Even with all the financial blandishments offered by Nuance to upgrade, I decided to stick with Nuance's PDF Converter 4.

After what you have said, I think it was a wise decision and I will stick with version 4, since it has not caused me any problems and does everything I want

Quentin

I should have mentioned that I reacted to Nuance's blandishments for v.5 right away and ordered a disk (rather than download) very early. I may well have had the first disk out of the gate and be what's called the index case. I suppose that most people would opt to download, but I like the ability to make a quick reinstallation that the disk provides. I wonder whether any of our colleagues here have used the disk.

Dan

I hate to seem monochromatic on this subject, but I should have mentioned in my original post that MS Outlook also began to show the same behavior (hogging 98% of the CPU) so I finally had to disable it and move to Mozilla Thunderbird. Not all of my address book survived the transfer, though, and just now I had to fire up Outlook and retrieve an address. It took >20 minutes just to get the address book on the screen, but I finally waited it out.

Then I thought I'd run Prevx, the (only) anti-virus s/w that spotted NuanceWDS, and look at Outlook. Whaddya know, my copy of Outlook is dated 7 March 2008 from Germany and exhibits all sorts of weird behavior that MicroSoft never planned. The upshot is that NuanceWDS did something nasty to the registry that turned Outlook into a mess.

Just so that you're aware.

Dan L

Dan,

First, if you look hard enough on the Internet for anything, you will find it. Having said that, it is highly unlikely that the Malware came from the CDs. In addition, Malware checkers are notorious for false positives. I don't doubt but which you had a problem with this file, but it's highly unlikely that it came from the CDs.

When I was DNS SDK Program Manager for Dragon NaturallySpeaking, I was also the release engineer for DNS. As such, I wrote the technical specifications for mastering CDs because at that point in time we did run into a problem where in the original RTM masters were not created properly.

Second, the for any product is released to manufacturing (RTM) it is run through a comprehensive check by QA (Quality Assurance). They thoroughly test the integrity of the application files and run a complete scan for viruses, Trojans, worms, and Malware. It is then passed on to the release engineer who coordinates with development and QA on the results of all testing. This is a very comprehensive process and takes about two to 3 weeks. When the release engineer passes it off as acceptable for RTM, a master disk is cut. That master disc is then hand carried to the duplicator. Professional disk duplication is unlike you're creating discs using a CD-ROM/DVD-ROM drive and associated retail software. The discs that are used for duplication are magnetic metallic. The CDs onto which they are duplicated cannot be purchased by the average user. They are a special brand of write once only CDs. They are not sold at retail and they wouldn't work in your CD/DVD burner anyway. These are specialty CDs that can only be used by professional disk duplication machines.

Third, it costs about $5,000 to create one of the magnetic metallic master discs used by duplicators. The duplicators thoroughly test the master disc that comes from the software developers in the same manner that QA does above. They tested on 10 completely different systems. In addition, they run it through a CD checker which looks for integrity issues that would cause the mastering of final CDs that are sent out to end-users to fail. The cost of a single metallic/magnetic master CD for disk duplication is about $1000. Once everything has been thoroughly checked by the duplicator (viruses , Malware, Trojans, worms, etc. ad infinitum), the duplicator then duplicates 5000 CDs and sends them back to QA for another comprehensive test, during which both the CDs and the installations are checked again. Every software developer knows that this is absolutely essential to ensure the quality of anything released for sale. You cannot get the software that did this duplicators use for checking CDs nor can you get the AV/Malware software that they use because it is not available for retail, it is expensive, and it is produced by one of the major AV software development companies strictly for use by disk duplicators. In short, the process that is undertaken before anything is boxed and sold is so comprehensive that any kind of Malware, virus, or other infection of the files contained on the CD is so highly unlikely as to be virtually impossible.

I was release engineer at L&H for 5 years and I was the one who is responsible for hand carrying all master CDs to the duplicator and spending the time with them going through this entire process doublechecking it with their engineers. Disk duplicators have too much to lose by allowing something like this to happen. They will not duplicate any CDs for resale if there is even the slightest problem. I went through this many times and I know the process thoroughly. Therefore, even if Nuance screwed up, the duplicators will not let anything slide no matter how insignificant.

Lastly, NuanceWDS.exe has nothing to do with Windows Desktop Search. The file is contained in the installation files for both OmniPage Pro 16 and PDF Converter Professional 5/PDF Converter Professional 5 Enterprise Edition. It is the OCR link executable for both.

I have read all of the Hoo Ha about this file in every source on the Internet. While someone may have taken this file and rewritten it to include Malware, or be Malware, he did not come from the CDs. I have both the pro version and the enterprise edition CDs and I took them to my duplicator friends and ran them through a comprehensive check using their software. No such Malware was found on either set. My disk duplication buddies have a copy of the Malware version of this file. We ran a side-by-side comparison using a special hex editor and the two files are distinctly different. The valid file contains only OCR references. The Malware file contains the code referenced in all of your Internet searches. Therefore, you likely got hit when accessing the Internet somewhere that downloaded a copy of this file and over wrote the original. The characteristics of this particular file (Malware) is that it writes its code into numerous executable files, including Microsoft Outlook.

The probability that this file ended up on any of the CDs for OmniPage Pro 16 or PDF Converter Professional 5/PDF Converter Professional 5 enterprise is about one in a million, and it would have to be an inside job. That is somebody from Nuance and somebody from the duplicator would have had to conspire to let this slide.

I'm running it by my Nuance developer friends and Nuance technical support to see what they find. However, I doubt seriously that it came from the CD. Nevertheless, I'm more than willing to eat my words if I find out that somebody screwed up at Nuance and/or the duplicators. However, the process of checking CDs before they ever get into the box is so comprehensive that I would be very surprised if this happened.

Additionally, there is only one master CD for each application released to manufacturing. The disk duplicators carefully store and protect that master CD. The only reason I bring this point out is that every single CD contained in every box sold at retail is mastered using the same master CD. All files contained on the master CD or stored using SourceSafe, which protects these files from accidental deletion, improper editing or changes that are not authorized, as well is from infection by ANYTHING. No one has access to these files in SourceSafe and the servers on which they are stored are protected by a very sophisticated Gateway security server. No access is allowed from any of these servers to or from the Internet. All testing is done from within what is called an "Sandbox" where the application installation and function can be tested without affecting and/or infecting any other system.

One final point. The way that Nuance configures their download files is that they extract the full set of files that are normally copied on the CD to a temporary folder. If you go to that folder, you can burn your own CD from that set of files which contain the complete install. It isn't necessary to get the CDs anyway in order to create your own.

Chuck Runquist
Former Dragon NaturallySpeaking SDK & Senior Technical Solutions PM for DNS

Logic 101: Post Hoc fallacy - Post Hoc Ergo Propter Hoc: After the fact, therefore because of the fact. The general assumption that a consequent event or observation maintains an absolute cause and effect relationship to its precedent is false on its face. While precedent and consequent events or observations may have a direct cause and effect relationships, the absolute assumption of such is invalid, and therefore false.

Thanks, Chuck, I always appreciate your authoritative comments. In this matter, I suppose that it's possible that I picked up some vagrant virus that overwrote NuanceWDS when I installed v. 5 of the converter and then went on to overwrite MS Outlook in the same way as well. I couldn't check the copy of NWDS in the cab1 folder on the CD for date, so it could well be that the Nuance CD is an innocent bystander.

That being the case, let me downgrade my alert message to Code Yellowish-orange, viz.: The Nuance CD for PDF Converter Pro 5 contains at least one program that is vulnerable to attack by a virus that only recently (7-8 March) went into circulation and is therefore not spotted by any AV software (as of today). The virus is also capable of mutating MS Outlook so that it behaves in the same pathological way, running as a background process and consuming nearly all the CPU cycles and slowing your PC by a factor of about 50. The vulnerable program was not present in earlier releases (v.4) of Nuance PDF Converter (or anywhere else I can find). Installing from a distribution CD may expose the program to the virus in some way that installation from a download does not.

Your mileage may vary, but I'd still X-ray my shoes before installing version 5.

Dan

I too am an early adopter of PDF Converter 5 and have been hit by this issue. My CPU is running at 60% capacity while I type this. I have removed PDF COnverter 5 and the problem goes away. I reinstall it and it comes back, all from the CD I got in the mail. The malware could be hiding elsewhere, but I cannot use my computer in this state. Nuance please help.

I just received a copy of v. 5 Pro and immediately started having my CPU pegged and the culprit was NuanceWDS.exe.

However I found that if I remove Windows Desktop Search (WDS) the problem goes away. The same goes if I remove v.5 and have have WDS installed performance is normal. So it appears that the issue is when both are installed.