Jump to content

Microsoft Detects CDBurnerXP Installer As Malware OpenCandy


Guest goodjohnjr

Recommended Posts

Guest

Microsoft Detects CDBurnerXp Installer As Malware (Adware) OpenCandy, And So Does Several Other Anti-Malware Companies

Yes, I have filed a false positive report with Microsoft, but I do not think they will change it without your Team contacting them and/or OpenCandy about it; but they may be working on it since the Frostwire & OpenCandy Teams may be in talks with them.

But I think the CDBurnerXP Team should contact them and the OpenCandy Team, since they are detecting OpenCandy in the installer it seems; this happened with Frostwire as well & I reported it to them also & they are supposed to be talking with Microsoft and OpenCandy about it, so I would suggest that your team contact Microsoft & OpenCandy as well. ;):)

Until this issue is resolved some people will not be able to install either program and/or will think they are malware, even though this appears to be a false positive and/or harsh detection on Microsofts part; but I would hope that OpenCandy and/or Microsoft and/or CDBurnerXP and/or Frostwire will take the necessary steps/actions to resolve this issue, so good luck and thank you. :)

Microsoft Support:

http://support.microsoft.com/contactus

https://support.microsoftsecurityessent ... redirect=1

http://answers.microsoft.com/en-us/default.aspx

https://www.microsoft.com/security/port ... ubmit.aspx

http://support.microsoft.com/contactus/ ... l?ws=mscom

avsubmit@submit.microsoft.com

OpenCandy Website & Contact Form:

http://www.opencandy.com/

http://www.opencandy.com/contact/

OpenCandy Website Reports:

http://www.urlvoid.com/scan/opencandy.com

http://online.us.drweb.com/cache/?i=645 ... bd45c55f76

http://www.avgthreatlabs.com/sitereport ... ncandy.com

http://linkscanner.explabs.com/linkscan ... ncandy.com

http://www.mywot.com/en/scorecard/opencandy.com

http://safeweb.norton.com/report/show?u ... candy.com/

http://hosts-file.net/?s=opencandy.com

http://www.alexa.com/siteinfo/opencandy.com#

http://www.robtex.com/dns/opencandy.com.html

http://www.virustotal.com/url-scan/repo ... 1298406573

http://anubis.iseclab.org/?action=resul ... ormat=html

Frostwire Issue I Reported:

http://forum.frostwire.com/viewtopic.php?f=1&t=9617

CDBurnerXP Issue I Reported:

viewtopic.php?f=4&t=10406&p=34940#p34940

Hello,

Microsot Security Essentials detected the CDBurnerXP 4.3.8.2474 installer as malware, so I am reporting it:

http://www.microsoft.com/security/porta ... tid=159633

https://www.microsoft.com/security/port ... e63e0c&n=1

I downloaded the file from:

http://www.cdburnerxp.se/

Download Mirror:

http://www.cdburnerxp.se/downloadsetup.exe

Download Mirror URL Scanner Reports:

http://www.avgthreatlabs.com/sitereport ... urnerxp.se

http://www.urlvoid.com/scan/cdburnerxp.se

http://online.us.drweb.com/cache/?i=ffc ... 89db30dfb7

http://www.virustotal.com/url-scan/repo ... 1298740931

http://www.virustotal.com/file-scan/rep ... 1298744679

http://www.mywot.com/en/scorecard/cdburnerxp.se

File Information:

Cdbxp_setup_4.3.8.2474.exe

4.55mb

MD5 : 6bb172ef7dd31ec30d7bdc9aed22d40d

SHA1 : 0078f57b9b78d11ce0bc235f344c0ecc85d0b313

SHA256: dca2483c447072ca3d3667ce697716344c4f6f0308869b2cbde2404dffad8dd3

CDBurnerXP URL Scanner Reports:

http://www.urlvoid.com/scan/cdburnerxp.se

http://online.us.drweb.com/cache/?i=d03 ... 22c0ebd540

http://www.avgthreatlabs.com/sitereport ... urnerxp.se

http://linkscanner.explabs.com/linkscan ... rnerxp.se/

http://www.mywot.com/en/scorecard/cdburnerxp.se

http://safeweb.norton.com/report/show?u ... erxp.se%2F

http://anubis.iseclab.org/?action=resul ... ormat=html

http://www.robtex.com/dns/cdburnerxp.se.html

http://www.alexa.com/siteinfo/cdburnerxp.se#

http://www.senderbase.org/senderbase_qu ... rch=Search

http://www.virustotal.com/url-scan/repo ... 1298392046

http://hosts-file.net/?s=cdburnerxp.se

CDBurnerXP File Scanner Reports:

http://www.virustotal.com/file-scan/rep ... 1298394886

http://www.threatexpert.com/report.aspx ... 9aed22d40d

http://camas.comodo.com/cgi-bin/submit? ... 4dffad8dd3

http://anubis.iseclab.org/?action=resul ... ormat=html

http://analysis.avira.com/samples/detai ... tid=692297

https://www.microsoft.com/security/port ... e63e0c&n=1

Thank you,

-John Jr :)

Link to post
Share on other sites

We confirm once again that there is openCandy in the installers, but it is not malware.

Looks like MS is messing up here, as opencandy is opt-in and does display a privacy policy

"User-specific information, including a unique machine code, operating system information, locale (country), and certain other information are sent to a remote server without obtaining adequate user consent".

Huh, that's odd, pretty much everything on the internet logs such information, even more the installer provides opencandy as an opt-in NOT opt-out, is up to the user if gets used or not.

according to http://www.virustotal.com/file-scan/rep ... -129839488

In the meanwhiel whoever distrusts the installer can get an opencandy-free one from the downloads page.

Link to post
Share on other sites
Guest
We confirm once again that there is openCandy in the installers, but it is not malware.

Looks like MS is messing up here, as opencandy is opt-in and does display a privacy policy

"User-specific information, including a unique machine code, operating system information, locale (country), and certain other information are sent to a remote server without obtaining adequate user consent".

Huh, that's odd, pretty much everything on the internet logs such information, even more the installer provides opencandy as an opt-in NOT opt-out, is up to the user if gets used or not.

according to http://www.virustotal.com/file-scan/rep ... -129839488

In the meanwhiel whoever distrusts the installer can get an opencandy-free one from the downloads page.

Yeah, I have reported this to Microsoft, Frostwire, CDBurnerXP, and I think OpenCandy knows about it too; but the issue has not been resolved yet, so I think all of the Offical Teams should talk to Microsoft, because they are not going to listen to me. :D

Anyway, thank you for responding, I have seen the OpenCandy privacy policy and website. ;)

Link to post
Share on other sites
Guest paul29764

Eset SmartSecurity detects and blocks this too, and I am not going to override it. It looks like we have lost another good piece of software to publisher greed and adware. :(

Please remove this from the installer if you want to keep the respect of your users.

Link to post
Share on other sites
Guest
Eset SmartSecurity detects and blocks this too, and I am not going to override it. It looks like we have lost another good piece of software to publisher greed and adware. :(

Please remove this from the installer if you want to keep the respect of your users.

Ooo, interesting, that is new; At first it was just Microsoft and McAfee. :shock:

I was not able to install Frostwire or CDBurnerXp yet due to the installers being quarantined and I will not un-quarantined them or install them until the issue has been resolved/fixed; I think OpenCandy will probably adjust their code, but if not, the Frostwire & CDBurnerXp Teams will have to make a decision.

Hopefully something is done soon as possible, because it would be a shame/ashame/sad/pity, both are great programs. :)

Link to post
Share on other sites

Avira, McAffee and some other antivuris solutions has started to detect OpenCandy in ApexDC, soon they will get to CDBurnerXP isntallers. I'm not going to override my antivirus solution at home or at work. Will switch to some other burning solution. What's wrong with the Donate button? Good luck..

Link to post
Share on other sites
Guest noname
Please remove this from the installer if you want to keep the respect of your users.

Wow, whata advice! Author probably pays his bills by "respects".

Link to post
Share on other sites

A new version of OpenCandy, which "complies" with the the expectations of at least MSE and probably other antivirus applications, will be released soon.

Link to post
Share on other sites
Guest
A new version of OpenCandy, which "complies" with the the expectations of at least MSE and probably other antivirus applications, will be released soon.

That is good to hear, thank you for sharing that. :)

Link to post
Share on other sites
Guest
We confirm once again that there is openCandy in the installers, but it is not malware.

Looks like MS is messing up here, as opencandy is opt-in and does display a privacy policy

"User-specific information, including a unique machine code, operating system information, locale (country), and certain other information are sent to a remote server without obtaining adequate user consent".

Huh, that's odd, pretty much everything on the internet logs such information, even more the installer provides opencandy as an opt-in NOT opt-out, is up to the user if gets used or not.

according to http://www.virustotal.com/file-scan/rep ... -129839488

In the meanwhiel whoever distrusts the installer can get an opencandy-free one from the downloads page.

Hello,

I will clarify what this Developer was trying to say, which some of us misunderstood; thank you for sharing that, but next time you might/may want to write that a bit more clearly & provide URLs, for us Mentally Challenged users. ;):D

There are installers available for CDBurnerXp without OpenCandy/non-OpenCandy installers for CDBurnerXP, for 32-Bit and 64-Bit, here are the URLS; so they will probably not be detected by those Anti-malware programs:

32-Bit:

http://download.cdburnerxp.se/minimal/2 ... inimal.exe

64-Bit:

http://download.cdburnerxp.se/minimal/5 ... inimal.exe

So now some of us can install and use CDBurnerXp once again, thank you. :)

Link to post
Share on other sites
Guest

Hello,

I will clarify what this user was trying to say, which some of us misunderstood; thank you for sharing that, but next time you might/may want to write that a bit more clearly & provide URLs, for us Mentally Challenged users. ;):D

There are installers available for CDBurnerXp without OpenCandy, for 32-Bit and 64-Bit, here are the URLS; so they will probably not be detected by those Anti-malware programs:

32-Bit:

http://download.cdburnerxp.se/minimal/2 ... inimal.exe

64-Bit:

http://download.cdburnerxp.se/minimal/5 ... inimal.exe

So now some of us can install and use CDBurnerXp once again, thank you. :)

Darn, whenever I try those URLs, I get a Request Time-Out error. :(

Link to post
Share on other sites
Guest

Hello,

For the record, Vipre is also now detecting the OpenCandy CDBurnerXP Installer as malware:

http://www.virustotal.com/file-scan/rep ... 1298744679

But OpenCandy is suppose to be releasing a , Malware (Adware)-Free/Non-Malware (Adware) Version soon; so hopefully soon this will no longer be a problem. :)

Also, do not forget the CDBurnerXP Non-OpenCandy/OpenCandy-Free Installers, once the URLs start working again. ;)

http://cdburnerxp.se/en/download

Link to post
Share on other sites
Guest

Darn, whenever I try those URLs, I get a Request Time-Out error. :(

Okay, those URLs worked for me in Firefox, but not Google Chrome; when you go to the main CDBurnerXP Download URL, make sure that you click More Download Options and find the Installer Without OpenCandy ;) :

http://cdburnerxp.se/en/download

Here are the File Scanner Reports for them:

http://www.virustotal.com/file-scan/rep ... 1298626672

http://camas.comodo.com/cgi-bin/submit? ... 3428654556

http://anubis.iseclab.org/?action=resul ... ormat=html

http://www.threatexpert.com/report.aspx ... 98ff6c1795

http://analysis.avira.com/samples/detai ... tid=694577

https://www.microsoft.com/security/port ... 977747&n=1

Link to post
Share on other sites

The links will only work for a short time. Anyway, a new version has now been released which should no longer be detected. More details follow soon.

Link to post
Share on other sites
Guest
The links will only work for a short time. Anyway, a new version has now been released which should no longer be detected. More details follow soon.

Thank you for sharing that, that is good to hear. :)

Link to post
Share on other sites

"User-specific information, including a unique machine code, operating system information, locale (country), and certain other information are sent to a remote server without obtaining adequate user consent".

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.