Deceptive download sites

Layback Bear · 17 Jan 2015

I have found that the less people who know you can fix PC's the happier you will be.

DavidE · 17 Jan 2015

I wish i had 3 brain cells

whs · 17 Jan 2015

DavidE said:

I wish i had 3 brain cells

You could be multitasking, LOL

r00tb33r · 17 Jan 2015

I have to say, SourceForce really took me by surprise when I was downloading FileZilla FTP client. Really does a disservice to the credibility of the site. I understand that they have to make money to host all those projects for free, but there "no-no" things out there, and bundleware downloaders/installers are one of those things.

Shimshom · 17 Jan 2015

besides always looking for the original download link if available I test all downloads on another computer before installing on my main one. Seems to save a lot of problems

Callender · 17 Jan 2015

So here's a funny thing:

Here’s What Happens When You Install the Top 10 Download dot com Apps

The only issue that I have is - when using direct download links or going to the manufacturer's site to get the download - finding out that the software comes bundled with toolbars. I tend to scan any download link before downloading the file and scan the download once complete. Then monitor the install.

andrew129260 · 18 Jan 2015

Alejandro85 said:

The "portable programs are also an interesting alternative. If you're not forced to enter your admin password into an UAC box there is no chance of installing anything in the computer.

I politely disagree, malware can easily bypass uac. And portable programs can still do damage. They are less of a risk though.

It is getting ridiculous that you need a tool like unchecky and virtual machines to prevent crap from installers and to test "new" software before installing it to see what will happen. This is why I am seriously considering moving to Linux soon, and having windows in a vm instead of the other way around. That way I can easily roll back the vm much quicker then a system image.

whs · 18 Jan 2015

This is why I am seriously considering moving to Linux soon, and having windows in a vm instead of the other way around. That way I can easily roll back the vm much quicker then a system image

If you have no special hardware that requires native support, that is a good idea.

Alejandro85 · 18 Jan 2015

andrew129260 said:

Alejandro85 said:

The "portable programs are also an interesting alternative. If you're not forced to enter your admin password into an UAC box there is no chance of installing anything in the computer.

I politely disagree, malware can easily bypass uac. And portable programs can still do damage. They are less of a risk though.

Good point and certainly true. UAC can be bypassed easily, but only at the default configuration, proper security settings can mitigate that bug (bug that MS knows and refuses to fix).
Portables can do damage, yes, very true, I was thinking in system-wide changes that are prevented so. BTW, that makes me remember this xkcd comic. There we have 2 extra mitigation measures, running with low integrity or run as another user so that programs lose access to our data, that UAC will of course not protect.
It could be an interesting discussion and a lot of options exist, but that's another history

Layback Bear · 18 Jan 2015

A little something I do.

When I decline the crapware, with pen and paper I wright down what was offered. When done with the downloads and scans I do a search for all the things that were offered just to make sure they didn't sneak in..

I have had some things sneak in even when I have declined them.
After my many scans I use regedit and Everything Search to hunt them down. I'm not going to build another computer just for testing and hunting down crapware before I install them on my other computers.

Deceptive download sites

We installed the top 10 apps from Download dot com