About | Buy Stuff | News | Products | Rants | Search | Security
Home » Resources » Software » Reviews

Uncle John's Rules
for Downloading and Running Junkware

Every time you install and run software on your system that turns out to be junk, things get just a little bit worse - a little bit 'junkier'. If you don't carefully control each product you try, your system will be trashed and beyond repair in a very short time. Follow the guidelines below and save yourself some major misery.

  1. Make sure you've read through this document first. Make sure you fully understand everything, and know exactly how you are going to proceed.

  2. Note the size of the download module. Size does matter! Be suspect of anything over or near 1MB. It's probably written in VB or Delphi. And consider that there are more dangers than just the bloat: VB and Delphi are used by people who don't really know how to program, meaning the risk for shaky software, corrupt install programs, insufficient uninstall routines, etc. rises geometrically.

  3. Find out as much as you can about the install routine before running it. See if WinZip can do anything with it. With some install packages it can. If you can peek inside it, by all means do. Check file sizes again, if applicable. See if you can peek further into any programs found there. Look for telltale Registry strings like 'SOFTWARE' and 'RegCreateKey'; look for signs of WIN.INI I/O, such as WriteProfileString. Radsoft has a number of excellent tools to assist you here: Bloatview, Hexview, Peeper, and X-perf.

  4. Prepare your machine for the onslaught. See you have your Registry backed up, and make sure you have a method for restoring this backup if things go south during the install. Better yet, test the install (and the application) on another machine that you can wipe clean at any time. Get yourself some file system and Registry monitor tools such as those found at Mark Russinovitch's Systems Internals site, http://www.sysinternals.com. Get both tools up and running so you can see exactly what the install program does. Stamp all your system(32) files with a very easily recognizable date and time, such as Midnight January 1, 2000. Stamp all your directories too, so you can see at a moment's glance where things have changed after the install.

  5. Run the install routine. But no matter how much it badgers you to try it right away, do not run the application. And if the sad thing asks to reboot your system, say no. Stop at this point and save your file system and Registry monitor logs to disk, then if you were not told you need to reboot start new log files for both programs. Stop a moment further and take a look around. Anywhere you see that a directory date/time stamp has changed, go into that directory and sort according to date and see what files have been affected. Make a note of all changes and get this to disk at once. If the install program put something on your desktop (heaven forbid), make a note of it. If the install program cluttered your Start menu, make a note of exactly where all the clutter is. Make sure to check all your sub-menus (again, the easiest way is to just look for changes in the date/time stamps on them).

  6. Check your Registry for evidence of foul play. Check the Run, RunOnce, RunOnceEx, RunServices, and RunServicesOnce keys everywhere. And check HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Session Manager \ PendingFileRenameOperations in case the install program is going to try to overwrite some of your precious system files on the next boot.

  7. If the install program told you to reboot, do it now. Again, check your file system for any further tampering, and open your log files. Find out what file was written or overwritten where. Make a note of and assess all the damage. And remember: no install program for any application ever need tamper with your existing system, and no such program ever really needed to write in your system(32) directory or even worse overwrite something there, and certainly not without asking your permission to do so first, and not even then before fully explaining to you what is going to happen and what the consequences are. That install programs still do this is just because there are so many lame programmers in the world. Microsoft is now fighting these people with brass knuckles with its new Installer, which is supposed to safeguard your system and prevent what they aptly call 'DLL hell'. If anything has happened to your system files, think twice about using the application in question.

  8. Investigate your log files to find what kind of secret junk the install program has hidden on your machine. Don't buy that line about people having to protect their software. If they really want to protect it they don't have to distribute it. Then there is no need to protect it at all. Remember they are the ones who made their software available, and if they can't do that in a satisfactory manner then they can just forget it. Find out what keys in your Registry have been affected. Yes, you will undoubtedly stumble upon their system for locking you out after 30 days, but that's neither here nor there (and it's actually good for you). The point is they had no right trashing your disk and your Registry like that in the first place. Make a full list of all the changes to your disk(s) and your Registry together with instructions as to how to remove all this trash and restore everything if necessary.

  9. Run your program. Make sure your file system and Registry monitor programs are running again, directed to new log files on disk, and just start it and exit it at once. You don't need to do more at this point. Stop your monitor programs and save their logs to disk and open them and inspect them. Note any further changes, note which files are being accessed on disk, which keys accessed or written to in your Registry. Use a system utility to note what dependencies the application has: this should correlate to your earlier investigation of the files actually written to your disk. Make a note of all dependencies not leading to the application's install directory.

  10. Finally, if you haven't lost heart yet, try your application. Give it a run for its money. And feel secure that no matter how poorly it performs, you can use the information you've just gathered to kick its butt completely out of town at any time.

About | Buy | News | Products | Rants | Search | Security
Copyright © Radsoft. All rights reserved.