Malware bundled with download

The installer that I downloaded today included some junk with it. I immediately uninstalled the junk, but it didn't revert all the settings it changed. For example, in Chrome it changed the homepage to "safesearch", changed the default page to "safesearch", changed new tabs (this is different) to "safesearch", changed the default search engine to "safesearch", and removed Google from the list of search engines (it didn't just add itself, it actually removed Google). It did similar stuff to IE. With such nefarious activitiy I fear what else it may have done to the computer.

This experience completely destroyed my trust in PDFCreator. I will no longer use it myself or recommend it to others. I now feel obligated to warn anyone who may be using it because I recommended it to them. There are many other free PDF programs out there that do not bundle anything let alone malware.

Avast detected the presence of Malware in this installer, pointing to a php script.  I too, am not enthused about the presence of such material in the installer.  A clean, unencumbered installer means tha I do not need to worry about what is being installed on our network, esp. if someone else completed the upgrade and is not aware of what extra is being installed.  Please remove the bloatware.

I had the same issue.  I use ESET NOD32 and it reported the following:

8/4/2012 4:31:36 PM Real-time file system protection file P:\\temp\\SYSTEM\ scAEC9.tmp\\InstallManager.exe Win32/InstallMonetizer.AB potentially unwanted application unable to clean xxx Event occurred on a new file created by the application: P:\\temp\\SYSTEM\\is-41GV0.tmp\\MStub_5874.exe.

I, of course, DECLINED the included software, but it was caught at the stage when it was decompressed to execute.  I always download directly from the pdfforge site.

Do you guys pre-scan any and all files before prepping for download?  I assume you do as not every detector will catch everything, especially those false-positives.

Hi,

 

if you downloaded it from here or from sourceforge, the bundeled software was optional and could have been deselected during the setup. Did you uninstall it via Windows Control Panel?

 

 

regards,

 

Robin

 

 

I also just wasted several hours trying to remove ChatZum and undo the damage left by a 'safesearch' browser hijack. Was this you guys ? All I did was download and install an upgrade for PDF Creator.

There was no, or no obvious opportunity to de-select any add-ons, as if any sane person would willingly invite this on themselves. It screwed up each of my Firefox, IE and Chrome installations and left all sorts of garbage throughout my registry.

I understand that you want to make money from your software, but this is dreadful and if truly down to you, screams unprofessional behaviour. I also will no longer recommend PDF Creator to anyone.

The software was downloaded from sourceforge.

The first thing I did was run the uninstaller from add/remove programs in the control panel.

The Chatzum user agreement states that removing it from add/remove programs only removes it from IE. After that you have to remove it separately from Firefox and Chrome. Although after doing this I still had to manually fix many things. This is not acceptable.

I'm simply letting the developers know that the bundled software is driving people away.