Really bad idea. >:(
more info…what are you trying to say
Open Candy comes with a few ‘free’ software programs; one I know is the quite well regarded and recommended CDBurnerXP. There’s no option NOT to install Open Candy (something I hate) with the main program but, unless it has changed recently, thankfully you can easily remove Open Candy in the usual way or, better, with a software uninstaller like Revo.
The problem with Open Candy, apart from its existence in general, is that Malwarebytes and I suspect some other AV/AMs flag Open Candy as a PUP (which it is) and so the whole updater/ installer may be flagged and quarantined depending on your settings.
How the more recent AVAST versions respond to it I don’t know. A Malwarebytes scan flags up all updater/installers I have with Open Candy included. AVAST doesn’t block either the updater/installer download or report it as a PUP in any scan, at least not v.8 with the settings I use.
Which is why Malwarebytes is a good second malware scanner for any free software one may download. If it flags a free download as having any malware, just discard it and find something else to use.
See filehippo here for versions, latest one has OpenCandy, older versions do not: http://filehippo.com/download_imgburn/
Just run Imgburn whilst not online and you will not be prompted to upgrade to the latest version, 2.5.8.0, that has OpenCandy installed, and you can run older versions without issue that do not have OpenCandy installed. Unfortunately, whether OpenCandy is an optional install or is embedded within the free application (no opt-out option) is really beyond our control. It’s the vendor that is choosing to include such malware for advertising revenue, not us.
http://www.ghacks.net/2012/08/06/opencandy-explained-what-you-need-to-know-about-the-technology/
You can bypass open candy with the /NOCANDY parameter, at least it worked a month ago when I tried it.
Another option is a use an something like Ninite.com which will install stuff without crapware.
Still not sure what OpenCandy has to do with Software Updater…
The following file: Program Files/Avast Software/Avast/aswRec.dll is signed by: OpenCandy, Inc.
Think an omission (forgot to mention?) regarding where this source of information comes from is the real issue.
Are you running herdProtect? as that does (until today) detect this file as having OpenCandy within it. Detection-based on two a/v’s:
[ol]- Rising Antivirus as PE:PUF.OpenCandy!1.9DE5 (Adware)
- Reason Heuristics as PUP.OpenCandy.G (Adware)[/ol]
Heck, herdProtect forum was recommending complete removal/uninstall of avast! as recently as two weeks ago solely based on these two adware detections! ???
Running a new fresh herdProtect scan only provides inconclusive results for this file as these false detections have been removed and the digital signature for OpenCandy is expired anyway. Has been since April 2014.
Well, to put it simply enough - go to the file in the Program files directory, find the file, right-click on it and tell me who has signed it digitally - Avast or Open Candy.
Still don’t get how OpenCandy is connected to Software Updater. The file you’re talking about is digitally signed by OpenCandy, yes, but is invalid as of March 14, 2014. See attached certificate below.
You can verify the certificate by locating the file itself and clicking properties>digital signatures>certificate
How OpenCandy got to be the digital signer of this file is a question best directed to an avast! team member since we, as users like you, have nothing to do with building and constructing avast! programs.
Still leaves the original query unanswered: How did you come across this anomaly? Seems simple enough to answer.
Newest scan by herdProtect does not flag this file anymore as adware; it is a false positive. And Software Updater never flagged this file. I don’t see the connection between Software Updater and aswRec.dll and OpenCandy.
There is a thread about that in Wilders Security forums. If you uninstall the Software updater, this file goes away, disappears. So it has to be somehow related to it. And why it is there at all if its digital signature has expired? Also why is it so important where I did get this info from - the fact is a fact. I’m not expecting an explanation from you or forum members, I just wanted any info why it is like that - anyone who knows or have any info on that. I’m not saying the file is malicious or adware. Still not here, not in the Wilders thread has anyone from Avast staff given any explanation.
The “software updater” has nothing to do with Open Candy. Open Candy is piggy-backed
on the software that is downloaded. Open Candy is adware. Adware won’t be detected
even as a PUP. The best way to remove Open Candy is, as mentioned above, is by using
MalwareBytes. Uninstalling the “software updater” won’t stop Open Candy. The “software
updater” cannot stop piggy-backed software nor will it alert the user about the piggy-backed
file.
I still don’t understand how this Open Candy signed avast .dll file got in Avast folder in program files in my RC installation of Avast (and I’m talking about Internet Security version not the free one). And if Software Updater doesn’t have anything to do with the file in question - then why does it disappear when you modify your installation and remove Software Updater?
Could you supply a screenshot of the “avast” signed certificate?
If you offer proof, then I will believe you.
This is a valid question. I have this file (signed by OpenCandy) in both my installs of Avast. Avast Software Updater is still installed, but has been disabled since it was first installed. Only Avast team can answer this question, so it should be done by one of the Avast staff.
OpenCandy is integrated into SoftwareUpdater since a couple of months. We use it to offer additional software to our customers in avast Free under some conditions. It helps us paying for the traffic caused by Software Updater in Avast Free.
Unfortunately some competitive AV vendors decided to flag the OC binary as PUP. We’ll work on that and take either a decision on OC or take any other appropriate action to resolve the situation asap.
Thanks for your explanation.
Could this DLL have to do with the complaint of some users being offered updates thru Avast Software Updater that contained tag-along programs that were questionable?
+1
And why it is there at all if its digital signature has expired? Also why is it so important where I did get this info from - the fact is a fact.Thanks for the Wilders info. Wasn't aware of it. Possible to give a link to that thread? Not that this thread is about FUD, it is not, but is a reasonable query as to how this came about. What may be obvious to one is not necessarily obvious to another.
Still not here, not in the Wilders thread has anyone from Avast staff given any explanation.
I think that is our answer. This file is used to help pay for traffic for free versions of avast! Software Updater. Free isn’t free, really.
Any questions regarding why a digitally signed file is still there after the certificate is expired can be answered by four links below:
https://www.google.com/#q=digital+signature+expired+certificate
http://en.wikipedia.org/wiki/Digital_signature
http://blogs.technet.com/b/office_resource_kit/archive/2008/12/02/can-a-digital-signature-remain-valid-even-after-the-certificate-expires.aspx
http://superuser.com/questions/459985/need-a-solution-to-verifying-expired-digital-signatures
A valid and current certificate implies that the file is from who it says it is. An expired certificate simply means that the digital signature is not legally verifiable anymore but does not mean it is not from who it says it is; it is possible to have an expired certificate and have the file actually be from where it says it is from. In this case a file is still valid and is unchanged.
Maybe it is not be legally valid anymore, but also the expiration of the certificate will not make it disappear or be automatically removed from your system.
I used Avast in the past but stopped because of lots of ads.
Just downloaded avast and the update and now I see under settings/appearance “show popups offers for other Avast products” ticked by default and it cannot be unchecked unless you upgrade. Is that a new thing with this update? Does anyone know how often ads are going to be shown now? Thanks.