Does www.official-drivers.com and DriverTuner serve malicious software?

[polonus]

Hi Michigan guy,

You were a victim of an OutBrowse monitizer bundling product with a very poor reputation: https://www.mywot.com/en/scorecard/outbrowse.com?utm_source=addon&utm_content=popup -
Read about your OutBrowse bundled adware variant: http://www.sophos.com/en-us/threat-center/threat-analyses/adware-and-puas/OutBrowse%20Revenyou/detailed-analysis.aspx

Thanks for sharing your experiences.
As a general warning to those that consider downloading,
see: http://www.herdprotect.com/setup.exe-3851fc1b1715a7052587bd430aa18b9aadad4b1b.aspx
Software comes bundled with PUP: PUP.Optional.Installer.LionSeaSoftwarecoltd.F -> http://www.herdprotect.com/ip-address-72.247.10.24.aspx
See: http://www.herdprotect.com/ip-address-54.235.251.129.aspx and  http://www.herdprotect.com/ip-address-23.21.98.30.aspx
Free software to-day comes bundled "at a crap bundled adware price", see: http://www.herdprotect.com/domain-install.optimum-installer.com.aspx

Always look to download a custom software install from the few remaining upfront downloading sites.
But to-day one often finds oneself between a rock and a hard stone.

polonus

[euthenia]

Any chance Slim Drivers, by SlimWare, could also be a suspect product? After downloading and running once, my Windows Update and Windows Online Help features were disabled. So, not only was I not able to download important updates, but I was prevented from effectively troubleshooting the problem.

[polonus]

You may be right, look here what comes bundled: http://www.herdprotect.com/signer-slimware-utilities-inc-396592a759309a28f5d983a5a376da47.aspx
Sality variant, certainly you do not want on your comp or peripherals,

polonus

[euthenia]

Ugh. Then maybe it is the cause of my problems.

http://forum.avast.com/index.php?topic=150374.0

I got it from Download.com (Cnet) so assumed it would be safe . . .

[REDACTED]

I download a Canon_PIXMA_MX348_XPS_536 driver from  www.official-drivers.com successfully.
Although it is a little complicated for me to find the wrong place to download.
I know this website also sells driver update tool. It's much convenient.

[polonus]

DrWeb has it listed htxp://www.official-drivers.com/setup.exe contains a potentially dangerous software Program.Unwanted.79
htxp://www.official-drivers.com/setup.exe is present in the Dr.Web database of unwanted sites!
Verdict: htxp://www.official-drivers.com/setup.exe is present in the Dr.Web database of unwanted sites!
Outdated Web Server Apache Found   Vulnerabilities on Apache 2.2          Apache/2.2.15
Others give it as potentially harmless, but I would not trust it, as DrWeb sticks with Program.Unwanted.79
Reason HeuristicsPUP.Optional.Installer.F, PUP.Optional.Installer.g, PUP.Optional.Installer.k, PUP.Opt etc.
Trojan/Win32.TSGeneric or PE:Trojan.BHO!1.66E4

polonus

[REDACTED]

Honestly, I think this website is really good! It contains huge driver exe files and zip file to download.

[polonus]

There are enough users to doubt that site's web rep: https://www.mywot.com/en/scorecard/www.official-drivers.com?utm_source=addon&utm_content=contextmenu
The WOT reputation status is even officially being supported by a third party listing: http://hosts-file.net/?s=official-drivers.com
IP badness history given here: https://www.virustotal.com/nl/ip-address/173.192.57.82/information/
and here: http://www.herdprotect.com/ip-address-173.192.57.82.aspx
Well if you do not mind Adware, and a lot of users do mind, you can go there.
In a strict sense there is no malicious software, but I would not run the risk of getting some hard to remove bundled goodies with my download and rather go to the official developer site.

As such even the name official-drivers site is misleading.

See the recent reports here what content kick-up alerts here: http://urlquery.net/report.php?id=1411900432032
PHISHING attempt performed connecting to 74.125.232.241 HTTP/1.0 302 Moved Temporarily
Bitdefender'sTrafficLight gives the IP as part opf a PHISHING attempt.

pol