We installed the top 10 apps from Download.com, and you’ll never believe what happened! Well… I guess maybe you might have a good guess. Awful things. Awful things are what happens. Join us for the fun!
We’ve been railing against freeware download recommendations for years, and recently we taught you how to test any software safely using a virtual machine. So we thought, why not have some fun and see what really happens if you download software like a regular clueless user might?
For the purpose of this experiment, we’re going to just click through all regular installation screens with the default options using a fresh virtual machine. And we’re going to install ten applications from the most popular downloads list. And we’re going to assume the persona of a regular non-geek user.
Why would we choose Download.com? Because their policies page states clearly that they do not allow malicious software on the site, and further that they do NOT accept any software that contains the following:
Software that installs viruses, Trojan horses, malicious adware, spyware, or other malicious software at any point during or after installation.
Software that installs without notice and without the user’s consent.
Software that includes or uses surreptitious data collection.
Software that diverts or modifies end users’ default browsers, search-engine home pages, providers, security, or privacy-protection settings without the users’ permission.
Software that installs in a concealed manner or denies users an opportunity to read the license agreement and/or to knowingly consent to the installation.
Software that induces installation by making false or misleading claims about the software or the software publisher.
I mean, with all those protections in place from the trusty people over there at CNET, why would anybody worry? I mean, CNET News is a trusted source, right? Right.
Danger! Do NOT Try This at Home!
Seriously, we don’t recommend doing this at home on your primary PC, unless you want to make your computer a smoking pile of useless. If you do want to try it, make sure to use a virtual machine.
Time to begin. But where to begin?
The first thing we did was head straight to the Windows downloads page and take a look at their Most Popular Downloads. The list seems puzzling, almost like it’s not really the real list. Why would almost everybody download… YAC? Have you used YAC? It’s… a bunch of YAK. This list is suspect and never seems to change. That’s suspect. Oh well, onward.
The plan is to download and install the top 10 apps, but as you can see in the list, the top two apps are both antivirus, and since we aren’t crazy people, we’re not going to install more than one active antivirus at a time. And despite a lapse in judgement by Avast in the past, we still prefer Avast over AVG (the Avast people were up-front and honest in response to our article and their product is just better in our testing). So we’re going to install that one and skip AVG. Surely that will be free from any bundled crapware, right?
Well… it’s not crapware. Dropbox is awesome. But yeah, the bundling starts here. Free software vendors make so much more money by bundling other software than they do by selling subscriptions that it’s pretty much the only business plan that anybody can consider using. At least Avast is bundling something good, so we can’t really argue with it.
Now that we have Avast running, it’s time to head down the list and install KMPlayer… wait, what’s that “Installer Enabled” all about? Oh well, it’s in light gray text so I guess it’s not important.
They sure do have a lot of terms and conditions pages in this installer. It’s a good thing that people have been trained to always read the terms and conditions, because otherwise you might agree to something insane like allowing yourself to become a HumancentiPad, or even worse, like installing Spigot’s browser hijacking extensions.
Hmm, the next terms and conditions page says something about a PC Cleaner. Well maybe that can help clean up the nonsense that we just accidentally installed in the last step, right? Two wrongs might make a right after all.
That’s weird, we finished all those other screens and now we have another installer. It’s almost like that first installer was completely useless and somebody should be punished. I guess we should just click to Agree and install this one, because that Skip button looks like it’s disabled anyway. There’s no way you could click on it, right? And it’s not like clicking a single button is going to infect us with the awful Trovi browser-hijacking adware.
Once we clicked through, we ended up with an error page for some reason as it all hung up. We’re not sure what WajamPage.exe is, but after a quick Google, it becomes clear that it’s yet another browser hijacker and we’re lucky it didn’t install. That’s right, we’ve installed one non-antivirus app from CNET Downloads so far, and we’ve been presented with three browser hijackers and one fake registry cleaner. They are nothing if not efficient.
After clicking through the installer and finishing, PRO PC CLEANER from the previous step installed itself… started running a scan… and then TALKED OUT LOUD TO US. It literally yells to you through your speakers and tells you that your PC is completely full of errors and needs to be repaired. And it does this all the time, randomly. I guess nobody told them that this was a brand-new installation of Windows.
Next up was YAC. The installer was simple, and seconds later… we had some little window on the screen that was tracking something, and a new source of NON-STOP useless notifications. Every little thing that every app does appears to be monitored… and allowed. YAC is soooo helpful. /sarcasm.
Next on the list was the trusty CCleaner, which is a perfectly decent application that we’ve recommended before. Installed, done, great.
After that we tried to install the next item, which is the YTD downloader app, but Avast completely blocked the download of the application. That turned out to be a pretty good thing as we’ll see later, but we wish Avast would have blocked all that other browser hijacking nonsense too. Oh well, can’t win them all. At least Avast is doing something.
Next we tried to install Free YouTube Downloader, only to find out that one was being blocked by Avast as well. Now why would these apps be on the most popular recommendation list along with another app that is blocking these apps? If these are viruses and spyware, why are they being distributed? Something seems wrong here.
And don’t the Download.com terms and conditions state that malware is not allowed? Hmmm, maybe they didn’t actually read them and just clicked Accept. It’s what we would do.
The next one on the list is Driver Booster which we installed despite that How-To Geek site telling us that driver updaters are actually worse than useless. Those idiots! It’s not like they’ve done tons and tons of research or anything. But don’t tell us that, we’re installing it anyway! I wonder what those checkboxes are telling us. No time for that, CLICKITY CLICK CLICK CLICK!
That’s weird, all of a sudden this Advanced Systemcare thing showed up. How did that get there? There must be hackers inside my PC.
Next up on the download list was IObit Uninstaller, because clearly we’re going to need to uninstall some software after this is over, and it’s not like they would actually install other software… wait… what’s that tiny little checkbox down there?
Oh no! All of a sudden, YAC is YACKing messages at us saying that something is tampering with our settings! If only that message would stay there for more than 10 seconds. Or maybe if we could view some more information. Or see a log somewhere about what’s actually happening. Or have the slightest clue that it’s doing something useful and not just throwing up scary messages CONSTANTLY.
After installing Virtual DJ with no ill side effects for some reason, we decided that we’d finish off the list with Download App which we’re not entirely sure… but appears to be made by Download.com. It’s all a little confusing, and we don’t remember where we left our car, but we’re going to end our experiment here, we think. It’s a good thing they’ve got all those lawyers to write terms and conditions about how we can use the software. Surely all that legal language will protect us or somebody.
Golly gee willikers batman! YAC just let us know that something called SP.exe is trying to reset our home page to something else! It’s a good thing that YAC is going to keep it set to…. the YAC home page? When did we agree to that?
Search Protect and YAC and Spigot continued to fight it out for a while at this point… literally every few seconds one or the other would change the home page and then YAC would try to set it back. It’s like battle of the crapware up in here. Taking all bets!
At this point we had so many open windows on our desktop, it was time to reboot. That fixes everything.
After rebooting, Avast blocked Conduit as a threat. That’s pretty awesome, but we’re wondering why this didn’t happen before it actually got installed onto the computer, or at least during. Or you know, before we rebooted.
Sadly, even though Trovi / Conduit was blocked as a virus… the homepage for IE still ended up being set to it. Luckily it’s easy to change the IE homepage, right?
Just for shiggles, we decided to go back and install that YTD downloader app that Avast blocked. We turned off the shields for a few minutes, installed it… and all of a sudden we couldn’t use the browser anymore. Every time you open IE, this weird message shows up… and the browser appears to be trying to use some tunnel.
At it turns out, that download was blocked for a reason: it installs a proxy and tries to send all of your web browsing through it. That’s really bad.
We’ll have to honestly say that Avast did block the worst of the malware, but it did nothing for most of the spyware and browser hijackers. The problem is that this issue of bundled software is so pervasive that there’s nothing any antivirus vendor can do.
The End, For Now
Our story ends here, but hopefully we’ve all learned some important lessons from this quick journey through the world of crapware. Freeware software vendors make almost all of their money by bundling complete nonsense and scareware that tricks users into paying to clean up their PC, despite the fact that you could prevent the need to clean up your PC by just not installing the crappy freeware to begin with.
And no matter how technical you might be, most of the installers are so confusing that there’s no way a non-geek could figure out how to avoid the awful. So if you recommend a piece of software to somebody, you are basically asking them to infect their computer.
And it doesn’t matter which antivirus you have installed — we’ve actually done this experiment a number of times with different antivirus vendors, and most of them completely ignored all of the bundled crapware. Avast did a pretty good job this time compared to some of the other vendors, but it didn’t block all of it for sure.
There are also no safe freeware download sites… because as you can clearly see in the screenshots in this article, it isn’t just CNET Downloads that is doing the bundling… it’s EVERYBODY. The freeware authors are bundling crapware, and then lousy download sources are bundling even more on top of it. It’s a cavalcade of crapware.
Each time we ran through this experiment over the last few months, different software would end up being bundled in a rotation, but every single software that bundles itself ends up bundling the same culprits: browser hijackers that redirect your search engine, home page, and put extra ads everywhere.
Because when the product is free the real product is YOU.
Don’t recommend freeware downloads.