PDFCreator & Opencandy

Comments

4 comments

  • Shane Corellian

    If you use the package from the Package Library then the OpenCandy shouldn't be installed. If you install PDFCreator interactively (i.e. running the setup manually and just answering the questions) then you will presented with their foistware. When you deploy PDFCreator silently then the foistware crap isn't placed on the targets. We also go the extra mile and specify that only PDFCreator and the images2pdf components get installed and nothing else. You can see how we do that by looking at the Parameters field.

    /ForceInstall /VERYSILENT /SP- /NORESTART /SUPPRESSMSGBOXES /components="program,images2pdf" /tasks="winexplorer,!desktopicon"

    This means that the install file, PDFCreator-2_0_2-setup.exe, may very well get flagged but the installation on the targets shouldn't (if deployed with the parameters above). We tested the final result using Malwarebytes and it came back clean. As a control I installed PDFCreator manually and said Yes to the crapware and sure enough Malwarebytes caught it.

     

     

    0
    Comment actions Permalink
  • Dongraham

    I ran the package from the Package Library. I double checked the above Parms and they are in the package. I will test this against one of our computers with Malwarebytes in-case Vipre is over eager. The one thing I notice is during the deploy the PDFCreator-2_0_2-setup.exe got caught but 30 seconds later a plugin was also caught for Firefox from the install. 

    0
    Comment actions Permalink
  • Shane Corellian

    Thanks for your efforts. One thing you can try is this: append the /NOCANDY parameter to your parameters field.

    /ForceInstall /VERYSILENT /SP- /NORESTART /SUPPRESSMSGBOXES /components="program,images2pdf" /tasks="winexplorer,!desktopicon" /NOCANDY

    It may not do anything but maybe it will change the deployment enough to put Vipre at ease. Technically speaking it should be unnecessary since the /components feature is supposed to be exclusive but I may be wrong.

    If the /NOCANDY does in fact resolve it please let us know and we will add that to the Package.

    0
    Comment actions Permalink
  • Dongraham

    It seems like the Virpe Def 38274 catches it but not the latest definitions. I will make sure before deploying I have the latest Defs installed. Thank you for your quick responses! 

    0
    Comment actions Permalink

Please sign in to leave a comment.