Donate |

How to avoid installing software you don't want

Clicking on a sponsored link could sneakily sideload programs

Published: February 2014
A search for "Java" brought up the sponsored links with a light-yellow background.

Find Ratings blob logo

One of the easiest ways to turn a brand-new computer into one cluttered with unwanted programs and crawling with various forms of malware is to start grabbing your favorite free software from the wrong sites.

The problem is, Google and Bing searches can easily lead you exactly where you don't want to go. When searching for popular software such as iTunes or Adobe Flash Player, sponsored search results (in other words, ads) often appear at the top of popular searches, above links from the actual source sites such as Apple and Adobe. And those ad links often try their hardest to stealthily install software on your computer that you probably don't want.

Putting nasty ad links to the test

Just how bad is it? To find out, we set up a fresh install of Windows 7 on a virtual machine, installed all available Windows updates, grabbed the free version of Avast! antivirus software (which can be tricky itself), fired up Internet Explorer 11, and started searching Google and Bing for popular free programs.

We searched for nine programs, many of them among the first programs that get installed on a PC: iTunes, Adobe Flash, Java, Adobe Acrobat, VLC, WinRAR, WinZip, Google Chrome, and Any Video Converter. Then, we clicked on ad results, which appear above the standard search results highlighted in a pale yellow to differentiate them (slightly) from the nonpaid links below.  

To be fair, the ads didn't appear after every search, and the ones that appeared varied from search to search and from one browser to another. Sometimes, particularly with iTunes, the first ad link actually took us to the software's source site (www.apple.com/itunes in this example). But for every one of the above programs, we were able to bring up more questionable sponsored search results within a few minutes of repeated searching. And these kinds of results showed up in Google Chrome, Firefox, and Internet Explorer.

Installing (and then stuttering)

A crop of unasked-for programs popped up after we restarted our test PC.

For each ad link, we clicked through and installed the respective programs via the link or button provided. Instead of delivering just the application we were looking for, all of the links tacked on additional software. In some cases, we found, if you're careful to read all the fine print and uncheck a handful of boxes, you can get the files you're looking for without a bunch of extra "added value" software.

But for the sake of this report, we acted as a novice Web surfer (or a more experienced user who's just not paying close attention), and "yessed" our way through dialogue boxes designed to look like the standard user license agreements we're used to clicking through when installing software.

After installing just a few programs this way, we started racking up browser toolbars (AVG, Yahoo, and Google), and noticed our search engine and home page had been hijacked to something unfamiliar. As we progressed through the nine programs, Windows started slowing down—a lot, as if it had been accumulating Web gunk for months (or years) rather than minutes.

We never had to actively search for and install Google Chrome, as that browser got installed at some point, along with several more questionable programs, such as registry scanners, performance "optimizers," and a service we'd never heard of that helpfully offered/nagged us to back up our computer to "the cloud" for free.

After installing all of the programs on our list, we opened Windows 7's uninstall utility and counted 32 programs that had been installed in addition to the original nine we set out to get. Upon rebooting, seven new programs launched popup windows at startup, including two that started running virus/registry scans as soon as they launched, and a few that flashed warnings and promised fixes if we registered and/or upgraded to the full version (for a price, of course).

To a seasoned computer user, these are obvious attempts to grab money and personal data. But others, particularly those inclined to click on ad links rather than legitimate search results, won't know they're potentially being scammed. This is exactly why these companies pay Bing and Google for prominent ad placement: The ad links pull in the least-savvy computer users.

For more tips and advice, see our guide to Internet security.

What about that antivirus software?

Malwarebytes found a lot to delete.

But what about our Avast antivirus? Didn't it pick up on any of the stuff clogging up our system? Avast's Web Shield did block a second tab that started opening up every time we launched Internet Explorer, and gave us an audible warning that the page contained some sort of malware.

We also instructed Avast to run a full virus scan once we had finished installing software. Somewhat surprisingly, the program turned up no infected files. That could mean that any viruses that were there had somehow circumvented Avast's scan, or were just so new that the antivirus software wasn't aware of them yet.

There's also a very good chance that there were no actual viruses on the system after all—just a bunch of other types of unexpected software that could (and probably would) push the average user to a more serious infection in the near future.

For instance, with all this extra software installed, a Google search produced a whole other set of ads above the Google ads we saw before. That meant that more than half of Google's search results on the browser page were now ads leading to questionable sites; we had to do a bit of scrolling even to see the unsponsored search results.

Although we didn't detect any actual viruses on our test system, the popular malware scanner Malwarebytes Anti-Malware certainly found a lot not to like. After running a full scan, the program found what is said were 1868 infected objects—a substantial number for a system that had been running for just a few hours.

What have we learned?

Pay attention to the publisher of the software you're downloading.

If your PC is already in a sad state similar to the one we experienced, you may want to consider a full system restore. You may also be able to get your system back to some semblance of sanity with our list of tips to keep your computer from slowing down.

But if your computer is still purring along like new, how do you keep it from winding up like our test system? By using some basic Web savvy, common sense, and having the patience to read a bit before you click.

Avoid clicking on sponsored links

Pay attention to your search results and try not to click links bordered by that yellowish rectangle, or otherwise connoted as ads. Someone's paying for their prime placement. And for the most part, they aren't doing so for your benefit. (Note that this applies only to downloading software, not necessarily to sponsored links for a lot of other things.)

If this seems obvious to you, maybe your friends and family members could use the advice. If you see them installing something this way, let them know the smarter way to surf.

Get your software from the source whenever possible

To install Flash or Acrobat, head to Adobe.com and search for it there, or use your favorite search engine and pay attention to the source of your links. In other words, read the URL before clicking, and try to get your programs directly from the developer. Download iTunes only from Apple. Java should come from java.com or Java's owner, Oracle.

It may not always be obvious who the developer of a given program is, so read the URL you're about to click on. If it isn't familiar, check out the site name itself using a search engine. Doing so will quickly let you know, for example, that videolan.com is the developer of the VLC video player. Trust us, it's worth taking an extra few seconds versus the hours you may spend later dealing with unwanted software–or worse.

Familiarize yourself with a few trusted file download sites

You can't always get programs directly from their developers. But you can find many popular programs at Cnet's Download.com, SourceForge.net, Tucows, or FileHippo.com. All of these sites have been around for many years and have some of the biggest repositories of free or trial software.

If you can't the program you're after on one of these sites or on the page of its developer, you should seriously question what you're downloading. If a search turns up what you're looking for on an unfamiliar site, check out that site with a search using Google, Bing, or Yahoo.

You still may wind up with unwanted software

Even if you get your program directly from the developer or one of the above sites, there's a good chance that a toolbar or some other unwanted program will attempt to tag along. Just about every free software site these days pushes something extra with the install file, such as adding toolbars and/or attempting to change your default browser or search. This is frustrating, but still less nefarious than what we experienced from unfamiliar sponsored sites.

If you pay attention when you're installing, you can usually avoid getting anything extra. Skim any user agreements you see on the screen.  Responsible sites make it clearer before they try to add things you didn't ask for. You can usually click the “decline” button and still get the app you're after, or uncheck a box to skip the toolbar or, say, the hijacking of your search provider.

Also, resist clicking the Express Install option, which often defaults to giving you whatever the given site is pushing. Clicking Custom Install often reveals hidden options that let you ditch the junk before it makes it onto your PC.

Learn to love your uninstall screen

Finally, accept that you probably won't catch every unwanted toolbar before it gets installed on your system. It happens to all of us—these days more often than ever, it seems. That's why you should peruse your installed programs list (the Programs and Features control panel in Windows) regularly, at least every couple months.

Scroll through the list and look for applications you don't recognize or remember actively downloading or installing. If you're unsure of what a program is, you probably don't need it. But if you're unsure, check it out via a Web search or try launching it. If that doesn't jog your memory, you can probably safely kick it off your hard drive. Unless it's a program you had paid for, if you change your mind later, you can probably download it again for free.

—Matt Safford

   

E-mail Newsletters

FREE e-mail Newsletters!
Choose from safety, health, cars, and more!
Already signed-up?
Manage your newsletters here too.

Online Security News

Connect

and safety with
subscribers and fans

Follow us on:

Cars

Cars New Car Price Report
Find out what the dealers don't want you to know! Get dealer pricing information on a new car with the New Car Price Report.

Order Your Report

Mobile

Mobile Get Ratings on the go and compare
while you shop

Learn more