CamStudio

CamStudio is an open-source screencasting program for Microsoft Windows released as free software. The software renders videos in an AVI format. It can also convert these AVIs into Flash Video format, embedded in SWF files. CamStudio is written in C++, but CamStudio 3 will be developed in C#. The program has distributed malware and harmful viruses via the installer.

History
The original CamStudio was released as an open source product by RenderSoft software in October 2001. The source code license was converted to the GNU General Public License in December 2002 with release 1.8. The Source code of versions 1.0, 1.4 and 2.0 are still available at SourceForge.

In 2003, the company was acquired by eHelp Corporation who owned a competing product called RoboDemo (now called Adobe Captivate  ). eHelp Corporation released an updated version as CamStudio 2.1 under a proprietary software license only and removed the ability to create SWFs. A succession of acquisitions led to the company being owned by Adobe.

Development of CamStudio 2.0 (the last open-source version) was resumed and released as free software again in September 2007 with the CamStudio 2.5 Beta 1 release. Accordingly, it was re-branded as CamStudio Open Source.

CamStudio 3 is a complete rewrite of the project in the pre-alpha stages of development as of April 19, 2010.

Malicious software
There have been ongoing reports about malicious code contained in some binaries of the software. In 2013, Google-run website VirusTotal declared that CamStudio contains malicious software, where most anti-virus programs detected Artemis Trojan in CamStudio installer file. In January 2014, the binary on the webpage was reported to be infected with the trojan, Artemis!0FEA2B12900D.

In March 2016, the developers of CamStudio reported via forum post that the ad wrapper in the CamStudio installer had been removed and that it no longer offers third-party software or installs malware; however, they did not provide evidence of independent verification in the post. In a VirusTotal analysis of the installer acquired from the official download URL on 10 August 2016, AVware, Dr. Web and VIPRE antivirus tools said it was infected with "InstallCore" while the remaining 51 said it was clean.

A VirusTotal analysis of the installer acquired from the official download URL on 14 February 2017, 31 out of 55 antivirus tools reported malicious content, mostly showing InstallCore.

A second analysis of the installer acquired from the official download URL on 8 March 2017, 17 out of 60 antivirus tools reported malicious content, mostly showing InstallCore.

In 2019, the installer was still infected, being detected by 22 out of 68 engines. As of 23 September 2019, the installer offered via SourceForge appears to be finally virus-free.

As of 10 March 2020, the installer offered via the official website was reported to be infected by 20 out of 70 engines and the download URL was reported malicious by ESET engine.

As of 2022, the installer offered via the official website was reported as malware by just 2 of 93 scanners.