by malware removal experts during the process of helping user disinfect their systems). I personally feel their use contradicts the very "practicing safe computing" principles we preach. We tell users to know what they are downloading but direct links prevent that. Sure, we are asking these folks to trust us, but "trust me" is the first words out of a badguy's mouth! I am just saying, "do as I say, not what I do" is not really a safe security, or coaching discipline. But that's really for another discussion.

As for AdwCleaner, I found it frustrating the developer's site is in French. And though it allows you to switch to English, it only partially does so from there, you really don't know what you are getting into. Other than that, it does work with W8.1 and IE11 here.

There is a reason for providing direct downloads when removing malware. As in this case, writhziden did go to the vendor site but clicked on the C|Net ad and didn't see the download links in the right-hand column. Some sites also manage to bury the download links, which could result in the OP searching for the program and ending up getting the wrong program, an outdated version or end up on a site serving malware.

Digerati, the version of AdwCleaner at Bleeping Computer is always kept up to date and is the English version.

 

[Digerati]

I understand why direct links are used during malware removal - but I still believe it contradicts the safe computing principles we stress. I accept them in "closed" malware removal forums because the user, in most cases, initiated the process - that is, it is not a totally "unsolicited" download link. But I think they should never be used, or allowed in "open" forums.

Digerati, the version of AdwCleaner at Bleeping Computer is always kept up to date and is the English version.

Right, and when I wanted to check it out, that is where I ended up getting it from. But if it was not hosted at BC (a site I trust), I probably would not have downloaded it at all.

 

[Patrick]

I understand why direct links are used during malware removal - but I still believe it contradicts the safe computing principles we stress.

I can see how you'd feel that way, but if well-versed computer programmers / MVP's in a tired state accidentally click themselves to an unwanted 3rd party site unbeknownst to them (we've all done it), then just imagine what someone who is computer illiterate looking for malware removal assistance can do. They'd end up right where Mike did, or worse. That's why direct links are probably best, there's just a link to click that leads you directly to the .exe the analyst wants you to have. No way to screw that up.

 

[Digerati]

As I said, I understand why in the closed malware removal forums. I am not that worried about them there - other than the precedent it sets. My big concern is in the open forums where anybody can post them, including someone with bad intent. The risk the links might lead downloading something malicious is much greater and the unsuspecting poster might not know how to verify if good or not.

 

[Patrick]

As I said, I understand why in the closed malware removal forums. I am not that worried about them there - other than the precedent it sets. My big concern is in the open forums where anybody can post them, including someone with bad intent. The risk the links might lead downloading something malicious is much greater and the unsuspecting poster might not know how to verify if good or not.

Well, unfortunately, I think that's just something we all ultimately have to watch out for. Misinformation, even when done innocently because of not knowing the possibility of catastrophe will always be a problem. I was guilty myself about a year or so ago, right here on Sysnative. A user had a rootkit that was causing a BSOD and I recommended the use of TDSSKiller to get rid of it. Corrine was kind enough to correct me and warn me of the potential negatives and in the future what measures to go to before recommending such.

I am not saying you're wrong whatsoever, but I stand by direct links to removal and/or analyst tools rather than a link to the site with the eventual link. Nowadays, as we see in this very thread, websites are stockpiled with malicious advertisements and redirects, and if an unknowing user needing malware assistance visits a website and clicks the big green image that says 'Download now' but it's a redirect to a different site that bundles their garbage with the actual program through the use of a downloader, etc, then that just adds much more work for that analyst to deal with. I'd imagine it would anger the end-user as well.