Error - template LAYOUT-DATA-WRAPPER not found

A configuration error was detected in the CGI script; the LAYOUT-DATA-WRAPPER template could not be found.

Error - template STYLE-SHEET not found

A configuration error was detected in the CGI script; the STYLE-SHEET template could not be found.

Error - template SUB-TOP-BANNER not found

A configuration error was detected in the CGI script; the SUB-TOP-BANNER template could not be found.
Subject:
Software Downloading Alert.
From:
Peter Ekkerman <[log in to unmask]>
Reply To:
PCSOFT - Personal Computer software discussion list <[log in to unmask]>
Date:
Thu, 16 Feb 2012 18:56:24 -0500
Content-Type:
text/plain
Parts/Attachments:
text/plain (1 lines) 
Considering some recent posts on PCSOFT regarding interference of unwanted software, acquired

by downloading and installing certain software, the following might be helpful to know what's going on.



The more advanced among you may well be aware of this, but for less "streetwise" users, it may give an insight.



There seems to be an ever increasing trend to bundle software with 3rd party add-on software.

Bundling is nothing new. It used to be  (still is in most cases) that games and screensavers were bundled

with add-ons like toolbars etc. More malicious ones were/are  bundled with worms, trojans and viruses.



However ,in the present economic environment, more prominent and reputable software sites

are bundling software with 3rd party software.

Examples of this are CNET ,ZD-NET ,Brothersoft and various others.

Even Adobe has started bundling their Flash Player downloads with things like Google Toolbar or even

McAfee Security Security Scan. (According to many reports ,it installed even if disallowed)



Many software authors are doing the same. 

Let's not forget Microsoft either. While they may not bundle with 3rd party ,they will bundle with their own software.

Examples are Windows Essentials. If you just want eg  just Windows Live Mail , you have to download the downloader

for SE and then make sure to only select WLM and un-tick the others ,but you still get some extras.

Another example is  M$ Office Home and Student 2010. This came bundled with a trial version of Outlook.

This Office version does NOT come with Outlook -it was stripped out - so many users installed this suite thinking

it came with Outlook ,since Office always contains it.

Instead ,they find out it's only a trial version when the expiry notice pops up.



What to do or to watch out for:

1. Always try to get the software from the authors site if at all possible, even if you found the software

    on another site. Trace it back to the author's website.



2. Before downloading take a note of the name and the file size.



3. Check the actual download URL  - if there's mention of "secure download" or "downloader" ,

    be aware of the fact that this may be a "web install" .

    There is inherently nothing wrong with a web install. It's a downloader ,that when executed ,will download

     the actual file from the server.

     If properly coded, it will resume the download if interrupted for some reason and also check the integrity

     of the downloaded file. IOW ,the file has a signature or "checksum" and this has to be the same

     before-  and after-  the download.

     Microsoft uses it for a lot of their files.



4. A web install will have a small file size, ( 200 -400 KB or so), much smaller than the actual software file.

    If so ,be aware the subsequent download may be bundled with "extras".



5. If you still want the software ,check what is included and make sure you un-tick any of the add-ons.

    Note: There is no guarantee that it won't be installed, but at least take a note of what is being offered

    such as names or other identifiers. It may help to locate it if it's installed anyway, despite un-ticking it.

    There is a whole range of these add-ons. Some don't install when un-ticked. Others will install regardless.

    Some end up in Temp files. Of those , some are dormant and do no harm ,but should still be deleted.

    However, some are not dormant ,but remain active and will try to install afterwards, very often silently.

    Of course ,those are the malicious types and can be hard to get rid of.

    Hopefully your AV or anti-malware programs will catch them.



6. If software is downloaded from an author's site ,but the download link redirects eg to CNET,

    the file may well be ok ,but now you have to deal with CNET.

   There will either be a clean link (no add-ons) or 2 download links.

   One will be the big green download button (it will say secure download) , 

   but that's the one that bundles the software with other extras.

   It will also have a double .exe ending ,like ABC.exe.exe.

   A lot of AV programs may reject it for this very reason.

   The other is a link ( in small print) below the button and is the "unencumbered" one.

(BTW ,this 2nd link was only provided after numerous complaints about CNET practices about the bundling

and unauthorized bundling is removed if the software's author complained)



Always use discretion when downloading software.

If at all possible ,test it in a virtual environment. 

Virtual PC, VM Ware or VirtualBox  are examples for complete OS virtualization

Sandboxie or BufferZone  , examples for browser and other programs virtualization.



Hopefully this gives a better idea about downloading and the pitfalls.



Peter E.









    











             Do you want to signoff PCSOFT or just change to

                    Digest mode - visit our web site:

                   http://freepctech.com/pcbuild.shtml

ATOM RSS1 RSS2

LISTSERV.ICORS.ORG Secured by F-Secure Anti-Virus CataList Email List Search Powered by LISTSERV