Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I need an installer inspector!!!!!!!!!


  • Please log in to reply
9 replies to this topic

#1 errolgibbs

errolgibbs

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Santa Rosa; California
  • Local time:12:08 AM

Posted 28 March 2014 - 08:31 PM

Ok Here’s what I need. :tophat: 
 
When installing free software I download a file. But it is not the program, it’s an installer. Scanning it for malware does no good as it is not the program itself. :devil: 
 
When you click on it to install the program you want, it accesses the internet and down loads the program along with other unwanted programs. That’s ok as long as it’s legit and I can opt out of the unwanted programs. :warrior: 
 
How ever if it contains malware you are screwed. :devil: 
 
I need an anti virus program that will watch the download and stop that virus or notify me of it. :smash: 
 
I recently downloaded a nasty bug but did not activate it. Even though I avoided activating it, it was still hard to remove. Had I activated it, well Yikes. :bounce: 
 
Any help, will be, by me appreciated.
 
Vaya Con Dios
Errol

Edit: Moved topic from Windows XP to the more appropriate forum.~ Animal

BC AdBot (Login to Remove)

 


#2 Crazy Cat

Crazy Cat

  • Members
  • 808 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Lunatic Asylum
  • Local time:07:08 PM

Posted 29 March 2014 - 01:19 AM

Are you some alter-ego/reincarnation of James T Kirk?? http://www.bleepingcomputer.com/forums/u/789510/james-t-kirk/
 

Two things are infinite: the universe and human stupidity; and I'm not sure about the universe. ― Albert Einstein ― Insanity is doing the same thing, over and over again, but expecting different results.

 

InternetDefenseLeague-footer-badge.png


#3 errolgibbs

errolgibbs
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Santa Rosa; California
  • Local time:12:08 AM

Posted 29 March 2014 - 05:55 AM

Crazy Cat

What the

#4 Union_Thug

Union_Thug

    Bleeps with the fishes...


  • Members
  • 2,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:is everything
  • Local time:02:08 AM

Posted 29 March 2014 - 06:10 AM

Are you some alter-ego/reincarnation of James T Kirk?? http://www.bleepingcomputer.com/forums/u/789510/james-t-kirk/

 

Huh? I'm corn-foozed. eek.gif



#5 Romeo29

Romeo29

    Learning To Bleep


  • Members
  • 3,194 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:02:08 AM

Posted 29 March 2014 - 06:46 AM

I can think of three things off the top of my head for installers that download files from the internet:

 

1. Use an antivirus capable of scanning web traffic like ESET or avast!. This way all the data downloaded from HTTP conncections is scanned. This covers most of downloads but if the program uses FTP, HTTPS or some other protocol then it can skip detection

 

2. Run the installer in Sandboxie first (if the installer wants admin access, quit). This way even if it downloads malicious code from the net, it will stay in Sandboxie.

 

3. Install the program in VirtualBox first. I personally use this method to check new programs. Whatever happens in VirtualBox Guest OS, stays there. After installation of whatever you want, scan your Guest OS in VirtualBox with ESET Online scanner and Malwarebytes AntiMalware. Upload downloaded files to VirusTotal and so on....



#6 Union_Thug

Union_Thug

    Bleeps with the fishes...


  • Members
  • 2,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:is everything
  • Local time:02:08 AM

Posted 29 March 2014 - 07:24 AM

...I was going to suggest scanning the installer with ESET's Online scanner (IME seems to be the best & only scanner to consistently detect malware bundled with an installer, YMMV)



#7 Romeo29

Romeo29

    Learning To Bleep


  • Members
  • 3,194 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:02:08 AM

Posted 29 March 2014 - 02:13 PM

...I was going to suggest scanning the installer with ESET's Online scanner (IME seems to be the best & only scanner to consistently detect malware bundled with an installer, YMMV)

 

Yes, I have noticed it too. ESET is very good at detecting all questionable software like PUPs and bundled malware. It always flags my mIRC client as PUP.

But here the installer is just a bootstrap web installer. It further downloads files from the internet. So the malware is not actually bundled.



#8 errolgibbs

errolgibbs
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Santa Rosa; California
  • Local time:12:08 AM

Posted 29 March 2014 - 03:22 PM

I sincerely appreciate all the extremely use full information you guys have provided here.

 

 

I cannot afford Eset at this time but will give sandboxie a try.

 

 

You have all been very helpful. Well most of ya’ll. :hysterical:

 

 

Vaya Con Dios

 

Errol



#9 Union_Thug

Union_Thug

    Bleeps with the fishes...


  • Members
  • 2,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:is everything
  • Local time:02:08 AM

Posted 29 March 2014 - 03:48 PM

I cannot afford Eset at this time...

The ESET online scanner is free. :)



#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,077 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:08 AM

Posted 29 March 2014 - 04:36 PM

Just a quick note about the ESET Online scanner.

If you recognize any of the detections as legitimate programs, it's possible they are "false positives" and you can ignore them or get a second opinion if you're not sure. Eset's detection rate is high and can include legitimate files which it considers suspicious, a Risk Tool, Hacking Tool, Potentially Unwanted Program, a possible threat or even Malware (virus/trojan) when that is not always the case. Be careful what you choose to remove.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users