PDQ Deploy\Repository\LIGHTNING UK\ImgBurn\SetupImgBurn_2.5.8.0.exe found to contains ADW_OPENCANDY

Comments

2 comments

  • Shawn Anderson

    Hi Lars, we will take a look at this immediately. We like to strip any of the bundled stuff out of the package library. Because we do not recompile we have to do so within the structure of what the vendor allows. If they prevent 3rd party stuff from being removed during the install then we will usually not host the software. We'll review the software today.

    0
    Comment actions Permalink
  • Brandon Rewis

    Hi Lars,

    I looked into this issue and found no ADW_OpenCandy Adware being installed when deploying the ImgBurn Package from our PDQ Deploy Package Library. 

    Steps taken to confirm no adware is present in our package: 

    1) Inspected .exe for erroneous files. Install matches vendor supplied install.

    2) Scanned Repository and Vendor install with Microsoft Security Essentials and the Trend Micro Security HouseCall Scan. Both AV solutions found no issues with the Repository files or the vendor installation files for ImgBurn

    3) Verified that the OpenCandy symptoms found here: http://about-threats.trendmicro.com/us/malware/ADW_OPENCANDY were not present after a fresh install of Imgburn from our library package.(For the install user and others users profiles)

    OpenCandy was bundled with ImgBurn at one time; however, it seems as if that is no long the case. I suggest deleting the ImgBurn installation from your repository and redownloading the package from the PDQ Deploy Package Library.

    Also, here is a link to a few steps you can take to block OpenCandy or keep it from being installed with ImgBurn: http://forum.imgburn.com/index.php?/topic/22723-opencandy-and-imgburn/

    -Brandon

    0
    Comment actions Permalink

Please sign in to leave a comment.