If you download software programs regularly for Windows, you probably do your due diligence when it comes to making sure that the programs are safe and not malicious in nature.
While you find lots of clean programs on the Internet for the operating system, there is probably an even greater number of infected programs out there.
The following guide discusses precautions that help reduce the risk of downloading malware on the Internet.
1. The source
Programs can often be downloaded from various sources. Maybe you have clicked on an ad in search without knowing it and were taken to a third-party page which promised the latest Firefox or Chrome version, or you have just clicked on the first result in search or followed a link from a blog or other website to a download page.
The appropriate order, most of the time, is the following when it comes to downloads:
The only exception to the rule is portable software. If a developer does not offer a portable version but a trusted third-party site like Portable Apps does, then you should use it instead.
Other trusted solutions, Ninite for instance, are an option as well as they provide clean, adware free installers.
It can sometimes be difficult to identify the official site. While you may have no troubles identifying Mozilla.org as the official site for Firefox, it may not always be as clear, especially if a program is new or not popular.
It is usually a good idea then to dig deeper and find out more about it. For instance, if the program is hosted on a custom domain, you may look up whois information.
Another option is provided by software repositories which usually link to the developer website as well. This is for instance the case when you use Majorgeeks which links to the developer site prominently on download pages.
Depending on the repository that you are using, these links may be not be as obvious as those on Majorgeeks. Some download sites go through great lengths to hide these links and keep users on their site instead.
2. Online Scan
Even if you trust a site or developer, you should scan the downloaded program using online antivirus scanners.
The reason for this is that it is possible that software hosted on legitimate sites may get infected, for instance through hacks or if the development environment itself is infected.
Virustotal is the obvious choice for that as it checks the file against more than 50 different antivirus engines.
It is a strong indicator that a file is clean if the scan does not detect a single hit. While it may not be malicious then, it is still possible that it may harm you in other ways, for instance by collecting information about your system and sending the information to a server on the Internet to create user profiles.
You may also use reputation services, Web of Trust is probably the most common, to look up additional information about a domain software is hosted on.
3. Local security solutions
Local security solutions are the last line of defense. Windows users have plenty of options when it comes to security software but the bare minimum should be a properly updated antivirus program and firewall.
Security can be beefed up with additional programs.
4. A sample workflow
If you put all this together, you could follow this sample workflow to minimize the risk of downloading malware to your system and executing it on the PC.
Now You: Have additional tips? Feel free to share them in the comments below.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.