Adware in Software Installers – Quick Thoughts

Adware. Software designed to try to pop up and mess with your normal computer activity, and/or inject advertisements at random intervals, or when told to do so by a master server.

Some applications I use like the cleaning software from Wise and ImgBurn now come with annoying “offers” that the author is trying to make some quick bucks from. It’s almost as bad as OpenCandy – that piece of shit that would be installed on many computers that came into my office which would randomly try to install additional software that the client didn’t want. Wise/Lespeed Technology Inc has a offer for SpyHunter 3 (which is by the same guys who are suing BleepingComputer for giving them a crap review because their product is garbage) which you can easily click “Decline” – it’s on the left hand side than next door to the “Accept” button on the right. I’ll let them off the hook because they do offer a portable version of Wise Disk Cleaner and friends that you can download, extract and run to not worry about having to install things.

WinSCP’s installer used to use OpenCandy, but stopped after it came under fire due to malware being installed. ImgBurn’s installer if I recall correctly uses OpenCandy and the author, Lighting UK came across as a big prick where he basically said “Install the ‘crapware’ then uninstall it once ImgBurn is installed” and said “Nope, no binaries only or portable versions”. In fact, ImgBurn is quite portable – zip the files up in the installation directory or copy them to your USB Stick and you’re gold – I did that to my copy to ImgBurn and it hasn’t complained.

I recently tried to download JDownloader 2, which is a all-in-one download manager that will also download files from a lot of file-hosting websites. Just copy and paste the links, it’ll check if they are valid, you know the drill. However, the official web downloader will download a adware-infested version of the actual JDownloader setup file which BitDefender detects as a Trojan. You have to dig into the forum archives to find links to the no-adware installer versions which install without any adware attached.

My case here is that software authors need to understand that not everyone wants to install offered crapware with tools – especially those fucking Bing/Ask/SearchProtect/whatever toolbars that fuck up your web bowser. Sure, you can offer them but do not be a prick and hide the “Skip/Decline” button. Give the user two (or three, if you have multiple offers) options that say “Yes, Install”, “No, skip”, “Skip all”. That’s all I’m asking. Or go the alternate route and put a screen before the “Setup complete” screen saying that if you like the software, please throw some beer money into the jar. That way the user can decide.

I personally have donated to software developers that make good software and the installer is clean of crapware offers. I understand it takes time and money to make good software, but if your installer infects my machine with crapware before I can even use your software, then I’m not using it.

Just my two cents.

Windows To Go: Actually, it’s not too bad

Just thought I’d throw it out there and comment on my experiences of running Windows 8.1 from a USB Hard Disk. The USB Hard Disk is a WD Elements Basic that supports USB 3.0 (SuperSpeed).

Using GImageX, I deployed a vanilla copy of Windows 8.1 Professional – which was actually a hackish way of doing things since you have to fix up the Windows Boot Manager afterwards – to the drive after a fresh format of the NTFS file system. FAT32 will not work… well, it may but you may suffer FS breakage with permissions and the like.

From there, I rebooted and chose the USB HDD as the CSM boot target, and was greeted with the Windows logo and the spinny dots. Installation went as normal, asking for license key, set up your account, etc. You could also do UEFI boot which will show your OEM’s boot logo but I chose the CSM boot because UEFI can be a pain in the bum.

The reason I did this installation of Windows is because I have my own optimized version of Gentoo Linux installed and I didn’t want to have to mess around getting the two happily talking to each other on local the local hard disks.

Performance wise, the USB3 HDD is enough to keep Windows running smoothly. Windows knows it’s on a USB and while the “Safely Remove Hardware” icon does allow you to eject the HDD… I expect a BSOD would occur, or just a “Device is in-use” error. There’s a bit of extra latency when applications like Unity3D and Visual Studio start up, but overall it’s not bad. As an added bonus, some of my applications seem to load from the internal SSHD faster than a Windows install on the SATA subsystem. Odd.

On the downside, the USB HDD could be prone to failures and also knocks or falls. I am a clumsy sucker some days and have a habit of dropping things (especially cold weather) but I wanted to do this WTG setup for some time, and now that I’ve done so, it’s pretty good. There’s other things like BitLocker Encryption and whatnot, but to be honest, I’m not going to be using the drive for top-secret operations so I didn’t really bother as BitLocker would add additional overhead and increase the whole deploy Windows from image to disk time.

Howto: Rescue Windows 10 from a Hibernation Loop in 7 Steps

I had to rescue a Windows 10 laptop that somehow got stuck into a hibernation loop, where it would hibernate and instead of it resuming normally from disk, it would resume and then go back into hibernation mode. Windows 7 or 8.1 doesn’t suffer from this, so it’s a Windows 10 quirk.

The Windows 10 version the client’s laptop was Build 10240, so it’s not the “10.1 November 2015” update which is 10584 or something. Anyway, onto the fix. This may corrupt your NTFS partition, so check the disk partition for errors after you do this method!

  1. Grab a copy of SysRescueCD, which is a rescue environment based on one of my favourite distros, Gentoo. I used the 64bit version. It doesn’t really matter.
  2. Boot from the USB. This laptop was using UEFI and had Secure Boot enabled, so I had to boot into the BIOS and disable Secure Boot. Secure Boot is fine for the average user but for IT technicians like me who work in the field it’s a massive pain in the arse. If you do it right, the SysRescueCD boot menu will appear, either in 640×480 VGA mode or UEFI Framebuffer (using GRUB2 EFI).

    Choose your poison, I went with the “cache all in ram” since this laptop had 8GB of RAM.

  3. Once the distro boots, let it configure the keyboard and related things then drop you to a shell as root. Now you’ll need to find out where the Windows partition is. I’ll give you a hint; if your target computer uses UEFI, usually it’s /dev/sda3 since there’s a EFI System Partition and a Recovery Partition before the Windows partition. Otherwise you’ll either want /dev/sda2 if you have a “System Reserved” partition and you’re NOT using UEFI (ie. UEFI-CSM BIOS Emulation or a older laptop/desktop that doesn’t have UEFI firmware) or /dev/sda1 for some installations of Windows 7 and onwards.
  4. Attempt to mount the partition using the mount tool. For example:
    mkdir /mnt/winwoes
    mount /dev/sda3 /mnt/winwoes

    Where /dev/sda3 in this example is the Windows partition. The laptop I was working on had Windows on partition 3.

  5. It should fail and say “Metadata is present, will not mount without ‘ro’ parameter”. If you get this error, then that’s OK. We’re going in. Now, we’ll need to use ntfsfix to flush the caches. This resets the log file and also checks the NTFS headers and whatnot are OK. Run it like so:
    ntfsfix /dev/sda3

    You will get a “FAILED” as it attempts to mount it before hand. Ignore the error. You should get some disk I/O activity and lines followed by “OK”. Then, run it again to make sure it sticks. You should get all “OK” or “PASS”.

  6. The moment of truth.
    sync && reboot

    The sync is important in case the HDD hasn’t flushed the changes to disk, and the reboot command will reboot the machine once SysRescueCD gracefully packs up its things and leaves the building.

    Windows may complain if you’re using 7 or 8.1 about it needing a check disk, let it do so as this is kinda a brute force hack. In Windows 10, I just got a “System disk needs checking for errors” notification. Pop open (once you’re in) a Command Prompt and enter “chkdsk /scan” to get Windows to fix itself up if it finds any corruption or damage done.

  7. If all is well, you should no longer get a “Hibernating…” with a circle with dots going around in a circle. Go forth and do what you need to do on that machine, and make sure it shuts down correctly this time!