Helping people with computers... one answer at a time.
Someone's pointing me to a downloadable program as solution for a problem I'm having. I'm really hesitant to download and run unknown EXE files. Is there any way I can scan it with some program or otherwise ascertain if it's clean or riddled with subtle spyware, viruses, or what ever else could be bad?
I was somewhat taken aback by this question. It's a perfectly good question, and in fact one that people should be asking themselves more often.
No, my reaction was due to the lack of a good answer.
It turns out that it's fairly difficult to ascertain whether or not something you've downloaded is about to play havoc with your system.
This question exposes a very subtle, yet important difference between anti-virus scanners, and anti-spyware scanners.
Anti-virus scanners look at the contents of the files on your system to see if they have what look to be viruses or not. The files don't have to be installed or running, they just have to be accessible to the scanner.
Most anti-spyware programs, on the other hand, examine your system. They look to see if changes have been made to your system that could be the result of spyware. They monitor for changes that are commonly associated with spyware, and either alert you or block those changes.
In other words, most anti-spyware software checks what's running. There's no tool, that I'm aware of, that allows you to say "does this file contain spyware?" before you install it.
And that surprised me.
So, what do you do? What do I do, for that matter?
Only download from sites you trust. I know, knowing who to trust is a difficult problem as well. My recommendation, in general, is don't download from third parties. If a piece of software is created by XYZ corp, then download it from the XYZ corp website. If it's available directly from the creator, there's no reason to get it anywhere else. The same's true for open source software, shareware, freeware, or whatever else. Look for the creator's website and get it directly from them.
Only download from companies you trust. Even if you do download directly from the creator's website, not all software publishers are ethical or above-board. If you've not heard of the company before, it's often worth a quick Google to see if other people have experienced problems. Much free software is "free" because it's loaded with spyware and adware - it might all be legal, but it certainly can be annoying.
Never download illegal software. You shouldn't anyway ... because it's illegal ... but even if that doesn't stop you, the risks should. Illegal software is lucrative because it's free or dirt cheap. Spyware vendors know this, and often use it as an opportunity to shovel in all sorts of software you didn't want.
Virus scan your download. This is the easy one. Anti-virus software can easily and quickly scan a file, or a download, and tell you whether or not it contains any known viruses. Make sure to keep your virus program, and it's database, up to date.
Back Up. Even though you might well trust what you've just downloaded, for a moment assume that what you're about to install will cause your machine to crash and become unbootable. Will you lose important data? Then you better make sure that's backed up first.
Set a restore point. Some installs will cause this to happen automatically, but others will not. Using Windows XP's System Restore feature, set a restore point. The good news is that for most installs, if something goes wrong, reverting to a saved restore point will, in fact, restore you to the pre-install state.
Take an image. If you're installing something really risky, sometimes the best thing to do is to take a complete image of your hard disk as a backup first. If the worst happens, you can then reinstall that image. This is a bit of work, and requires appropriate imaging software, but makes the process totally recoverable in case the worst happens. Alternately, if you have a spare machine that you don't care about, consider installing on that machine first. If things don't work out, then simply wipe and rebuild that machine.
Run that spyware scan. As soon as you've installed and run your download once, make sure to run a spyware scan. If there is a problem, the sooner you know about it, the easier it will be to deal with it.
In some ways it's not surprising that spyware's as prevalent as it is - it appears that true prevention is difficult, at best. Most remedies fall into the realm of "damage control" once a machine is already infected. Part of it is because, unlike viruses, "spyware" is a much more vague term - what does spyware really mean? The complication is that spyware looks, and acts, much more like legitimate software, making it doubly difficult.
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.