Recently I've been getting more and more paranoid about what some installers might be putting on my PC. So I'd like to ask anyone who has any experience setting up something to watch the installers make changes to the system for advice, or any installation logging/tracking software you use would vouch for.
Thanks.
Also I don't tend to make posts often, so feel free to make any changes to the post itself, if necessary.
not to flame, but there's really no point. it's a silly rabbit hole to get lost down, and the only real way to solve it is to unplug your PC from the internet.
i mean, it's your time and other people will probably be along with some suggestions shortly. i'm just saying i've seen tons of it on this site, people actually becoming borderline neurotic when it comes to "locking down" their systems and getting stressed as anything trying to figure out if Windows 10 is accessing their coffee machine after they've went out and built complicated routers and firewall rules. and yet every update, Microsoft flips the telemetry back on.
It's less that I except to be safe from all threats, more I want to get a general idea of what most of the software does during installation, as well as potentially finding/stopping any weird files/services from being installed here and there.
My advice is just do a bit of research on whatever it is you are installing. There is loads of good quality software available for Windows - much of it open source where you can also check the hash of the files you have downloaded to confirm they have not been tampered with, or even obtain & check the source code for yourself etc. Some software also provides two versions, the usual one, and a second 'portable' version. The portable ones don't make changes to your registry and can usually run from USB sticks etc. These are usually only light-weight tools however.
Then there are useful repo-like bits of software - Chocolatey is a good one that makes it easy to install new software (if someone has prepped it) and will tell you if the source is trusted or not. You can also choose to use the Windows Store, you won't get any malware that way - unless you count MS's own tracking as malware of course
Main thing is just don't go installing the first things you find on the internet. I'm sure there will be someone along to recommend an install manager in a bit, these track what changes every install makes to allow you to completely and cleanly remove the software at a later date.
I'll check Chocolatey out, but it's not really what I'm looking for.
I also already am careful about where from or what I download, but occasionally I can't really tell, where the files are from or if anyone modded them, or I'm getting the files because they're modded. I just want to know if it's installing EverybodyLovesBotnets.exe or something onto my PC. Also hashes are nice and all, but more often than not the sources that provide them are the ones I already trust to an extend, so it's not really consistently reliable.
And no. I'd rather get actual malware than use the MS store