PUP malware included in CDBurnerXP downloads?

[hoyt]

On my computer Thunderbird is behaving erratically (receiving messages more than once), CDBurnerXP doesn't burn CDs but it can play the file, and there are sometimes jitters when I boot my computer (stops booting before it's done).

 

I can't update SuperAntispyware, and when I removed SAS I could download the installation program but it wouldn't run.

 

I ran Malwarebytes and it detected four PUPs (potentially unwanted software) on the D: drive where I store program downloads. One was cdxpsetup_4.5.2.4214 (5078 KB) which I downloaded on 9/7-2013 to install CDBurnerXP. It was called PUP.Optional.OpenCandy.

 

 Malwarebytes says that PUPs are malicious software. They can accompany free software to provide some revenue for the software company.

 

I'll remove these PUPs and see if things get better. Can CDBurnerXP check if this PUP is still part of its installation program?

 

Thanks,

Hoyt

 

[judas_iscariote]

OpenCandy is part of the installation routine, that's the way you get software recommendations during installation, it is also the reason you can access this forum and get a human to answer your questions, it pays all the bills and may enable us to produce even more freeware  in the future.

 

It does not install to your computer, it is not malware and for every release there is an installer without openCandy available in the downloads page.

[floele]

Yes, keep in mind that while CDBurnerXP includes optional third party software, it will not install anything "potentially unwanted" without your explicit consent. The software is certainly not "malicious", but it may indeed be useless. You can uninstall if you gave your consent by mistake.

[hoyt]

I removed the PUP malware and rebooted, and am still unable to open the SuperantiSpyware install file.

 

If Open Candy pays all your bills, what do they get back from the users in return? I caught the AVG Toolbar from NetWorx, I think, from their download and took half a day to remove it. I finally had to edit the registry and remove "avg" except where it stood for "average."

 

The last time I got into this pickle, I had to go back a month with my imaging software to recover. I'm hoping two weeks will suffice this time.

 

It was Malwarebytes that called PUPs "malicious." Searching for PUP on Yahoo! gives lots of mentions of spyware, malware, and viruses.

 

Thanks for your reply.

[floele]

In case SuperantiSpyware, they probably want you to buy the full version, in case of any toolbars, they want users to click on ads. There are various ways how to make money out of optional software installs. Should there every be something included with CDBurnerXP that cannot properly uninstall I will remove the offer from my installer. I obviously don't want anyone having trouble because of the ads.

[hoyt]

floele,

Thanks for taking the time to reply. To clarify, I was unable to update SuperantiSpyware (SAS), and when I uninstalled it I was unable to run its install program to reinstall it. It was not SAS that was doing this, it was some mischievous or malicious program. When I returned my computer to its condition of two weeks ago, this problem disappeared and SAS works fine (it does pester me often to get the paid version). Other minor problems disappeared as well.

 

You need to be careful with these PUPs. Most developers can't be expected to know what's in them, and there are a lot of mean people out there.

 

I follow the Gibson Techtalk forum. It has a lot of discussion about this stuff. Apparently SourceForge has now gone over to the dark side.

 

Something certainly made my computer undependable, and that something disappeared when I removed the last two weeks from its life. If they can pay you, they are more than recovering that cost from somewhere else.

[floele]

Apparently SourceForge has now gone over to the dark side.

 

Huh? What does that mean?

[hoyt]

SourceForge is an old and well known site for distributing software, usually free. A Gibson newsgroup user reported recently that he had downloaded a file from them and noticed that it was 2 or 3 MB larger than previous files for that program. He checked it and found PUPs. He found another site to download the file from.

 

The "dark side" comes from the Star Wars movies, and refers to those in the galaxy who are bent on destroying parts of it.

[floele]

I understand what dark side and what sourceforge is

 

Just wanted to know what happened there. Well, I don't think sf.net is to blame here, I suppose the software author just added this software to his installer. Not sure if sf.net permits that, but even if I don't think that means that sf.net has gone over to the dark side.

[hoyt]

I noticed on ninite.com that .NET is required to use CDBurner XP. Maybe that was my problem.

[floele]

Yes that may be a problem, however, the installer will tell you about it before installation and actually all recent OSes (except XP) include a version of .NET that is compatible with CDBurnerXP.