Sign in to follow this  
spike-nz

YouTubeDownloader being detected as MyBrowserBar

Recommended Posts

A couple of days ago, AAW Pro 8.3.1 detected "YouTube Downloader v2.5.5" as MyBrowserBar, which I put into Ignore for the time being, having used various versions without harm for some time.

Today I updated to version 2.6.1, which is still being detected (I had to disable Ad-Watch to install this version) - given the number of downloads at [url="http://download.cnet.com/YouTube-Downloader/3000-2071_4-10647340.html?tag=contentMain;contentBody;1d"][color="#0000FF"]Cnet-Download.com - YouTube Downloader[/color][/url], I have a strong feeling that this is an FP.

Logs from the detection of both versions are attached, together with the detected (zipped) files - I would attach the main executable, only it is over 4mb, and avilable from the link above:

[attachment=8272:Scan_201...12_45_13.log]

[attachment=8273:Scan_201...16_32_04.log]

[attachment=8274:YouTubeD...r_v2.5.5.zip]

[attachment=8275:YouTubeD...r_v2.6.1.zip]

Regards,

Spike

Share this post


Link to post
Share on other sites
Hi Spike,

Thanks for the report - we'll have this checked out and removed if it is an FP.

Regards,

Andy
Lavasoft Malware Labs

Share this post


Link to post
Share on other sites
Hi Spike,

This is not a false positive. Problems were noted with regard to the notice and consent regime used during installation, hence its inclusion in the detection database.

Although users are provided the opportunity to opt out of the toolbar during installation, the toolbar is not clearly identified as a third-party component. Indeed, the name leads users to believe that it is a functionally related, integral part of the host program. That is simply misleading.

Worse, though, the install screen fails to alert users to the key changes the software will be making to their computers and browsers as well asto the other material terms that users are implicitly agreeing to (see section 1.1, a-g of the toolbar's EULA). Instead of being buried in the privacy policy and/or EULA, that important information needs to be called out in a clear and conscpicuous manner outside of the EULA and privacy policy. It is not, and the result is that users wind up being "opted in" to software with potentially objectionable functionality that was presented to them in a misleading fashion.

Hope this helps.

Regards,

Andy
Lavasoft Malware Labs

Share this post


Link to post
Share on other sites
Hi Andy,

Thanks for explaining the issues involved so clearly.

I uninstalled/re-installed v2.6.1, so that I could read the toolbar's Terms of Use and fully agree with LS's position.

Fortunately, I never accept new toolbars, default search engines, home pages, etc, no matter whether they are opt-in or opt-out. There are so many being pushed now, that they just clutter up the browsers' bars... and a blank homepage loads more quickly.

Interestingly, although the program installer and "c:\program files\youtube downloader\biennesoftax.dll" are still being detected, the program executable itself (c:\program files\youtube downloader\youtubedownloader.exe) no longer is.

Having deleted the installer, all that now shows up in a scan is the DLL file (integral to the program, or I would quarantine/delete that also).

[attachment=8279:Scan_201...19_30_35.log]

I take it that without the toolbar, the program can be used without the aggregation/revenue collection by Spigot Inc? (I have used other youtube downloaders, but this is my preferred app).

Regards,

Spike

Share this post


Link to post
Share on other sites
Hi Spike,

Sorry for the delay in responding to you. The application can indeed be used without the toolbar meaning that there will be no aggregation/revenue collection by Spigot. Also, biennesoftax.dll should not be detected and will be removed as of an update to be released later today. Thanks for the feedback!



Andy

Share this post


Link to post
Share on other sites
Sign in to follow this