mouse
Go to Homepage


Subscribe to free weekly newsletter

Mouse Print*
is a service of
Consumer World

Support us by using:

Deal Alerter
Visit our sister site:

Consumer Reporters & Advocates in Media


Updated every Monday!   Subscribe to free weekly newsletter.

November 4, 2013

How Crapware Gets on Your Computer

Filed under: Computers,Internet — Edgar (aka MrConsumer) @ 6:06 am

MrConsumer’s friend always complains about pop-ups and unfamiliar toolbars taking over his browser. I show him how to remove most of them, and advise him to be more careful when installing new software.

Unfortunately, MrConsumer didn’t follow his own advice recently when downloading and installing a utility package to help get a new movie editing program working properly. The movie software company advised me to go to c|net, a respected website owned by CBS, to download the codec package I needed.

c|net has you download a small file first, and then the larger one. As I was installing the program, you first see this screen:

cnet 1

I then proceeded to the next step and chose “full installation (recommended)” since I knew little about these codecs and the options/settings.

*MOUSE PRINT:

cnet 2

Lurking near the top of the next screen were the words “special offer” and in the description of “full installation” was a notation that a “Sweetpacks” toolbar would be installed in my browser and my homepage would be switched to a different search company. Didn’t see that, and like most us, just clicked “next step.”

That next step brought up an end user license screen that most us just click and accept without reading.

*MOUSE PRINT:

cnet3

This time, I noticed “special offer” and the fine print said I was agreeing to install the Lucky Leaf toolbar and to get offers and coupons. I hit decline. But those who didn’t see that, probably most of us, would just hit “accept” figuring if you don’t, you won’t be able to install the software.

The next screen had yet another “accept” button to agree to “terms and conditions.”

*MOUSE PRINT:

cnet 4

And it had another “special offer” for a plug-in for faster browsing and turning text into links. I hit “decline.”

After a configuration screen came up with options that I clearly didn’t understand, I abandoned the installation and cancelled it.

Sure enough, and to my surprise, when I opened Internet Explorer, my Consumer World homepage was replaced with AVG search. What? Where did that come from? I changed the homepage back to Consumer World, and disabled AVG search under “add-ons.” When I re-opened IE, now Sweetpacks was my homepage. GRRRRR. Went back in and found it, and removed it.

So even having cancelled the installation of the main program, all of this crapware had already been installed on my computer.

The lesson is that we simply can no longer click “next, next, next” when installing any software, even from what you believe to be a reputable source, because these programs are being preloaded with crapware.

• • •

17 Comments

  1. Welcome to the “I’ve been burned” club. This crap has been going on ever since Al Gore invented the internet. Like you, I learned the hard way. Now I have no problems since I examine everything as close as possible.

    Comment by Rick — November 4, 2013 @ 9:40 am
  2. It just goes to show that the hand is quicker than the eyes! Been there, done that.

    Can you uninstall it and download it again?

    Comment by Frankie — November 4, 2013 @ 9:49 am
  3. Adobe reader has a pre-checked box that auto-enables Google Chrome as your default browser.
    You must manually uncheck it before downloading Adobe. Watch out!

    Comment by Frank Inmon — November 4, 2013 @ 10:03 am
  4. I’m not a lawyer, but I’d suspect you have a pretty good legal case. When you saw the EULA, you declined. Seems like you aren’t bound by the EULA terms at this point since you expressly indicated that you don’t accept them. And since they installed it anyway after you declined, that sounds like it would be whatever the computer equivalent of trespassing is.

    Comment by Patrick — November 4, 2013 @ 10:04 am
  5. Many video games have this same issue. I bought my wife a pile of ‘old’ games. All on CD. You would not believe the number of toolbars and add-ons these games try to install. Then getting rid of them under an ‘advanced’ button. What is even worse? Many of the services no longer even exist! Out of her 200 games only two had forced installs. Lucky the uninstallers worked…

    I have been skipping cnet for awhile since they started wrapping other installers in their own. Or I will do it from inside of a VM and pick out the real installer. I usually have more luck just going to the original site that made the program. Moral of the story use VM’s and snapshots to test software. I recommend virtualbox because of its low cost of free :) That bit of software has saved me hours of ‘what did this do to my computer’. I highly recommend it. The power of fixing your computer in a couple of clicks is amazing.

    Comment by me — November 4, 2013 @ 10:04 am
  6. lol I thought everybody knew to stay away from Cnet by now. They are the last place I will go to now a days. There was a major sh** storm when they started doing that. Many indy software designers pulled their products due to it. Use Major Geek or File Hippo. There is a great free program called Win Patrol. It alerts you when something tries to hijack your homepage or installs tool bars without your knowledge. I install it on all my friends computers. It saves me a ton of headaches.

    Comment by Brody — November 4, 2013 @ 10:26 am
  7. Long ago, I was almost taken in by the big green “Download Now” CNET installer button. I did not want an installer/installation tracker and then happened to notice the small “Direct Download Link” underneath that big green button. If there was no direct download link, I would not download from CNET.

    Also, it would not occur to me to download K-Lite from CNET. I’ve always downloaded K-Lite directly from “free-codecs.com” where you choose from basic, standard and full apps.

    Comment by Sheila — November 4, 2013 @ 10:47 am
  8. Boycott Download.Com and possibly Cnet too?

    Comment by Russ — November 4, 2013 @ 10:56 am
  9. You are not alone, being infected with the Sweetpacks/Conduit abomination. Conduit hides everywhere. I finally got rid of the contaminations in my computer by going to the conduit homepage
    where you can find instructions for removing this junk, followed
    up by a couple of sessions using Revo Uninstaller Pro. Good luck
    Edgar

    Comment by Donald Ball — November 4, 2013 @ 11:08 am
  10. Wow, thanks for the heads up – seriously! I consider myself very careful as well, but had no idea that cnet was up to these kinds of shady things nowadays.

    Comment by Miss Curmudgeonly — November 4, 2013 @ 12:12 pm
  11. I repair computers for a living. Over the last year, I have found quite a few malware programs installing themselves on customer’s computers after they install the Google Chrome web browser, which seems to act as a portal for “ghost installations of malware”. After cleaning their computers of all malware, sometimes as many as 28 programs and toolbars, I warn my customers that they should never install any software from Google.

    Comment by Mohammed Goldberg — November 4, 2013 @ 1:43 pm
  12. When this happens, simply go to the search engine of your choice, search “________ download” substituting the name of the program you seek for ___________. You’ll ‘most certainly always get a different, more direct source from which to download the same item.

    I tried this multiple times.

    Works like a charm.

    Comment by joel — November 4, 2013 @ 3:06 pm
  13. I abandoned Download.com once they started trying to force me to download their installer so that I could install other programs.

    Word of advice: Anytime you install new software, click on “Custom Installation.” A number of programs set up bloatware, toolbars, malware, etc. in addition to the typical install. You have to manually prevent those things from installing.

    The last software I had to update was Java, and even that software from a reputable company wanted to install a web toolbar to my computer.

    Comment by Wayne R — November 4, 2013 @ 8:38 pm
  14. Sweetpacks is really nasty. The best thing I’ve found to remove it is AdwCleaner.

    Comment by Marc K — November 4, 2013 @ 9:22 pm
  15. Discovered the same problem with Adobe and recently Java(checkbox to download Google Chrome) and I have not used CNet in several years because of being burned with ghost malware). Be wary of downloading the coupon printer for Coupons.com – it also contains hidden installations. Now I refuse anything that requires a download unless I can access the site that created the program and if it requires a download I carefully scrutinize the “instructions” and “Terms”. It’s getting worse every day! PS – Want to thank you for Consumer World and Mousprint. It has been a big help in many instances!

    Comment by Nancy — November 5, 2013 @ 7:41 am
  16. Another thing to be aware of – I’ve encountered several downloads that have a tiny checkbox hidden within the “instructions” or “terms” that was checked by default. If you don’t de-check the box, it will DL the malware regardless of which button you hit. I examine ALL of the text for things like this when I am forced to DL a utility or app.

    Comment by Richard — November 6, 2013 @ 9:38 am
  17. @me: what is the “VM” you’re referring to? Thanks.

    Comment by Deb — November 16, 2013 @ 8:34 pm

Comments RSS

Sorry, the comment form is closed at this time.

Powered by: WordPressPrivacy Policy
Copyright © 2006-2014. All rights reserved. Advertisements are copyrighted by their respective owners.