Installer contains bloatware

[DuckTheCow]

Hey, just went to download the latest version as prompted by the software and got some bloatware installed on my device. Pretty dodgy if this is intentional.

[wezeku]

Hey, just went to download the latest version as prompted by the software and got some bloatware installed on my device. Pretty dodgy if this is intentional.

Since your issue was closed without comment, it is reasonable to assume it's intentional. Seems like a case of bait-and-switch. Thanks for the warning!

[CaptainFrosty]

Yeah, I downloaded this as a package from the chocolatey repo, so it installed silently and I was very confused when this Lavasoft Ad block bullshit popped up. Chocolatey is the last place I would expect bloatware. I was afraid I was gonna have to scrub it out of my system myself, but it appears it uninstalled properly. When I went to uninstall it, it told me it had blocked 20,000 malicious sites for me. It had been on my computer for 15 minutes. How stupid do they think I am? Also some grammar mistakes. I felt pretty insulted. Own up to your silly nonsense.

[AndrewDTR]

Totally. Suggest you report the repo to github themselves referencing this issue thread, kinda funny how the creator is just ignoring every complaint regarding their bloatware-infested program. I don't doubt that they were paid or compensated in some way to have it bundled with their software - no other reason they would choose to intentionally leave it in after receiving various complaints.

[CaptainFrosty]

@AndrewDTR you mean chocolatey? that's where I got it from not github. I'm not sure what their policy is

[claell]

I'd assume that chocolately wouldn't allow silent installs without consent.

[0lm]

Totally. Suggest you report the repo to github themselves referencing this issue thread, kinda funny how the creator is just ignoring every complaint regarding their bloatware-infested program. I don't doubt that they were paid or compensated in some way to have it bundled with their software - no other reason they would choose to intentionally leave it in after receiving various complaints.

For me, the worst thing is not the bloatware being inbuilt. Even Adobe offered or still offers bloatware in their Adobe Reader (Just saying: McAfee for example). My main concern is: Is the Dev sure about this Adaware Web Companion being save and clean? Would the Dev install this Adaware Software himself, and easily uninstall it again? (since some people maybe accidently install it, the Dev first should make sure, if it is save to accidently install it, and if it is easy to uninstall it). Antivir says the Macro Installer is clean, though. Is the bloatware fully bundled within the installer, or does it download it only after accepting the offer?

[AndrewDTR]

For me, the worst thing is not the bloatware being inbuilt. Even Adobe offered or still offers bloatware in their Adobe Reader (Just saying: McAfee for example). My main concern is: Is the Dev sure about this Adaware Web Companion being save and clean? Would the Dev install this Adaware Software himself, and easily uninstall it again? (since some people maybe accidently install it, the Dev first should make sure, if it is save to accidently install it, and if it is easy to uninstall it). Antivir says the Macro Installer is clean, though. Is the bloatware fully bundled within the installer, or does it download it only after accepting the offer?

The chrome extension it force installs contains a keylogger.

[0lm]

For me, the worst thing is not the bloatware being inbuilt. Even Adobe offered or still offers bloatware in their Adobe Reader (Just saying: McAfee for example). My main concern is: Is the Dev sure about this Adaware Web Companion being save and clean? Would the Dev install this Adaware Software himself, and easily uninstall it again? (since some people maybe accidently install it, the Dev first should make sure, if it is save to accidently install it, and if it is easy to uninstall it). Antivir says the Macro Installer is clean, though. Is the bloatware fully bundled within the installer, or does it download it only after accepting the offer?

The chrome extension it force installs contains a keylogger.

Are you 100% sure about this? There is a difference if it is a keylogger, or if the Extension is just badly coded so it is extremely vulnerable for threats. According to Virustotal, only 1 of 65 antivir give alert: https://www.virustotal.com/gui/file/92ffa6da0bea664f2499cfbec2a578bf882ed861cbb218b384e6af6ea589dde9?nocache=1

[CaptainFrosty]

I'd assume that chocolately wouldn't allow silent installs without consent.

@claell Pretty much all of the installations are silent on chocolatey; you are consenting by using it I guess. There is probably an override flag in the CLI syntax somewhere. The package maintainers will use a built-in silent install method if the software has one, otherwise they write scripts for it or they bundle autohotkey in the package to auto click the installer. It's necessary since one of chocolatey's big uses is automated deployment of software across domains and whatnot. I'm not responsible for any domains, but it is nice having stuff automatically updated at login or as a scheduled task.

It was weird to find it there, since there's allegedly an approval process and everything is scanned, I would assume for PUAs and not just viruses. Nobody wants that stuff in their deployments. Plus, alot of the packages aren't even maintained by the software makers. Clearly they need to watch the people who are adding their own stuff more closely.

Honestly I'm surprised this issue hasn't just been deleted.

[meyer]

yeahhhh this is really sketchy. The intaller installs a Chrome extension without my consent and by bypassing the Chrome extension installation process. Not a great first impression.

[meyer]

see also: #196 and #212, closed without comment. Yeesh.

[pauby]

@CaptainFrosty @claell We had an abuse report from a community member for the three macrocreator packages on the Chocolatey Community Repository. I investigated, and they've now been unlisted and are no longer available for install or upgrade.

If you encounter issues such as this in future, please raise an Abuse report from the package page, and we can look into it.

[pauby]

It was weird to find it there, since there's allegedly an approval process and everything is scanned

The packages / software are scanned using Virus Total, which contains 50 to 60 AV engines. PUP's are not routinely classed as viruses / malware, so it's unlikely to have been picked up. Anything less than 5 detections we consider a false positive.

The Virus Total page for version 5.4.1 of MacroCreatoe-Setup.exe (which was the latest on the Chocolatey Community Repository) shows two detections, so would not have flagged. Note that this package was also trusted so assuming everything passed it would have been automatically approved.

The Chocolatey Community Repository is maintained by the community, and we rely on community members to feedback when things are not as they should be. This happened here, and we took action on that same day.