Sunday, March 14, 2010

Run or Save?

When you download a file from the Internet, you usually get a prompt asking to to Run, Save or Cancel the download. What's the best answer?  

Most of the time, you should choose to save the file to your Desktop or Downloads folder - and make sure you look to see where it's being saved so you can find it. When you save an installer file, or picture or document to your computer before opening it, your antivirus/antispyware program will scan it and let you know if it's infected. Otherwise, if you choose to just Run it from the Internet, you take the chance of setting loose an unwanted piece of malware that's hitching a ride with the file you DO want.

Here's more information from Microsoft on the subject:
http://www.microsoft.com/protect/data/downloadfileshare/saving.aspx

I've spent many, many hours lately cleaning up rogue antivirus/antispyware programs that wouldn't have had the chance to run if the user had simply taken an extra minute to save the file before running it. That's not the only way to get a rogue infection, but it's a good one.

2 comments:

Tlynn said...

Thanks for posting this: I just went through this with a friend (on the phone), and was lucky she didn’t lose the file because I couldn’t see her computer screen. Also had to explain to her about how important the anti-virus scanning was.

Here's how I have it set up (in Mozilla Firefox. Don't know if it's the same in the dreaded IE):

Menu: Tools/Options/General

Under the Downloads column, check “Show the Downloads window when downloading a file.”

Then uncheck the “Close it when all downloads have finished.”

Choose the default “Save files to: Download”

When the download is finished (and scanned), just double-click the file and it will start the installation process.

This way, you know exactly where the file is after it’s been downloaded. And, until you clear the Downloads window, you know exactly what you’ve downloaded recently.

Anonymous said...

PLEASE STOP SPREADING FALSE INFORMATION.
When you click on "Run" the file is STILL saved to your computer, scanned by your AV and run, it is just saved to the Temporary Internet Files folder rather than your normal download folder.

To test this yourself, download a file (such as the 32 bit MSI installer for 7Zip, available from http://downloads.sourceforge.net/sevenzip/7z465.msi ) in IE on XP and click on Run.

When Windows asks to run it, go to %HOMEPATH%\Local Settings\Temporary Internet Files.
You will find the file that you told to "Run" sitting in that folder where it was saved and run from. The ONLY difference between "Save" and "Run" is where the file is saved to. AV will scan it before it runs no matter where it is saved to. However, selecting "Run" will allow IE to delete it as needed to make space in that temp folder (or when you clean the temp folder).

Don't believe me? See http://helpdesk.its.uiowa.edu/articles/runsave.htm or http://www.worldstart.com/tips/tips.php/1722
If your AV is not scanning files on execution from the Temporary Internet Files folder, it should be replaced.