News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Warning re: IMGBURN

    Posted on Rick Corbett Comment on the AskWoody Lounge

    Home Forums Code Red – Security/Privacy advisories Warning re: IMGBURN

    Tagged: ,

    This topic contains 14 replies, has 9 voices, and was last updated by  anonymous 5 days, 4 hours ago.

    • Author
    • #1904058 Reply

      Rick Corbett

      It’s been a while since I had to copy a DVD but yesterday I was given a case of 30 DVDs and asked to copy them all as a rush job.

      As per usual I downloaded/installed ImgBurn from its parent website and began copying. I’ve used ImgBurn for years and have always rated it as a great utility.

      This morning I found that Malwarebytes Premium had flagged the installer as malware (Windows Defender didn’t raise any warning):


      I forwarded the installer to VirusTotal and it lit up like a Christmas tree:


      I’ve registered with ImgBurn to alert its developer and will post back with any reply.

      Hope this helps…


      6 users thanked author for this post.
    • #1904104 Reply

      AskWoody MVP

      Clean version here in case you want it, Rick:

      VT result: 1 detection of ‘unsafe’ from Cylance (whatever product that is, added in the last ~14 hours).

      2 users thanked author for this post.
      • #1905554 Reply

        Rick Corbett

        Thanks, mate. It’s too late for current installation but appreciated anyway. Sorry for late reply… getting car ready for sudden drive to Munich day after tomorrow.

        1 user thanked author for this post.
    • #1904126 Reply

      AskWoody Lounger

      It’s been bundled with PUP’s for as long as I can remember.
      Just have to be careful of what you’re clicking on when installing it but otherwise you should be fine.

      The one off MajorGeeks is also clean, with no OpenCandy.

      Editor’s Note:
      This is a clean, no OpenCandy version.

      2 users thanked author for this post.
      • #1905555 Reply

        Rick Corbett

        The installation shows no indication of PUPs either during the install nor afterwards. No ‘opt-outs/ins’ of additional software, no pre-ticked checkboxes, nada, zilch.

    • #1904127 Reply

      AskWoody Lounger

      Many installers trigger Malmarebytes. Axcrypt is another.

    • #1904193 Reply


      ImgBurn does work with Windows 10, even though Imgburn’s logs “mis-identify” Win10 as Windows 8, 6.2 build 9200

    • #1904261 Reply

      AskWoody Plus

      Yes, I abandoned ImgBurn some time ago after the vendor began to incorporate various PUPs.

      FWIW, I have been quite pleased with CDBurner XP; a few days or so after each new version is released, they provide a “clean” executable for installation (I use the portable version, which is always clean) — (click on “More download options”).  Perhaps this will meet your needs.



      1 user thanked author for this post.
    • #1905583 Reply

      Carl D
      AskWoody Lounger

      ImgBurn is a great program and I’ve been using it for years.

      But, I’ve always been amused (from reading the ImgBurn forums) by the author’s attempts to deny that people were having issues with PUP’s being installed with version (caused by the allegedly defunct OpenCandy, although rumour has it that OpenCandy just changed their name and they’re still in business. Not too sure?).

      Someone was still having an issue as recently as July this year:

      And again, denial from the author – the issue in fact appeared right from the first release of back in 2013. His forum is literally littered with complaints since then.

      Anyway, another good way to get a clean install of ImgBurn (and other programs) is Ninite:

      ImgBurn is under ‘Utilities’.


      1 user thanked author for this post.
    • #1905592 Reply

      Carl D
      AskWoody Lounger


      you’ll probably get the same denial about PUP’s from the developer as everyone else has been getting since 2013 (if you get a reply at all).

      (I was going to edit my first post to add this but the Edit option has gone. How long does the Edit option remain available for now? Used to be an hour or several hours from memory but it was just under half an hour when I came back to add this and I’m too late?).

      • #1905593 Reply

        AskWoody Plus

        You now have 15 minutes to edit a post.

        Group G{ot backup} Win7Pro · x64 · SP1 · i3-3220 · TestBeta · Microsoft Security Essentials
        1 user thanked author for this post.
    • #1907870 Reply

      Rick Corbett

      OK, I’m back from 1600+ miles round-trip and can now deal with the Malwarebytes Premium (MBAM) warning re: the IMGBURN installer.

      My previous post showed no detection of add-ons.

      I was wrong.

      The IMGBURN installer from the IMGBURN parent site dropped the following 3 registry keys:


      Examination of those 3 registry keys show no end of apparently obfuscated data gathering but no links that I could see to any executables.

      Whatever… I deleted them all.

      • #1907879 Reply

        Rick Corbett



        • #1907896 Reply

          Rick Corbett

          My mistake…

          HKU = HKEY_USERS


          Sorry I couldn’t correct earlier but, unlike many other sites, AskWoody only allows a 15 minute edit window in order to fix your mistakes.

    • #1908059 Reply


      You can turn on Defender scanning for PUPs (or PUAs, as MS calls them) using group policy or powershell.  This howtogeek article elaborates the powershell method.  Note, it’s not enough to simply enable the group policy, you also have to select ‘block’ in the pulldown.



    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Warning re: IMGBURN

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.