If you’ve ever tried to download or install JDownloader (aka JDownloader2), you may have been surprised to find that either the download was blocked by your Web browser, or that the installation file was quarantined by your Anti-Virus software. In fact, this is exactly what happened to me and it made me worry that the software could be harmful to my computer. I searched around the Web and posted on datahoarder forums asking if JDownloader was dangerous and I got a mixed response, so decided I would investigate for myself.
The good news is that JDownloader is safe to use, however, there are a few caveats that I must point out. You need to be very careful about where you download the software from. If you download JDownloader from a dubious source then, of course, you risk your computer becoming infected with a virus. For a few years now, that official installer has contained adware and is sometimes flagged by Anti-Virus software for this reason. Some Anti-Virus software also flags JDownloader itself as being a “potentially unwanted program”. Fortunately for us, JDownloader is a Java program so we can just download the “.jar” version and run it without installing.
Where you can download the safe/clean version of JDownloader
Firstly, as JDownloader is written in Java you’ll want to make sure you have a suitable “JRE”, or Java Runtime Environment installed on your system. For security reasons, you should always make sure you’re running the latest version of Java available for your platform. Old versions of Java are notorious as posing security threats due to their numerous vulnerabilities. Oracle recently announced that they’re changing their licence model too, effectively moving it away from being free. A lot of people have made the switch from Oracle Java to an open-source version of Java, myself included. I’ve decided to use AdoptOpenJDK so that’s what I’ll use in this example.
Step One – Check / Install Java
As JDownloader requires Java, you’ll need to check that you have it installed on your computer. On Windows, just launch a command prompt and type the command “java -version” (without quotes). If Java is already installed then the version should be returned, like this:
If instead it produces an error message along the lines of “java is not recognized as an internal or external command” then you know that you don’t have Java and you’ll need to install it. As mentioned earlier, I recommend the AdoptOpenJDK variant so just follow these steps:
- Head over to https://adoptopenjdk.net/.
- Under “Choose Version” make sure you select “Latest”.
- Under “Choose JVM”, be sure to select “Hotspot” (Hotspot is the most popular Java Virtual Machine, it’s Open-Source and suitable for all workloads, including running JDownloader!)
- Run the installer and follow the instructions in the Wizard, leaving everything at its default.
Step Two – Download JDownloader2 JAR File
Do NOT download the installer from the homepage of JDownloader (http://jdownloader.org) because as I previously mentioned, it contains adware/malware. Instead, download the clean “JAR” from here.
At the time of writing, the link to the “JAR” file is under the “Other” section of the webpage. Note also that the title of the page is “JDownloader 2 Adware-free Setup”:
Once the “JAR” file has been downloaded, simply move it to somewhere appropriate. I decided to move my copy of the file to “C:\Datahoards\Software\JDownloader\jdownloader.jar”. Once moved it’s just a case of double-clicking the file and if all went to plan, the Java Runtime should launch the JDownloader GUI.
Checking JDownloader2 is virus-free using VirusTotal
At this point, I was fairly confident that JDownloader was safe and didn’t contain any viruses. My research had led to the discovery that the official installers for Windows came bundled with Adware but because I had bypassed the installers and manually downloaded Java and the JDownloader JAR, I was fairly sure it was safe. You can never be too careful however so I decided that I’d scan jdownloader.jar using VirusTotal. For those unaware, VirusTotal.com is a trusted website that’s been around for years. They allow you to upload any file you suspect of being malicious and they scan it using dozens of different Anti-Virus and Internet Security products and share their results with you. In addition to automated scanning, VirusTotal also have a community section where others can vote/comment on their experiences with the file in question.
One feature of VirusTotal that I find particularly useful is the ability to see when any user first uploaded a copy of the file to them. I’ll explain later on why this is important in the case of JDownloader. As you can see from this image, VirusTotal reports zero hits when scanning jdownloader.jar, indicating they believe it’s safe:
Kaspersky detection of JDownloader.jar as pdm:trojan:win32:generic virus
I tend to use Kaspersky Internet Security on most of my systems. With current political tensions, Kaspersky is viewed by some with suspision, in a similar way to China’s Huawei I suppose. I personally think the Russian Anti-Virus software is great and I’ve never had any issues with it. I find it’s often able to detect malware a lot faster than its competitors. One day, after I’d been using JDownloader for around two weeks, I opened it up and it started to automatically update.
This isn’t unusual as the premium file hosting services (Mega.nz, Dropbox, etc) often change their website layout and backend code, meaning that JDownloader is continually being updated to support downloading from these services. The update began and I was quite surprised when Kaspersky popped up saying it had found a potential virus and that the system needed disinfecting.
I did a little research and quickly discovered that Kaspersky’s detections of pdm:trojan:win32:generic are not based on Anti-Virus signatures but are based on heuristic analysis. This means that Kaspersky has been monitoring what the application has been doing (in this case updating itself from the Internet) and believes this activity is suspicious. In other words, Kaspersky thinks that the software is doing something unusual, something that a virus would potentially try to do. This makes sense if you think about it because a virus would try to phone home, download payloads from the Internet and copy them to various places across the system. After this detection, I did a complete system scan with Kaspersky and another with MalwareBytes. Both scans came back clean, reporting no infections, so I believe in this case the detection of pdm:trojan:win32:generic within JDownloader was, in fact, a false positive (a red herring, if you will).
Running JDownloader in a Virtual Machine without Anti-Virus protection
I’ll be honest, after Kaspersky flagged JDownloader during the update process, it knocked my confidence in the software a little. I started to wonder what would have happened if Kaspersky hadn’t jumped in and blocked the JDownloader update process. Would JDownloader have then downloaded some malicious payload, once it had gained my trust? I decided an experiment was called for to help restore my faith that JDownloader was completely safe to use.
I fired up VMWare Workstation and quickly spun up a fresh Windows 10 VM. In case you don’t know, a VM (or Virtual Machine) is like having a little virtual computer running inside your real, physical computer. A VM allows you to install an operating system and other software, keeping them completely isolated from your real computer. If a VM becomes infected with a virus for example, you can just delete the VM or revert it to an earlier state by using a snapshot.
I ran Windows Update on the new Windows 10 VM to bring it fully up to date with Microsoft patches and I then installed the latest version of Adopt OpenJDK. Crucially however, I purposely didn’t install any Anti-Virus or Internet Security software at all. Usually, at this point I would have installed Kaspersky, but for our experiment I wanted to allow JDownloader to have free-reign over the VM without any security software blocking or monitoring it.
I then downloaded the clean version of JDownloader as described earlier and launched it, Over the course of the next month, I closed and opened JDownloader a number of times, adding downloads and entering my credentials for the premium cloud hosting services such as Mega. A couple of times I observed JDownloader perform an automatic update, this time unhindered by any Anti-Virus. After a month of intense JDownloader use, the day had finally arrived to see what damage it had done to my VM. To be fair, the VM still felt quick and I hadn’t noticed any of the tell-tale signs of a malware infection so I was pretty certain a virus scan wouldn’t find anything nefarious.
I installed the latest version of KAV (Kaspersky Anti-Virus), performed a manual update to bring the engine and virus definitions up to date, and then ran a full scan. As the VM was fairly light-weight the full scan completed in around twenty minutes and as expected, no threats were detected.
So, after a month of using JDownloader on an unprotected system, allowing it to auto-update whenever it liked, there were no infections found. Although a little redundant after performing a full file-system scan, I decided to perform a selective scan of the JDownloader folder, here are the results:
I personally believe that JDownloader2 is safe to use and does not contain any malicious code. That said, it’s important to only download/install it using the safe method described above. If you chose to ignore this advice and install JDownloader using the standard installer packages, then you run the risk of installing adware on your system. I’ve been datahoarding using JDownloader for several months now and I plan to continue!