How Not To Get Stung By Any Dodgy Malware-Ridden Downloads
Back in 2000, when I was discovering the delights of the internet for the first time, I was downloading everything in sight. From “official” downloads to stuff that was downright suspicious, I was downloading and installing with reckless abandon.
Then my now-wife ran a virus check and discovered I had infected her machine with 12 Trojan horse viruses . I was punished to no-internet for the rest of the day — and to sit in the corner of the room.
Installed software has kind of fallen by the wayside in recent times, with the advance of cloud technology and smartphone apps. But there is still software which we may want to have on our machines, whether it is a word processing suite like LibreOffice or a cleaning app such as CCleaner .
But if you want to avoid the viruses, malware, crapware, and bloatware, then you need to be ultra-cautious about your download sources. And what does crapware and bloatware mean anyway?
First, Some Essential Definitions….
Malware (Malicious Software)
Malware (also called “spyware”) is any software which has things like unwanted advertising (pop-ups for example), or anything which wants to gain access to sensitive information about you. Malware can also include viruses, Trojan horses , and rootkits.
Crapware & Bloatware
Any software that pre-installs itself without your permission can be described in this way. Many free software developers are notorious for doing this, and they rely on lazy people to just click the “next” button quickly while installing, without looking properly. Suddenly you have new search pages, toolbars, virus checkers, and other crap you didn’t ask for.
One company which is notorious for doing this is DVDVideoSoft. Their software is excellent but they try to sneak extra crapware in through the back door. As I said, if you just keep pressing “next” without looking, it would be very easy to have all this crap installed on your PC. We’ve also previously looked at the underhand installation tactics of NCH Software .
This is software provided to the user, who is encouraged to share it with others. Payment is encouraged and licenses may be required if the software is to be used in a commercial business setting.
There are many different types of shareware. These include trialware, freemium, nagware, crippleware, and donationware. The names kind of speak for themselves when figuring out what they are. But just in case:
- Trialware is software with a free trial before needing to pay.
- Freemium is free, but you have to pay for advanced features.
- Nagware is software that nags you constantly to buy a license (a bit like WinRAR!).
- Crippleware is when the vital features are all disabled until you buy a license. You can inspect the software for free but not be able to use it until you pay up.
- Finally, donationware is when you can use the software freely, but you are told a donation to the developer would be appreciated for their hard work.
The easiest one of all. It’s free to use. Completely. Forever. However, a lot of freeware may contain malware, so you need to exercise extreme caution.
Locations To Avoid When Installing Free Software
Back in April, Joel talked about the best places to find free software . Here, I’m going to turn the whole thing on its head and discuss places to avoid.
Things over at CNET have got a bit better recently, but Download.com remains a big mess. Very intrusive adverts start blaring out on your speakers, and software is nearly always bundled with crapware, such as this “Driver Booster” app.
Quite frankly, stay away from CNET. You might catch something that you will find hard to get rid of.
Brothersoft [Broken URL Removed]
This one was quite an eye-opener. Multiple broken links for various pieces of software, and when I installed one of them, my virus checker told me I had spyware!
Incorrect grammar across the site was not reassuring either.
To be fair, Snapfiles does warn you when the software in question has crapware, and it gives you a link to its policy page on the subject. Nevertheless, the mere fact that they are even hosting crapware in the first place has to give you cause for concern.
Be very careful when downloading from this site.
MajorGeeks seemingly has a good reputation for downloading, but they still host crapware (or “ad-supported” as they call it). Credit where it’s due; they do tell you on the page. But it is very easy to overlook.
How To Minimize Risk When Installing
Now let’s take a look at some ways to avoid accidentally installing malware. Because you can be as careful as possible with where you download from, but accidents still happen. Chris did an excellent writeup on this subject back in 2013 , so I am not going to dwell too much on this. I’ll just summarize some of the important parts, and then you can jump over to Chris’ article.
Always Scan The Installer For Viruses
When you have downloaded the installer, there may or may not be a virus inside. That virus won’t get out until you double-click on the “exe” file, so right-click on it instead and choose your virus checker. If you don’t have one, install one!
I use AVG (even though it has been accused of some shady practices ). But of course there are many others, such as Avira, Avast, Comodo, and Clamwin. Of course there are paid alternatives too, such as Norton, or Bitdefender Total Security .
Install Slowly & Examine Each Screen
As I said at the beginning, when installing something, it is easy to be a bit lazy and click “next, next, next” all the time until the program is installed. So you need to change the habit of a lifetime, and slow down! Go very slowly and examine each screen. Do NOT press “next” until you are satisfied that nothing is going to be installed without your permission.
If the software will not let you decline the crapware, then abandon the whole thing. Do not feel pressured into accepting anything you don’t want.
Consider Using a Sandbox
This is something I highly recommend if you are in the habit of downloading a lot of stuff. A sandbox enables you to run software, and it “quarantines” it from the rest of your computer. So if there is a problem with it, it won’t spread and you can easily get rid of it.
I use a sandbox quite often when testing software and Sandboxie is my favourite.
Read The Online Reviews
Online reviews are not totally trustworthy, because for all we know, developers could be writing fake glowing reviews under various identities in order to boost their products (and getting their friends and family to do the same). Before I get any outraged developers gathering outside my house with binary pitchforks, I just want to stress that the vast majority of developers are most probably very honest hard-working people. But as with anything in life, there are always a few rotten apples.
So if you bear that in mind, and take everything you read with a huge grain of salt, you can read the online reviews for a piece of software and see what the general consensus is. Is it all one star reviews all the way, complaining of malware? Then that general trend should tell you to look elsewhere.
Download From The Official Site
Finally, probably the best thing to remember when wanting to avoid any unwanted gremlins in your system. Quite simply, download from the official site.
Although the argument has been made in the past that virus checkers are not necessary if you are careful, it is plain from what we have just talked about, that virus checkers are needed now more than ever. Cybercriminals are packaging up their viruses and malware into innocent-looking freeware apps, and sending them out into the world to see who will download and install them. Then suddenly your credit card number is stolen, your identity is “borrowed”, and your computer is suddenly part of Skynet.
So exercise caution and common sense, and you’ll be fine. That’s the lesson for today, children. But before we go, maybe you have some further advice for us all? If so, the comments are open and ready for you.