This tame story highlights what was a slowly growing but ill-defined menace. Part of the problem is that many programs - such as toolbars and add-ons - can have or seem to have genuine uses. This means it's hard to directly label them as viruses, or even as malicious.
The term 'malware' - integrating the potentially libellous accusation of something being malicious - has been watered down more recently to the anaemic-level accusation of 'potentially unwanted program'. It's like calling a tapeworm or attached leech a potentially unwanted parasite - there is NO WAY you want that thing inside or attached to you. But hey, let's not hurt its feelings, right?
The malware world has evolved - in the 80s and 90s, the main threat seemed to be from viruses, but what did that gain the writer other than notoriety? Notoriety is great when you're living in your parents' basement, but it's not going to pay your mortgage. So when a nice chap who runs a business offers you a pot of money to write a browser toolbar, which may or may not send browsing details of the users, and who may or may not have consciously consented to such things in a 90-page EULA, put simply, you're unlikely to say no.
This leaves us in today's world, where these smart people are producing all sorts of cleverly packaged services that are just dying to get onto your PC.
Our victim
We'd never dare let the wrath of the internet loose on a real system - the consequences are too horrific to contemplate, and frankly we can't face reinstalling yet another system, for no good reason. For this cheery task, we're taking a default Windows 7 VirtualBox clone, giving it 4GB of memory to play with and running it with full access to the four cores of an Intel Core i5 2500K processor.
It had a base Windows 7 installation with security patches in place - it also had Microsoft Security Essentials in place and running, along with Internet Explorer 9, FireFox 23 and Chrome 29. All security settings were on the default levels.
So what we were using was not a million miles away from many a standard system out there in the real world. As a base, this booted in 22 seconds and used 494MB of memory with no browsers loaded. This jumped to 773MB with all vanilla browsers fired up. Individually, Internet Explorer used 24MB, FireFox 46MB and Chrome 27MB. We'll be keeping an eye on how bad these figures become to help relate to just how much, if any, of a system hog these add-ons can become on real systems.
So what foolish antics do you have to get up to, to come home with a suitcase full of dodgy downloads? Well, antics as crazy as searching Google and clicking its sponsored top results. Crazy times!
While our methodology is hard to precisely document in a scientific way, it largely involved searching for "free X downloads" where the 'X' is going to be music, screensavers, games and wallpapers. Then choosing a selection of the results from the first page of results. You know, the sort of thing you'd do in real life.
We weren't going out of our way to locate 'dodgy' sites, we hear ones ending in RU can be more like the Wild West (or is that Digital Eastern Block?). We were discounting known legit solutions as there's no point in installing Spotify, now, is there? We should also point out that on our relatively short travels we came across some legitimate sites, too. It's not entirely impossible to find kindly people and companies out there, it's just the opposite seems to be the rule rather than the exception.
