What developer with any brain would allow a third party bunch of scumbags to install anything along with their product without knowing in advance what is being offered? WHATEVER the reason in this instance the fault lie absolutely 100% at the door of IMGBURN The installer came direct from ImgBurn's server not a mirror site.Įither OpenCandy has been hacked (and is now servicing stuff even it doesn't know about and what a great vector that would be for hackers), OpenCandy are lying and doing stuff that they explicitly say they don't do or ImgBurn is lying and doing something it says it isn't. I opted out of everything it was possible to opt of and there WAS ABSOLUTELY NO REFERENCE TO CONDUIT ANYWHERE but Conduit got installed. When had the initial install problem I went through custom install - I knew OpenCandy was going to be in there somewhere but I was also under the impression you could opt out. Also I wouldn't be at all surprised if even when OC offers an opt-out that some of the stuff installed via OC ('by permission') will install further junk that doesn't get an opt-out option. OC offers an opt-out, but are relying on people to not understand what's happening. I still don't like it because the offers always seem to be for junk that no informed user would want. I will say that the OpenCandy offers did seem to always have an opt-out.
I eventually found something that had the Search Protect installer packaged with the software rather than as an OpenCandy offering (I forget what software that was).Īnyway, the point is that when OpenCandy is used, there's no telling what might be offered. Most of the stuff I could find that installed Search Protect used OpenCandy, but when I wanted to test the Search Protect install, I'd only rarely get it "offered". This made it difficult for me to run some tests to see if some anti-malware I was evaluating would be effective against Conduit Search Protect. Yup - one of the attributes of OpenCandy is that what it decides to offer to install is dynamically generated. I wouldn’t install any version released later than that.īTW, 2.5.7.0 had no reference to OC within the installer package. So to me it appears that 2.5.0.0 was the last clean version of ImgBurn. Temp directory contains ApnIC.dll, ApnStub.exe, and Apn Toolbar Installer.exe - all Ask Toolbar related.
Plugins directory contains ImgBurn DLLs and images plus Ask toolbar. Install directory contains a folder named Uniblue that has three files: DriverScanner, RegistryBooster, and SpeedUpMyPC. Main folder contains three subfolders: Install directory, Plugins directory, and Temp directory Plugins contains DLLs and images pertaining to ImgBurn only.
Installer for ImgBurn in the main folder, plus two subfolders, for Plugins and Sounds. Sooo, I extracted the contents of both using UniExtract and found the following: I happen to have two setups for ImgBurn on my computer, and the size difference is telling: Now the finger is likely to point at me if those people's computers get infected when ImgBurn offers an update. What really gets my blood boiling is that I have both donated to ImgBurn in the past and have recommended it widely to other people (and asked them to donate too).
If they put it in the installation package then then are actually now distributing malware - if it came from OpenCandy without warning then ImgBurn is still to blame for making a pact with the devil!! The only people to blame for that arrival was ImgBurn since one way or another it came from their installer. To be honest I am not sure if Conduit came from OpenCandy (there was definitely no opt out option during installation in custom install mode - it wasn't mentioned anywhere except by Malwarebytes popping up hundreds of warnings) or directly within the package I downloaded.Īt the end of the day it doesn't really matter to me how it arrived - the fact is it arrived and was bloody annoying. I think you misunderstood - if I have to have OpenCandy try and foist crap on on me why can't Open Candy say to me - here is the crap we are offering.