Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

what tools include malware?


  • Please log in to reply
6 replies to this topic

#1 DarkD

DarkD

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:10:59 PM

Posted 20 May 2014 - 06:12 PM

It seems as time goes by, reputable sites and tools have started to put malware into their tools installers and you just can't trust them anymore.  Is there a list somewhere that 

 

1) Identifies which tools will force you to install malware no matter how closely you pay attention to their installation processes

2) Identifies tools which install malware like Conduit toolbar but can be disabled if you pay close attention to the installation process and uncheck any unwanted add-ons.  

3) Identifies websites who use disreputable ad sources which are known to frequently contain malware and viruses and otherwise don't undergo a thorough screening process.  

 

You get the picture right?  I wanna have a search engine where I can type in the name of my favorite websites and application names and see if they have started using malware and how they are using it.  It seems clear that the problem isn't like it used to be where malware was just something that snuck its way onto reputable websites, now it literally is included as a matter of good business.  

 

I also realize that its a matter of where you get your installation files from and generally speaking, if you use the manufacturers website, you have a better chance of not finding malware.  However even taking this into account there are still many applications where it's included regardless of where you get it.  


Edited by DarkD, 20 May 2014 - 06:15 PM.


BC AdBot (Login to Remove)

 


m

#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,620 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:59 AM

Posted 20 May 2014 - 06:19 PM

I know of no such site.

But I suggest you upload downloaded tools to VirusTotal before installing/using them.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#3 LiquidTension

LiquidTension

  • Malware Response Instructor
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:59 AM

Posted 20 May 2014 - 06:33 PM

Calendar of Updates' Installers Hall of Shame is a good place to start.

http://www.calendarofupdates.com/updates/index.php?showtopic=16109
Posted Image

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,560 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:59 AM

Posted 20 May 2014 - 08:08 PM

Many programs, toolbars, add-ons/plug-ins, and browser extensions come bundled with other free third-party software you download from the Internet (often without the knowledge or consent of the user) as a common practice by legitimate vendors. In some cases, they may be included in Installers or Downloaders found at hosting sites such as CNET, BrotherSoft, Softonic, FreewareFiles and Tucows.

These bundled packages, installers and downloaders can often be the source of various issues and problems to include Adware, pop-up ads, browser hijacking which may change your home page and search engine, and user profile corruption. Since some of their componets and behavior are determined to be harmful, anti-virus and anti-malware tools may detect and remove them as Potentially Unwanted Programs (PUPs).

Potentially Unwanted Programs (PUPs), Potentially Unwanted Applications (PUAs) and Potentially Unsafe Applications are classified differently and do not fall into the same categories as viruses, Trojans, worms, rootkits and bots.

Folks need to take some personal responsibility and educate themselves about the practice of bundling software.
* Safe software download sites Beware of deceptive download links & PUPs
* How-To Geek: Why We Hate Recommending Software Downloads To Our Readers

More information and Best practices for downloading software can be found in this topic:
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs)
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 jmauler

jmauler

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:59 AM

Posted 21 May 2014 - 11:30 AM

Yea espicially damn Conduit. Just look at this guide and how many steps it takes to remove conduit. This took me like an hour before i was sure this conduit bs was fully removed from my pc.



#6 saw101

saw101

  • Members
  • 405 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:The Great Pacific Northwest
  • Local time:09:59 PM

Posted 21 May 2014 - 09:02 PM

I've been rather pleased with this little piece of software called 'UnChecky.'

 

Just remember though, nothing is 100%, well nothing except death & taxes anyway.

 

You can read about UnChecky here: http://www.howtogeek.com/179758/how-to-avoid-junkware-offers-with-unchecky/


I never make the same mistake twice....I always make it 5 or 6 times just to be sure!


#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,560 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:59 AM

Posted 22 May 2014 - 04:41 AM

From reading Introducing Unchecky on RaMMicHaeL's Blog, it is more for average users who are not careful about reading everything and accept all defaults when installing programs.

The blog posting also indicates Unchecky is still a beta version.

What is beta software?

After an initial round of in-house testing, software publishers often release new programs to be tested by the public. These pre-release versions are called beta software, usually denoted by a "b" in the version number, e.g., Netscape Navigator 2.0b5. Since the publisher couldn't possibly test the software under all possible conditions, it is reasonable to expect that wider use of the software may uncover problems that were not discovered during in-house testing. The publisher expects to be notified when users find such problems so that the program can be fixed before its official release.

In general, you should expect to run into bugs whenever using any piece of beta software. These bugs may range in severity from minor features that don't work to problems that cause your computer to crash. You should decide whether the benefit of new features in a beta program outweighs the risk of program instability before choosing to use a piece of beta software. You should also be aware ...you should not expect the same level of support as you would receive for an official release version of the program.


Beta version software is useful for internal demonstrations, testing and previews to select customers, but may be unstable and not yet ready for a release candidate stage. The goal of a beta program is to collect information regarding the performance, quality, stability, and functionality of new products in order to iron out the bugs before they are released to the general public as a stable final product. Beta software is not intended for inexperienced users since it may contain bugs ranging in severity from minor features not working properly to problems that may potentially damage your system. Not that I am implying you are inexperienced...just speaking generally. However, if you choose to use a beta program, you use it at your own risk.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users