by: bhringer February 22, 2011 6:19 PM PST
0 people like this thread
Staff pick
Total posts: 39 (Showing page 1 of 2)
MSE/TechTracker .. False Positive?
by Carol~ 
- 2/22/11 9:05 PM
In Reply to: CNET TechTracker-Adware:Win32/opencandy by bhringer
bhringer..
It would help to know which file/s it was, and where it was located. I suggest you open a support ticket with Microsoft. They will confirm (or deny) whether it's a false positive. You can do so here:
https://support.microsoftsecurityessentials.com/?scrx=1
Additionally, we have a CNET TechTracker Forum. Another member posted at the forum, stating MSE detected a couple of his files as Adware:Win32/opencandy.
I strongly urge you to open a ticket with the MSE Team, and have them analyze the file/s. There have been quite a few instances where MSE, detected Adware:Win32/opencandy in error. In the meantime, you can also upload the file to VirusTotal. It's a free online scanning service, which analyzes suspicious files. My guess would be, it's a false reading.
Let us know how you make out..
Carol
CNET TechTracker setup.exe
by bhringer - 2/23/11 12:57 AM
In Reply to: MSE/TechTracker .. False Positive? by Carol~
After reviewing the link in the other frum thread and others at MSE forums it has been submitted to both MS for review and virustotal and numerous others sites. According to virustotal MSE was the only one to detect this. I submitted the setup file to virustotal and got these results,
http://www.virustotal.com/file-scan/report.html?id=46ea2594a23b01ce0e94d5f74aa3fa979182a3575e730856b8df8b3f31c4b0f1-1298436542
As you can Ikarus also detcted it and the first file submission to them was 2010.12.17.
Personaly I'm not a big fan of any software that phones home and am pretty diligent about doing my own updating.
VirusTotal Results..
by Carol~ - 2/23/11 7:26 AM
In Reply to: CNET TechTracker setup.exe by bhringer
For the most part, when a file is submitted to VT (or VirSCAN, Jotti, etc) and only one or two A/V's consider them suspicious (out of 43), it leads to a false positive reading. Not always, but most of the time. These type services will make you aware of that fact.
VirSCAN for instance, writes "Some anti-virus engines may define the files you will upload as malware, but it may turn out to be a false positive."
With ALL of the above said, I don't mean to imply it is a false positive. Only that it could be.
I have made the "powers that be" at CNET, aware of MSE's detection of TechTracker as Adware:Win32/OpenCandy.
IF this does turn out to be a false positive, the MSE Team will not address/correct the issue, if they haven't been made aware of it. It's one of the reasons, I always submit a file to vendors, and suggest other's do the same.
And personally speaking on my end, I'm NOT a big fan of software which phones home, either. I first find out the facts. If I have a problem with the software, I uninstall it.
Hope this helps..
Carol
CNET TechTracker and adware detection...
by cnet.aaron 
- 2/23/11 5:43 PM
In Reply to: CNET TechTracker-Adware:Win32/opencandy by bhringer
Hello TechTracker Users!
We've recently become aware of an issue with part of the TechTracker installer that is causing the software to be detected by some security applications as adware.
This error is caused by the inclusion of an OpenCandy offer for additional software that's part of our installer. We are working with our partners at OpenCandy on a resolution.
We take the privacy and security of our users very seriously and will provide additional information about this issue as it becomes available.
- CNET TechTracker Support
Update: CNET TechTracker and adware detection...
by cnet.aaron - 3/9/11 11:15 AM
In Reply to: CNET TechTracker and adware detection... by cnet.aaron
Hello TechTracker Users!
I just wanted to post an update to this issue that was raised recently here in the forums. As I stated previously, we have worked with OpenCandy to address the issue of our installer being flagged as adware by some security software. We have also updated our installer so this will no longer occur. The OpenCandy component in the installer should no longer trigger adware warnings.
If you're interested in reading additional information about what happened and how the issue was resolved, you can read OpenCandy's post about it here: http://www.opencandy.com/2011/03/04/the-story-behind-the-opencandy-and-microsoft-adware-debacle/
We apologize for any confusion or inconvenience this may have caused. Thanks for your patience as we resolved the issue, and your continued use of CNET TechTracker.
- CNET TechTracker Support
EULA.
by R. Proffitt - 3/9/11 2:25 PM
In Reply to: Update: CNET TechTracker and adware detection... by cnet.aaron
Anonymous. I disagree. It's best removed.
OpenCandy still installing with CNET Tech Tracker
by jandrwright - 3/28/11 4:35 PM
In Reply to: Update: CNET TechTracker and adware detection... by cnet.aaron
March 28, 2011 Just installed CNET Tech Tracker - I stopped and deleted OpenCandy 3-4 times when Microsoft Essentials Adware detector appeared, listing OpenCandy as Adware, low threat. The last time, I left the "Adware detected" window open and continued with the installation, then had the Adware detector remove OpenCandy. I came to the following conclusions: Tech Tracker will not install without OpenCandy and will not work without OpenCandy. I will uninstall immediately. This shakes my faith in the integrity of CNET.
Hmm, according to Aaron's note above this should've...
by Lee Koo (ADMIN) - 3/29/11 8:35 AM
In Reply to: OpenCandy still installing with CNET Tech Tracker by jandrwright
been fixed. Thanks for letting us know. I have forwarded this to the appropriate party to look into.
Thank you!
-Lee
It's close to two months...
by suirauqa - 5/23/11 5:15 PM
In Reply to: Hmm, according to Aaron's note above this should've... by Lee Koo (ADMIN)
...Mr Koo, since you indicated that it has been forwarded to the "appropriate party". OpenCandy still exists as of today in the Techtracker installer.
Really? It takes that long to resolve an issue as serious as this?
cnet.aaron is misleading users.
by suirauqa - 5/23/11 5:12 PM
In Reply to: Update: CNET TechTracker and adware detection... by cnet.aaron
On March 9, 2011, Cnet.Aaron said: " As I stated previously, we have worked with OpenCandy to address the issue of our installer being flagged as adware by some security software. We have also updated our installer so this will no longer occur."
Aaron is misleading people. I tried installing the new techtracker just now and AVG 2011 gave me the warning about OpenCandy. Three days earlier, I got the same warning from VIPRE at my work computer upon trying to install the new techtracker.
It is shameful that CNET's own software contains malware, but it is even more reprehensible that a CNET representative is trying to mislead users about its existence. More than two months since Aaron's reply - and CNET hasn't done a damn thing about this malware. Beyond ridiculous.
One. It's not malware.
by R. Proffitt - 5/24/11 8:40 AM
In Reply to: cnet.aaron is misleading users. by suirauqa
At worst, today it could be called ADVERTISING WARE.
If you continue to call it malware you may not get the attention you want.
Bob
(NT) ADVETISING WARE=adware
by bhringer - 5/24/11 1:23 PM
In Reply to: One. It's not malware. by R. Proffitt
And?
by R. Proffitt - 5/24/11 1:26 PM
In Reply to: (NT) ADVETISING WARE=adware by bhringer
If you research it, it's so low on the ad ware effect it's not funny.
Didn't AVG move this to a false positive or clarify it?
Bob
PS. Remember I'm leaving the research up to you so you can catch up.
Make the choice.
by R. Proffitt - 5/25/11 9:44 AM
In Reply to: (NT) No one's laughing by bhringer
If you don't like it, don't use it.
At least we covered that it's not malware in its current form.
Bob
So, R. Proffitt...
by suirauqa - 5/24/11 3:32 PM
In Reply to: One. It's not malware. by R. Proffitt
... rechristening it as Adware makes it all fine? Multiple antivirus programs are still flagging it as a threat - as of yesterday. And all you basically say is, "Deal with it!"
Your reasoning eludes me.
No reasoning here.
by R. Proffitt - 5/24/11 3:36 PM
In Reply to: So, R. Proffitt... by suirauqa
Just trying to help you give the threat level right.
Today, as it stands you will have to make a choice about Open Candy. I can't make that choice for you but hope you can get some feedback about it from those that use it.
With that out of the way I have a question,
-> Since the Open Source project Media Info uses it, you would think the the Open Source zealots would have put up quite a stink about this?
Why didn't they?
Bob
Which antivirus programs?
by cnet.aaron - 5/25/11 2:27 PM
In Reply to: So, R. Proffitt... by suirauqa
Hi suirauqa,
Thanks for taking to time to comment on the issue. Could you let us know what AV programs are reporting that it's a threat?
We try to monitor these situations very closely, and work with security software publishers on a daily basis to ensure we're up to date. We've reported the false positive to AVG, along with our partners at OpenCandy and expect a resolution shortly.
Any additional information you can provide to help us address the issue is greatly appreciated. Thanks again for taking the time to participate in the conversation.
Aaron Smith
Product Manager
CNET TechTracker
Thank you, Aaron...
by suirauqa - 5/25/11 7:06 PM
In Reply to: Which antivirus programs? by cnet.aaron
The two AV programs that I have had this problem with are VIPRE and ESET Nod32. I believe, other users here have also indicated MSE.
Now being reported in CutePDF.
by R. Proffitt - 2/24/11 12:51 PM
In Reply to: CNET TechTracker-Adware:Win32/opencandy by bhringer
OpenCandy's days may be numbered.
That makes 37 or more
by rhabdomantist - 2/24/11 10:46 PM
In Reply to: Now being reported in CutePDF. by R. Proffitt
There were 36 reported as of February 19,
http://cranialsoup.blogspot.com/2009/05/opencandy-new-kind-of-adwarespyware.html
Open Candy is now in MEDIAINFO (open source!)
by R. Proffitt - 5/24/11 8:41 AM
In Reply to: Now being reported in CutePDF. by R. Proffitt
It's not malware (today).
Keep in mind.
by R. Proffitt - 3/2/11 10:08 PM
In Reply to: No to OpenCandy by SMStallings48b
That it's a recent find and that many are being caught with this one. CutePDF which is a fav was found with it.
Let's see how long it takes for OpenCandy to be removed or fixed.
Bob
Total posts: 39 (Showing page 1 of 2)
Unread
Read
Locked thread
Moderator
CNET Staff
Samsung Staff
Norton Authorized Support Team
AVG Staff
avast! Staff
Webroot Support Team
Acer Customer Experience Team
Windows Outreach Team
Dell Staff
Intel Staff
Question
Resolved question
General discussion
Tip
Alert or warning
Praise
RantYou are e-mailing the following post: Post Subject
You are reporting the following post: Post Subject
You are posting a reply to: Post Subject
Manage updates with the Download App