Jump to content

ImgBurn Support Forum uses cookies. Read the Privacy Policy for more info. To remove this message, please click the button to the right:    I accept the use of cookies

Photo

ImgBurn 2.5.8.0 Setup file is now officially confirmed as a virus by Avira AntiVir



  • Please log in to reply
3 replies to this topic

#1 c627627

c627627

    ISF Newbie

  • Members
  • Pip
  • 4 posts
  • Location:Kansas

Posted 16 November 2015 - 02:33 PM

    [0] Archive type: NSIS
    --> [PluginsDir]/OCSetupHlp.dll
        [DETECTION] Contains patterns of software PUA/OpenCandy.Gen
        [WARNING]   Infected files in archives cannot be repaired

 

I immediately submitted this as a false positive and requested Avira remove this designation immediately.

I just got a reply this morning. They are not removing the virus designation.

 

I have the Setup file in way too many places to zip and password protect them all, thereby not allowing them to be scanned by antivirus engines.

I will eventually do that but if you guys wanted to do something about this, Avira has one of the best freeeware antivirus engines, it is a *very* popular freeware antivirus program, I post in multiple computer forums and base my opinion on its popularity on that. Good luck, I hope you figure this out, this just started happening recently....

 

Dear Sir or Madam,

Thank you for your email to Avira's virus lab.

 

A listing of files alongside their results can be found below:

File ID Filename Size (Byte) Result 28656078 SetupImgBurn_2580.exe 3.31 MB RISK

Please find a detailed report concerning each individual sample below:

Filename Result SetupImgBurn_2580.exe RISK

The file 'SetupImgBurn_2580.exe' has been determined to be 'RISK'. Our analysts named the threat PUA/OpenCandy.Gen. This class of detection flags, Potentially Unwanted Applications (PUA), may compromise the user’s privacy and the security of the local system.
These are legitimate applications that often try to use social engineering to make the user install additional offers during the installation of the software the user originally wanted.
A PUA classification of an application is the result of software, an advert or a website exhibiting one or more offending behaviors and/or properties. A full PUA list is available at http://www.avira.com/en/potentially-unwanted-applications.
This detection doesn't mean that the file is malicious. However, if the file was installed on the system without the user's knowledge, the user’s privacy or system secur ity might be compromised.
Disabling this detection is only recommended for advanced users that understand the risks and how to use these applications. This file is detected by a special detection routine from the engine module.

Alternatively you can see the analysis result here:
https://analysis.avira.com/en/status?uniqueid=BUD4b376sJtU9B...sIpktLOgBIx&incidentid=1949650

An overview of all your submissions can be found here:
https://analysis.avira.com/en/overview?uniqueid=BUD4b376sJtU9B8GkLFGCsIpktLOgBIx


Please note: If you have specific questions, please visit our website http://www.avira.com/en/support for further details.

Kind regards
Avira Virus Lab

---------------------------------------------
Avira Operations GmbH & Co. KG
Kaplaneiweg 1, 88069 Tettnang, Germany
Phone: +49 (0) 7542-500 0
Fax: +49 (0) 7542-500 3000
Internet: http://www.avira.com

CEO: Travis Witteveen
Headquarter: Tettnang
Commercial register: AG Ulm HRB 630992


Edited by c627627, 16 November 2015 - 02:34 PM.


#2 strachan

strachan

    ISF Newbie

  • Members
  • Pip
  • 3 posts

Posted 16 December 2015 - 01:03 AM

Never got a notice from Norton or Avast about a virus.



#3 drumphil

drumphil

    ISF Newbie

  • Members
  • Pip
  • 8 posts

Posted 16 December 2015 - 05:16 AM

The reason they wont remove the virus designation is because opencandy is indeed malware, that deliberately uses deceptive tactics (like greyed out boxes, designed to look like you can't click on them) to trick people into installing software they don't want.

 

Lightning UK, the author of Imgburn, knows this, but refuses to do anything about it, or even admit that he is now helping distribute malware. He is apparently happy to take a cut of the money made by deceiving people.

 

 

From the response you recieved:

 

"These are legitimate applications that often try to use social engineering to make the user install additional offers during the installation of the software the user originally wanted.
A PUA classification of an application is the result of software, an advert or a website exhibiting one or more offending behaviors and/or properties."

 

http://www.avira.com/en/potentially-unwanted-applications

 

 

Tell me, what possible reason can you think of to grey out the boxes people need to click to avoid the instalation of software they don't want, other than to decieve them into thinking they have no choice?

 

They do this so that they can trick as many people as possible, while deflecting criticizm by saying "hey, technically you could opt out, if you realized you could click the options we greyed out so you would think you couldn't click them"

 

Their business is to trick as many people as possible, while avoiding prosecution, and having a bunch of clueless people defend them on the basis of the fact that you can technically avoid their offers.


Edited by drumphil, 16 December 2015 - 05:28 AM.


#4 Gim

Gim

    ISF Newbie

  • Members
  • Pip
  • 13 posts

Posted 22 December 2015 - 02:08 PM

Opencandy is crap and they are telling the truth. It seems OP has trouble reading, as they clearly state as much in the reply he posted.

If imgburn would STOP bundling their software with UTTER SHIT then perhaps they'd have a more favourable review.

I'd rather pay than have a malware installer...like a lot of folk.






1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users