Topic: Beware of a Win8 AppStore look-alike & it's Downloaders

Here is an app seemingly repackaged with a downloader, despite an apparent copyright by it's original author "© 2002 - F. Brebion"

Here are some details:

1) link to the app on the store:  http://www.windows8appstore.com/windows … 95020.html
2) link to the downloader EULA:  http://www.windows8appstore.com/downloaderpolicy.html

It appears to include a possible toolbar named "Secure Speed Dial".  Seems like 'crapware'.

At least that junk gave me an option of whether or not to install it.
Unfortunately the next screen for "Welcome to the Windows Cleaner Installation." seems to give me no such option.
  It also includes an autoupdater.

Crap!  This is not at all what i originally wanted to download.
Oh, i now see the teeny, tiny "skip" text beside the comparatively gigantic "Next" button.
  That is certainly deceptive.

Now i am bombarded by another inclusion:  "Welcome to the Ainishare Free Screen Recorder Installation".
  quote:  "captures what you see on screen and what you hear/say simultaneously, and saves them as compressed video file in realtime.  TIME LIMITED GIVEAWAY, Get it Now!"

Skip.

Now it seems to download.

Then i am asked to install a "Mixi-D Toolbar".
I am given no other choice, even after unselecting the toolbar, to "Install & Exit".

Noting that the filesize for "OpenGL Geometry Benchmark 1.0.exe" was 0.

  Long story short, i didn't get the file i was promised.

  Yet i was certainly offered a lot of potentially damaging crap along the way.
   Had i not been cautious during this process, it seems certain i would have been saddled with at least some of it.
   One analysis (see reports at bottom) by ClamAV calls the downloader a "Possibly Unwanted Application".
    Kingsoft calls it "Win32.Troj.Generic.a.(kcloud)".  NOD32 calls it "a variant of Win32/FreeNew.B".

    To me, in my own humble opinion, other seemingly deceptive inclusions appear to potentially be spyware.
     Unbeknownst to me until i later noticed the still-present icon, it was running in the SystemTray.

I do not accept the Appstore Downloader EULA and have destroyed my copy in compliance with said EULA.
There is no agreement, and even if any was temporarily in effect, it is immediately terminated.
   I will never use your store again.  One unpleasant experience is enough.

Note to MS:'Crapware' downloaders do not inspire confidence in your store.
   Is this typical of other downloads from your store?
     If so, and if i was a developer, i would be screaming!

3) link to the downloader:  http://www.windows8appstore.com/windows … wid=595020
- xml file:

<fn_downloader_data>
    <bundle_statistic>1</bundle_statistic>
    <bundles>
                    <bundle>
    <id>SpeedDial</id>
    <is_toolbar>1</is_toolbar>
    <registry>
        HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Secure Speed Dial_is1;HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Secure Speed Dial_is1;    </registry>
    <defaultselected>1</defaultselected>
    <file_url>http://download.freenew.net/secure-speed-dial-setup073044.exe</file_url>
    <file_options>/sp- /verysilent /suppressmsgboxes</file_options>
    <name>Secure Speed Dial</name>
    <description>-An extension application of browser which smartly lists top
visited browsing pages in new tab page for quick reference.
-Integrating Google search, apps, and browsing histories at new
tab page for instant access.
-Working on Chrome, Firefox, and IE browser.</description>
                <footers>
                    <footer>
                                <text>By clicking &quot;Accept&quot; you accept Windows 8 App Store [End-User License Agreement]</text>
                                    <url0>http://www.windows8appstore.com/downloaderpolicy.html</url0>
                            </footer>
            </footers>
</bundle>                    <bundle>
    <id>wc</id>
    <is_toolbar>0</is_toolbar>
    <registry>
            </registry>
    <defaultselected>1</defaultselected>
    <file_url>http://files.freenew.net/partner/windows_cleaner-was.exe</file_url>
    <file_options></file_options>
    <name>Windows Cleaner</name>
    <description>Windows Cleaner Pro is a fast, efficient and powerful system optimizer that scans
every part of your Windows system to detect and fix all issues causing your computer
to run slowly, including registry.</description>
            <policy_title>Windows Cleaner Features:</policy_title>
                <policy_description>World&#039;s Top Scan and Fix Engine Enhanced.
Working Automatically without a click Enhanced.
One click to solve as many as 10 common PC problems Enhanced.
Automatically Software Update New!
FREE, award-winning customer support for all users</policy_description>
                <icon>http://www.pcerrorfix.net/pad/wc-pad-icon.gif</icon>
        <footers>
                    <footer>
                                <text>By clicking &quot;Accept&quot; you accept Windows 8 App Store [End-User License Agreement]</text>
                                    <url0>http://www.windows8appstore.com/downloaderpolicy.html</url0>
                            </footer>
            </footers>
</bundle>                    <bundle>
    <id>screen</id>
    <is_toolbar>0</is_toolbar>
    <registry>
            </registry>
    <defaultselected>1</defaultselected>
    <file_url>http://download.gilisoft.com/ai/free-screen-recorder.exe</file_url>
    <file_options></file_options>
    <name>Ainishare Free Screen Recorder</name>
    <description>Captures what you see on screen and what you hear/say simultaneously, 
and saves them as compressed video file in real-time.
TIME LIMITED GIVEAWAY,Get it Now!</description>
            <policy_title>Features:</policy_title>
                <policy_description>-Good audio/video synchronization;
-Support of PC games based on DirectX and OpenGL;
-Fast real-time audio/video compression;
-Multiple recording mode;
-Automatically splitting file by time or size ;
-FREE 100%,Life-time free upgrade!
It is compatible with Windows 8/7/XP/Vista/2003.</policy_description>
                <icon>http://files.freenew.net/downloader/screen-recorder.png</icon>
        <footers>
                    <footer>
                                <text>By clicking &quot;Accept&quot; you accept Windows 8 App Store [End-User License Agreement]</text>
                                    <url0>http://www.windows8appstore.com/downloaderpolicy.html</url0>
                            </footer>
            </footers>
</bundle>            </bundles>
    <finishedbundle>
        <bundle>
    <id>mj</id>
    <is_toolbar>1</is_toolbar>
    <registry>
            </registry>
    <defaultselected>1</defaultselected>
    <file_url>http://files.freenew.net/partner/MixiYD7.16.exe</file_url>
    <file_options>/PID=231 /CID=351 /AFFID=121134 /TOOLBAR=1 /HOMEPAGE=1 /SEARCH=1</file_options>
    <name>Mixi-D Toolbar</name>
    <description>Mixi.DJ is a popular free toolbar designed to make browsing
and searching the internet faster and easier!
Mixi.DJ toolbar gives you access to a large variety of radio, music and news stations,
comprehensive text and web page translations.
Install Mixi.DJ Toolbar
Make Mixi.DJ Toolbar my default search engine
Make Mixi.DJ Toolbar my default homepage and new tab</description>
                <footers>
                    <footer>
                                <text>By clicking &quot;Accept&quot; you accept [End-User license Agreement] of Outbrowse,Ltd.</text>
                                    <url0>http://www.software-files.net/delta/eula</url0>
                            </footer>
                    <footer>
                                <text>By clicking &quot;Accept&quot; you accept [Terms of Use] and [Privacy Policy] of Outbrowse,Ltd</text>
                                    <url0>http://www.software-files.net/delta/eula</url0>
                            </footer>
            </footers>
</bundle>    </finishedbundle>
    <exit_url></exit_url>
    <id>595020</id>
<name>OpenGL Geometry Benchmark 1.0</name>
<description> 
 The OpenGL Geometry Benchmark tests the geometry Transform &amp; Lighting power of miscellaneous video cards under OpenGL. It´s possible to test many combinations of technics, vertex formats,</description>
<url>http://www.fl-tw.com/opengl/GeomBench/OGLBench.exe</url>
<icon>http://www.windows8appstore.com/softwareImg/icon122/47.jpg</icon>    <ads>
        <downloading_ad_url>http://files.freenew.net/downloader/ads1.php</downloading_ad_url>
        <downloaded_ad_url>http://files.freenew.net/downloader/ads2.php</downloaded_ad_url>
    </ads>
</fn_downloader_data>

4) VirusTotal Report:  https://www.virustotal.com/en/file/eba0 … 375651159/
5) ThreatFire Report:  http://www.threatexpert.com/report.aspx … 0e519ff254

Note the link to a now non-existent page. http://www.fl-tw.com/opengl/GeomBench/OGLBench.exe

6) link to the original author's archived site:  http://web.archive.org/web/200707162238 … GeomBench/

7) Here is an interview with Flavien Brebion:  http://www.gamedev.net/page/resources/_ … bion-r2719
  And a wayback link to some screenshots of the game he was working on "Infinity: The Quest for Earth"
     http://web.archive.org/web/200710051922 … _media.php

  This link shows that F. Brebion is indeed Flavien Brebion:
    http://www.mmorpg.com/gamelist.cfm/setV … gameID/241


That is the man whose copyright seemingly has not been respected.
Nowhere have i seen insomuch as any credit to the original author in the Appstore, let alone in the downloader.

Last edited by TechDud (2013-08-07 12:05:08)

Re: Beware of a Win8 AppStore look-alike & it's Downloaders

Report it!
http://windows.microsoft.com/en-us/wind … -microsoft

Re: Beware of a Win8 AppStore look-alike & it's Downloaders

Note the differing Terms between the "app" downloader and what is official.
They appear to be separate agreements, governed by laws of differing nations.
   One in the United States, the other in Hong Kong.  They look totally different.

Are they really violating those Terms?

Best to get the author himself onboard first.
  Not easy to find in this "twitverse" of "anti-social media", though i now have a means.

He is the one who's rights may have been violated.
  Any claim of infringement should be made by him.
   That claim would have the greatest substance and priority.

" If your copyright or trademark is being infringed, you may notify Microsoft by selecting the Apps, Services or Search categories applicable to the Microsoft online service listed above, and following the provided instructions to submit your notice. "

     Quoted from https://www.microsoft.com/info/cpyrtInfrg.aspx

Last edited by TechDud (2013-08-06 09:25:37)

Re: Beware of a Win8 AppStore look-alike & it's Downloaders

In addition, it is noteworthy that the source code for said program is also contained in the Archive.com backup.
Is this program then therefore "Open Source"?

Last edited by TechDud (2013-08-06 09:31:22)

Re: Beware of a Win8 AppStore look-alike & it's Downloaders

I have been informed by a reliable source that that is NOT Microsoft's Windows 8 App Store!

Quoted from the bottom of that page:

"Windows8Appstore.com is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation."

They are hosted in the United States (actually San Antonio Texas) yet governed apparently by the laws of Hong Kong?  Is that legally enforceable?

Here's some site info:  http://toolbar.netcraft.com/site_report … pstore.com

They rank 85274th in popularity on the internet as rated by Netcraft, and growing.
This site ranks 8243rd overall.  This is the most popular this site has been over the last couple of years.


Somebody tell me how that site is not infringing on Microsoft's and various Developer's work and reputations.

Last edited by TechDud (2013-08-07 07:25:21)

Re: Beware of a Win8 AppStore look-alike & it's Downloaders

"From: Flavien Brebion
Thanks for reporting this to my attention.

I am indeed the original author of "OpenGL geometry benchmark". It was a small tool that I developed back in 2002. It is currently extremely obsolete, since it's still using the old OpenGL API; I wouldn't consider its results even relevant nowadays. I don't think it even includes OpenGL vertex buffer objects."

"From: Flavien Brebion
I just tried to report this app, with no success, and for a good reason..

Unless I'm missing something, this entire website that is hosting apps ( www.windows8appstore.com ) seems to be fishy, and isn't the official Win8 app store. Therefore I cannot report it to Microsoft.

If you go on this page: http://www.windows8appstore.com/windows … 95020.html
... and scroll down to the very bottom, you should see why:

"Windows8Appstore.com is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation"

Instructions from Microsoft's website to report an app therefore do not appy and there is no "report" button.

Their twitter and facebook pages were violating the EULA and were removed ( dead links at the bottom of the page ).

So IMO you just were scammed by a phishing site that utilizes Microsoft's design to make it look like it's the official Windows 8 app store, and it is most likely that all their apps / downloads are trojans.

Hope that helps,

F. Brebion"

Reprinted with permission.

Re: Beware of a Win8 AppStore look-alike & it's Downloaders

I note that MS seemingly makes it impossible to report directly to them, concerning others possibly infringing upon their own IP.