I've found two different computers with a Price(Something) PUP .dll in a temp directory, that I recently reformatted and put Windows 7 64-bit SP1 on.
I'm mildly concerned. I'm using up-to-date software, and the only things I have installed, when I freshly re-install Win7, is, I download:
Waterfox (
https://www.waterfoxproject.org/)
Malwarebytes (
http://www.malwarebytes.org/ -> redirect to
www.malwarebytes.com)
CPU-Z (seached for it, but I always go to the "Official site", cpuid.com)
Crystal Disk Mark (searched for it, but I always go to "Crystal Dew World" - official homepage / site)
And then sometimes, ImgBurn (
http://www.imgburn.com, scroll down to download link in news section, download from the imgburn.com mirror, always deny PUP installation when prompted)
But I'm wondering if I'm getting it from a drive-by JavaScript ad, possibly on this site, because in the same temp directory, there's an osutils.vbs script in another sub-directory, and something looks like it was downloading "payloads" into little sub-dirs.
Edit: I always get the .ZIP standalone version of CPU-Z and CDM, and unzip them manually into my Downloads directory.
This is a VERY recent happening, too, last week pretty-much. Because I was doing a bunch of test installs the last few weeks of Win10 on my 3rd Skylake rig, to test out various SSDs and benchmark them. One of the benchmarks that I do is a Malwarebytes scan, which normally comes up clean, unless I've downloaded ImgBurn, then it finds the "OpenCandy" PUP in the installer, usually. But this is different.
Edit: And I DON'T install Flash Player, or Java.
Edit: The reason that I think that it might be a drive-by ad from this site, is, I've recently stopped installing NoScript, because it seems to break some pages (even with an "allow all"). So I've been seeing ads on this site.