I've checked the site, because of user comments after the article. It's clean.
I've checked the site, because of user comments after the article. It's clean.
I've checked the site, because of user comments after the article. It's clean.
Looks like they have some site problems ?
Yes, Hugh. Looks like it. I checked the site for malware,so it was operational then. I also see it's in beta,so folks should use caution.
What's a simple system crash among friends? Just a way of finding bugs that need to be fixed!
win7,64bit, ns22.7.1.32, sandboxie5.12, cryptoprevent4.7.21, mbam free, unchecky, ff48.0.2/ubo. i used unchecky for a couple of years. i have it on all of my machines, on all of my friends machines, and i install it on on any machines i work on. like anything its not 100%, but its damn close. its a set and forget program that updates automatically and it will tell you when it blocks something. very good tool (esp. for people who download a lot from cnet, etc, etc.
20750065:@lmacri: the latest download of Unchecky works for me, as it (at least) automatically & successfully disabled the option for downloading/installing the infamous Trovi/Conduit Search and other known PUPs (shown below). And, I got several warnings from Unchecky when trying to click on the "Next/Accept" button, saying "By clicking this, you may install a program you didn't intend....
Hi 20750065:
Thanks for the feedback. I'm fairly meticulous about checking for bundled PUPs but I might give Unchecky a test run of my own now that it's out of beta.
Furthermore, keep this folder@ C:\Users\TEST\AppData\Local\Temp\nsgBB74.tmp in mind, as you can find something interesting: the following files were created (erased) when the said sample was launched (the install process failed).
I had a similar experience a few years ago when I ran an installer for a utility called BatteryCare. I declined the installation of the bundled Amazon browser toolbar but a Malwarebytes Anti-Malware (MBAM) scan detected and removed an OpenCandy component (file C:\Users\<username>\AppData\Local\Temp\is-U0PHM.tmp\OCSetupHlp.dll - detected by MBAM as PUP.Optional.OpenCandy) that the installer still managed drop in my AppData\Local\Temp folder.
------------
32-bit Vista Home Premium SP2 * Firefox v48.0.2 * NIS v22.7.1.32 * MBAM Premium v2.2.1
@lmacri: the latest download of Unchecky works for me, as it (at least) automatically & successfully disabled the option for downloading/installing the infamous Trovi/Conduit Search and other known PUPs (shown below). And, I got several warnings from Unchecky when trying to click on the "Next/Accept" button, saying "By clicking this, you may install a program you didn't intend."
(sample sha256: 04988e53180c8a13e42fe1ff6022aeaac2e905e18b60d156ced6e573304e8e6e; more, turn off Norton's protection, visit ourtoolbar dot com; run your download on a W 7 computer (recommended).
BTW: Detected PUPs were MyPC Backup, WinZip, and PC Speed Up.
Furthermore, keep this folder@ C:\Users\TEST\AppData\Local\Temp\nsgBB74.tmp in mind, as you can find something interesting: the following files were created (erased) when the said sample was launched (the install process failed).
Have fun if you have a VM. :)
I still haven't tried this tool yet, but the changelog at https://unchecky.com/changelog now notes that Unchecky is out of beta and "stable enough for everyday use" as of 21-Aug-2016. An updated v1.0.1 was released today (22-Aug-2016) with a minor bug fix for hangs with NSIS installers.
Has anyone tested Unchecky lately to see how well it catches PUPs bundled inside software installers?