39 total posts
(Page 1 of 2)
MSE/TechTracker .. False Positive?
It would help to know which file/s it was, and where it was located. I suggest you open a support ticket with Microsoft. They will confirm (or deny) whether it's a false positive. You can do so here:
Additionally, we have a CNET TechTracker Forum. Another member posted at the forum, stating MSE detected a couple of his files as Adware:Win32/opencandy.
I strongly urge you to open a ticket with the MSE Team, and have them analyze the file/s. There have been quite a few instances where MSE, detected Adware:Win32/opencandy in error. In the meantime, you can also upload the file to VirusTotal. It's a free online scanning service, which analyzes suspicious files. My guess would be, it's a false reading.
Let us know how you make out..
CNET TechTracker setup.exe
After reviewing the link in the other frum thread and others at MSE forums it has been submitted to both MS for review and virustotal and numerous others sites. According to virustotal MSE was the only one to detect this. I submitted the setup file to virustotal and got these results,
As you can Ikarus also detcted it and the first file submission to them was 2010.12.17.
Personaly I'm not a big fan of any software that phones home and am pretty diligent about doing my own updating.
For the most part, when a file is submitted to VT (or VirSCAN, Jotti, etc) and only one or two A/V's consider them suspicious (out of 43), it leads to a false positive reading. Not always, but most of the time. These type services will make you aware of that fact.
VirSCAN for instance, writes "Some anti-virus engines may define the files you will upload as malware, but it may turn out to be a false positive."
With ALL of the above said, I don't mean to imply it is a false positive. Only that it could be.
I have made the "powers that be" at CNET, aware of MSE's detection of TechTracker as Adware:Win32/OpenCandy.
IF this does turn out to be a false positive, the MSE Team will not address/correct the issue, if they haven't been made aware of it. It's one of the reasons, I always submit a file to vendors, and suggest other's do the same.
And personally speaking on my end, I'm NOT a big fan of software which phones home, either. I first find out the facts. If I have a problem with the software, I uninstall it.
Hope this helps..
FWIW I'm also getting Essentials detecting this. Open Candy is considered Adware and, if it exists in the setup file, CNET should give you the option to opt out (It should actually opt you out by default)
CNET TechTracker and adware detection...
Hello TechTracker Users!
We've recently become aware of an issue with part of the TechTracker installer that is causing the software to be detected by some security applications as adware.
This error is caused by the inclusion of an OpenCandy offer for additional software that's part of our installer. We are working with our partners at OpenCandy on a resolution.
We take the privacy and security of our users very seriously and will provide additional information about this issue as it becomes available.
- CNET TechTracker Support
Update: CNET TechTracker and adware detection...
Hello TechTracker Users!
I just wanted to post an update to this issue that was raised recently here in the forums. As I stated previously, we have worked with OpenCandy to address the issue of our installer being flagged as adware by some security software. We have also updated our installer so this will no longer occur. The OpenCandy component in the installer should no longer trigger adware warnings.
If you're interested in reading additional information about what happened and how the issue was resolved, you can read OpenCandy's post about it here: http://www.opencandy.com/2011/03/04/the-story-behind-the-opencandy-and-microsoft-adware-debacle/
We apologize for any confusion or inconvenience this may have caused. Thanks for your patience as we resolved the issue, and your continued use of CNET TechTracker.
- CNET TechTracker Support
Anonymous. I disagree. It's best removed.
OpenCandy still installing with CNET Tech Tracker
March 28, 2011 Just installed CNET Tech Tracker - I stopped and deleted OpenCandy 3-4 times when Microsoft Essentials Adware detector appeared, listing OpenCandy as Adware, low threat. The last time, I left the "Adware detected" window open and continued with the installation, then had the Adware detector remove OpenCandy. I came to the following conclusions: Tech Tracker will not install without OpenCandy and will not work without OpenCandy. I will uninstall immediately. This shakes my faith in the integrity of CNET.
Hmm, according to Aaron's note above this should've...
been fixed. Thanks for letting us know. I have forwarded this to the appropriate party to look into.
It's close to two months...
...Mr Koo, since you indicated that it has been forwarded to the "appropriate party". OpenCandy still exists as of today in the Techtracker installer.
cnet.aaron is misleading users.
On March 9, 2011, Cnet.Aaron said: " As I stated previously, we have worked with OpenCandy to address the issue of our installer being flagged as adware by some security software. We have also updated our installer so this will no longer occur."
One. It's not malware.
At worst, today it could be called ADVERTISING WARE.
If you continue to call it malware you may not get the attention you want.
If you research it, it's so low on the ad ware effect it's not funny.
Didn't AVG move this to a false positive or clarify it?
PS. Remember I'm leaving the research up to you so you can catch up.
No one's laughing
Make the choice.
If you don't like it, don't use it.
At least we covered that it's not malware in its current form.
So, R. Proffitt...
... rechristening it as Adware makes it all fine? Multiple antivirus programs are still flagging it as a threat - as of yesterday. And all you basically say is, "Deal with it!"
No reasoning here.
Just trying to help you give the threat level right.
Today, as it stands you will have to make a choice about Open Candy. I can't make that choice for you but hope you can get some feedback about it from those that use it.
With that out of the way I have a question,
-> Since the Open Source project Media Info uses it, you would think the the Open Source zealots would have put up quite a stink about this?
Why didn't they?
Which antivirus programs?
Thank you, Aaron...
The two AV programs that I have had this problem with are VIPRE and ESET Nod32. I believe, other users here have also indicated MSE.
... I forgot AVG, which flagged OpenCandy in the installer in my home desktop PC.
Thanks for the additional info...
We were aware of a previous problem with ESET, which should have been resolved, but may have resurfaced as a result of our recent update. I'll add VIPRE to our list for internal testing.
Yes, ESET NOD32 thinks it is ADWARE.
Now being reported in CutePDF.
OpenCandy's days may be numbered.
That makes 37 or more
I, too, was downloading techtracker, when Microsoft Security Essentials (MSE) opened a warning window. As with others, I had: Adware: Win32/OpenCandy. It may be rated Low risk, but on my system, techtracker is history!
Open Candy is now in MEDIAINFO (open source!)
It's not malware (today).
No to OpenCandy
I have counted on CNET Download for software "tested spyware free". Now I learn that CNET's own product contains spyware. I am concerned that CNET would be using OpenCandy's products.
Keep in mind.
That it's a recent find and that many are being caught with this one. CutePDF which is a fav was found with it.
Let's see how long it takes for OpenCandy to be removed or fixed.
No to OpenCandy.
Please refer to cnet.aaron's above post which states intent to use OpenCandy's services. From other readings, I had already decided that OpenCandy is not a service that I want to have anything to do with, by my own doings or someone else's. I am angry at what malware is doing and condemn anything that falls into that category, including spyware and adware, both of which this is. Here's a nice blog post that reveals what OpenCandy is: http://cranialsoup.blogspot.com/2009/05/opencandy-new-kind-of-adwarespyware.html.