Think twice before upgrading...

  • Advertisement ( why? )
     

    Guest, 5th Jul 2012 3:16 pm

    I used HTML-Kit 292 for some website updating a while ago and it worked great. However, I recently opened the program and it told me an upgraded/new version was available for download. When I installed the upgrade evidently some malware was installed instead on my computer that was unremovable and forced us to wipe the hard drive and start over. This has caused so much trouble for my company. Please be careful about downloading any upgrades!

    • HTML-Kit Support, 5th Jul 2012 3:52 pm

      On 7/5/2012 3:16 PM, Guest wrote:

      I used HTML-Kit 292 for some website updating a while ago and it
      worked great. However, I recently opened the program and it told me
      an upgraded/new version was available for download. When I installed
      the upgrade evidently some malware was installed instead on my
      computer that was unremovable and forced us to wipe the hard drive
      and start over. This has caused so much trouble for my company.
      Please be careful about downloading any upgrades!

      If you're trying to be helpful, and not scare people with vague or
      unrelated information, please post some proof preferably from a
      non-Guest account.

      For anyone concerned about this, here's a list of 30+ third-party scans
      for HTML-Kit 292 and HTML-Kit Tools including scans from Symantec,
      Microsoft, Kaspersky, TrendMicro and AVG:

      http://www.htmlkit.com/go/scanreport/hk292/

      http://www.htmlkit.com/go/scanreport/hktoolstrial/

      Chami

      • pinkdroyd, 10th Aug 2012 1:44 pm

        Here is my non-guest account response:

        I posted as a guest because I did not feel it would useful to make an account related to a program I may never use again.

        I was attempting to suggest that people be careful to verify that the suggested new updates for the program were valid by checking in here before downloading them. It was not my intention to scare anyone nor to imply that the maker(s) of the program lace the new updates with malware.

        The programs which failed to detect any malicious activity or infection minutes prior to the aforementioned problematic updates were Malwarebytes, SuperAntiSpyware, and iolo System Mechanic Shield. Malwarebytes detected a Trojan immediately after the updates were installed.

        The failures caused were such that I could not access or use most of the programs on the computer therefore making it difficult to document precisely what was occurring (short of getting a digital camera and taking photos of screenshots). Our computer technician deemed that the software damages were supposedly too extensive for repair and that it should just get wiped.

        This computer is only used for business purposes and any personal use is done with the personal computer sitting next to it connected by a 2-port switch kit.

        All of the programs running on the business computer are legitimate and have been acquired without questionable means such as torrent downloads and keygen software. The version of this program we were using was free to begin with.

        A more specific run-through of what happened as I can best remember:
        This program was downloaded last year to make some minor changes to our website. The program worked very well during this time. After the changes were made, the program was not used for several months until new changes needed to be made. When I went to open the program, it was apparently working as it should and it suggested that I update it to the newest version. When I confirmed to download the updates, it appeared to begin the installation. At the end of the installation, the program simply closed and nothing more happened. When I attempted to reopen the program it would not and gave me an error. Next, I attempted to open other programs and they gave me the same error. I was able to get some things to run by opening them from their actual location rather than the desktop shortcuts. After a minute or two of this I proceeded to scan the computer using the programs I had just finished not only updating but also scanning the computer with prior to even opening this program. Malwarebytes detected what I remember was a Trojan and removed it. After restarting the computer, the programs were still inaccessible; so I booted in safe mode and ran full-scans again. Nothing showed up... so I called our computer guy.
        After this experience and my ratiocination regarding it... I would conclude that at some point malware was introduced into the program. Where or when this happened is beyond me, but THAT it happened is obvious.
        Therefore, I felt it would be helpful, if not responsible, to post my experience here once I discovered that there is a forum for keeping in touch with the newest updates being released for a program that I once used and updated... and which resulted in computer trouble for us.
        I am not pointing my finger at a person (such as the maker of this program), but a situation (that the software, update, download, computer, or network had been compromised) that resulted in a falsified update. I believe that this forum is a great way to verify the updates being offered, and I highly recommend doing so!

        • HTML-Kit Support, 10th Aug 2012 2:19 pm

          On 8/10/2012 1:44 PM, pinkdroyd wrote:
          ...

          Therefore, I felt it would be helpful, if not responsible, to post
          my experience here once I discovered that there is a forum for
          keeping in touch with the newest updates being released for a program
          that I once used and updated... and which resulted in computer
          trouble for us.
          I am not pointing my finger at a person (such as the maker of this
          program), but a situation (that the software, update, download,
          computer, or network had been compromised) that resulted in a
          falsified update. I believe that this forum is a great way to verify
          the updates being offered, and I highly recommend doing so!

          Hi,

          Thank you for the follow-up.

          It sounds like you were using HTML-Kit 292 but in case you're using
          Tools, this blog post talks about why Tools and other frequently updated
          programs sometimes get false positives:

          http://www.htmlkit.com/blog/false-positive/

          Anti-malware programs that use cloud-based reporting flag new/updated
          programs, until malware scanners report back enough data about downloads
          back to the cloud. These types of false reports are more likely to
          happen with Tools than 292 just because Tools is updated so frequently.

          To make it easier to validate downloads, trial versions of Tools now
          include file size and MD5 checksums. Upcoming TreeHouse builds and
          general releases will also include this information.

          Chami

          p.s. please note that this is the forum for HTML-Kit Tools. HTML-Kit 292
          forum is at:

          http://www.html-kit.com/forums/free-editor/

          • pinkdroyd, 10th Aug 2012 3:16 pm

            Thank you. I have copied the post to the appropriate forum. Please feel free to delete this one.

            • HTML-Kit Support, 10th Aug 2012 3:40 pm

              On 8/10/2012 3:16 PM, pinkdroyd wrote:

              Thank you. I have copied the post to the appropriate forum. Please
              feel free to delete this one.

              I can't delete this thread. I'll just add a reference to your duplicate
              thread:

              http://www.html-kit.com/forums/free-editor/think-twice-before-upgrading-html-kit-292-free-version-152/

              At the risk of sounding like a broken record, if anyone has any concerns
              please go read my previous replies. HTML-Kit has been verified by
              multiple scanners and third parties.

              Chami

    • Chuck P, 5th Jul 2012 7:41 pm

      I cannot tell you how many times clients have pointed their finger at me and
      exclaimed, "It was that Malwarebites (or Superantispyware) that put malware
      on my computer." End users blame the last program they were running when
      the system finally crashes ... in short it was a PICNIC, with the user going
      where they ought not at work. and amazing themselves with their agility with
      mouse buttons. Howerver, they have to tell the boss something.

      --
      Bald

      • HTML-Kit Support, 6th Jul 2012 7:25 am

        On 7/5/2012 7:41 PM, Chuck Putnam wrote:

        I cannot tell you how many times clients have pointed their finger at me and
        exclaimed, "It was that Malwarebites (or Superantispyware) that put malware
        on my computer." End users blame the last program they were running when
        the system finally crashes ... in short it was a PICNIC, with the user going
        where they ought not at work. and amazing themselves with their agility with
        mouse buttons. Howerver, they have to tell the boss something.

        -- Bald

        Thank you for the support, Bald. Much appreciated!

        Chami

    • steve79, 6th Jul 2012 4:19 pm

      Maybe if you didn't torrent it and run a keygen you wouldn't get malware. I've been using this program legitimately and haven't experienced a single issue.