Guide | How To Avoiding Adware in Installers

The associated guide may contain user-generated or external content.

BoraMurdar

Community Manager
Thread author
Verified
Staff Member
Well-known
Aug 30, 2012
6,598
About This Guide
This guide provides several real examples of installers which contain adware. The intent is to show you the tricks that they use to attempt to trick you into installing the adware in hopes that you can learn to avoid it.

Before you brush off this guide as common sense, it may be worth a look. The adware developers are getting very sneaky and I've almost been caught a few times myself. Recently, Foxit Reader modified their installer so that the adware was no longer optional but mandatory. This is a continuing trend and adware is only going to get worse, so it's important to learn how to avoid installing it... unless you like toolbars which track your browsing history.

Note: All of the installers have [#] in their titlebar because they were running in Sandboxie.

Accept or Decline? Agree or Disagree?
This is a common trick that they'll use. To avoid installing the adware, you must click Decline / Disagree rather than Accept / Agree.

post-57213-0-97313500-1307244464.png

This may catch some users because the text looks like the license agreement.​

post-57213-0-75118600-1307244483.png

#########################################################################


I agree to...
In these examples, you must uncheck the checkbox in order to avoid installing the adware.

I agree to the agreement

post-57213-0-54889700-1307244460.png

post-57213-0-30507300-1307244543.png

#########################################################################


Custom Installation
For some installers, you must choose Custom installation if you want to opt out of the adware.

post-57213-0-01617000-1310709539.png

#########################################################################


Post-Installation
This installer attempts to catch you after you've installed the program.

post-57213-0-76124000-1307244486.png

#########################################################################


Distraction
Some installers may catch you by tricking you into clicking the wrong option. I'm not sure if these were designed to deceive, but I nearly clicked the wrong options for both installers, so I added them to the guide.

Here, my first reaction was to click Custom installation and uncheck the boxes below it.
It seems obvious, but the Custom installation is the first thing to grab your attention.​

post-57213-0-63316500-1307244452.png

Once again, the Custom installation was the first thing to grab my attention.​

post-57213-0-44441900-1310709537.png


#########################################################################


Mandatory Installation
Recently, Foxit Reader didn't give you an option; You we're forced to install the adware if you wanted to install Foxit Reader. You may think that unchecking the two boxes was enough, but you have to read to understand there's no opting out.

Foxit Reader later updated their installer following several complaints, but this still stands as a solid example.

post-57213-0-38803100-1307244490.png


#########################################################################

Websites Packaging Adware in Downloads
This is a new and worrying trend. Many websites, including the popular CNET, have started packaging several downloads in a custom web installer which includes adware, often without the permission of the original developers. The examples below are pretty obvious and easy to avoid, but it's a trend you should be aware of none the less.

CNET's download.com​

post-57213-0-93104600-1323809688.png

Softonic.com​

post-57213-0-45170600-1323809690.png

Tucows​

post-57213-0-86509500-1328579848.png

#########################################################################

Installers with Spyware
It was recently reported that DAEMON Tools, a popular CD-image mounting software, installed a spyware feature called MountSpace which reported every image you mounted to an online server. Even if you declined the feature, it was still active without your permission.
 

Littlebits

Retired Staff
May 3, 2011
3,893
Like to add many programs have portable zip files that you can extract and use without messing with adware installers.

Also if you use Haozip, it can extract files from installer setups without having to run them and make your own portable version.

Thanks. :D
 

BoraMurdar

Community Manager
Thread author
Verified
Staff Member
Well-known
Aug 30, 2012
6,598
Also, 7zip could work :)

This is one of the reason why I love ESET so much. It's ruthless to adwares, finds them as you run the installer, and removes it (when a toolbar is extracted to the temp folder) so you have clean installer without crap.
 
  • Like
Reactions: Svoll

Mickyman

New Member
Dec 2, 2013
10
I hate when installers have this. Good information!

@Littlebits
I'll have to check Haozip out. Sounds like a neat program.
 
  • Like
Reactions: Svoll

Nedim

Level 12
Verified
Mar 17, 2013
553
BoraMurdar said:
Also, 7zip could work :)

This is one of the reason why I love ESET so much. It's ruthless to adwares, finds them as you run the installer, and removes it (when a toolbar is extracted to the temp folder) so you have clean installer without crap.

Yep, ESET is doing a great job regarding adware.
 
  • Like
Reactions: Svoll

BoraMurdar

Community Manager
Thread author
Verified
Staff Member
Well-known
Aug 30, 2012
6,598
Nedim said:
BoraMurdar said:
Also, 7zip could work :)

This is one of the reason why I love ESET so much. It's ruthless to adwares, finds them as you run the installer, and removes it (when a toolbar is extracted to the temp folder) so you have clean installer without crap.

Yep, ESET is doing a great job regarding adware.

Some AV's in my past testing were removing the whole installer where the adware is implemented... ESET removes just the adware from installer, it's really awesome :D
 
  • Like
Reactions: Svoll

Nico@FMA

Level 27
Verified
May 11, 2013
1,687
Very nice guide.
However some of the bundled installers, do install their products anyway as accept or decline does not always work.
Some of the more nasty installers these options are just cosmetic, and when you are looking in your hidden appdata map you will see them being installed anyway.
Personally i would say if a program comes with a bundled installer: DELETE, NOT DOWNLOAD, NOT INSTALL IT.
Saves you selecting 500 screens before you install a probably mediocre file at best.
I regard bundled installers, Spy/Ad/and BS ware.
But thats me.

Anyway very great guide, well written and one that should receive the credit it deserves.
 

BoraMurdar

Community Manager
Thread author
Verified
Staff Member
Well-known
Aug 30, 2012
6,598
Very nice guide.
However some of the bundled installers, do install their products anyway as accept or decline does not always work.
Some of the more nasty installers these options are just cosmetic, and when you are looking in your hidden appdata map you will see them being installed anyway.
Personally i would say if a program comes with a bundled installer: DELETE, NOT DOWNLOAD, NOT INSTALL IT.
Saves you selecting 500 screens before you install a probably mediocre file at best.
I regard bundled installers, Spy/Ad/and BS ware.
But thats me.

Anyway very great guide, well written and one that should receive the credit it deserves.

Thanks man :)
Yes, there are installers that automatically installs adwares. Like I said, that is one of the reason I love ESET so much, in most cases when you click to install some program, it extracts all necessary files to temporary folders, there ESET "extracts" adware from installer,deletes it and during installation there's no ad windows asking you to install adware. It's great. It only deletes what's malicious and installation is continuing properly.
 
  • Like
Reactions: Svoll

hakah

Level 6
Verified
Well-known
Apr 19, 2014
283
Though you make your selection, sometimes they won't pay much attention and still install those you don't want. How to prevent that? Is it No Way?
 
  • Like
Reactions: Svoll

SifhX

Level 4
Verified
Jan 26, 2014
188
Though you make your selection, sometimes they won't pay much attention and still install those you don't want. How to prevent that? Is it No Way?


If you have suspicions, you can test the installer in a sandbox first
 
  • Like
Reactions: Svoll

etzio

New Member
Apr 19, 2014
4
That is my problem when installing things, I intend to click the right button, But the Adware keeps me from clicking it, Or tricking me to click it rather than the button of the installer. I tend to click the buttons really fast sometimes, Maybe it's time to try what Sifhx said. Use a Sandbox. Sorry if my comment was really long.
 
  • Like
Reactions: Svoll

Littlebits

Retired Staff
May 3, 2011
3,893
Search for the program on Softpedia, they have edited versions without the adware crap of some programs.
When you see the logo below that means they test each version of the product listed.
softpedia_clean_award_f.gif


If the program contains adware then Softpedia will notify you at the bottom of the product's description;
Example: aTube Catcher (an excellent free multimedia suite)-

At the bottom you will see:
Users are advised to pay attention while installing this ad-supported application:
  • Offers to change the homepage for web browsers installed in the system
  • Offers to change the default search engine for web browsers installed in the system
  • Offers to download or install software or components (such as browser toolbars) that the program does not require to fully function

Softpedia has a strict adware policy for programs which makes it one of the safest download sites.
It not perfect because you still can find many rogue or scams programs listed but they will not infect your system or give you surprises.

Another option is find a portable zipped version of the program that you want to use. You can search on Softpedia for "Portable + name of program", portable versions are always 100% clean.

Enjoy!! :D
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top