1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Guide Mind the PUP: Top download portals to avoid

Discussion in 'Windows - Virus and spyware problems' started by 2oldGeek, Mar 17, 2015.

  1. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,687
    Likes Received:
    35
    Trophy Points:
    78
    Mind the PUP: Top download portals to avoid
    In Security Knowledge by Slade on March 11, 2015 | Deutsch, English, Français
    We recently researched how many potentially unwanted programs (PUPs) come with the 50 most popular applications on Download.com. Since the results were quite disturbing, we decided to look into the habits of other popular download portals to see if they are any better, or whether it’s better to avoid download portals altogether. Most of them claim to have “clean and safe downloads” and many portals express this on their website. However, trusting any download portal at all is becoming a difficult task for most people due to the rapid growth of bundled PUPs and the software reviews on the sites that often don’t seem objective.

    We looked into the ten most popular download portals, downloaded their top ten most popular applications to see how many toolbars, adware, homepage hijackers and other PUPs come with them to see how clean and safe they really are.

    What are the top 10 applications on each download portal?
    First, here is a list of the top 10 most popular downloads per download portal that we used for this article:

    • Download.com – Avast Free Antivirus, AVG Free Antivirus, CCleaner, YAC, KMPlayer, YTD Video Downloader, Advanced System Care Free, DownloadApp, iObit Uninstaller, Free Youtube Downloader
    • Filehippo – Adobe Reader, CCleaner, Mozilla Firefox, Picasa, Java, Recuva, Skype, uTorrent, VLC Media Player, WINRAR
    • Snapfiles – Avast Free Antivirus, CCleaner, Comodo Internet Security Premium, Auslogics Disk Defrag, Eusing Free Registry Cleaner, Freemake Video Converter, GIMP, PDFX Viewer, Recuva, Revo Uninstaller
    • Softonic – Avast Free Antivirus, BSplayer, Mozilla Firefox, Hotspot Shield, Adobe Flash Player, iObit Malware Fighter, Skype, uTorrent, VLC Media Player, YTD Video Downloader
    • Softpedia – Google Chrome, Malwarebytes Antimalware, Nero Free, Orca, Super Simple Video Converter, Picasa, Image Burn, Skype, Unlocker, Yahoo Messenger
    • Tucows – Express Files, Karaoke Player Software, Network Inventory Advisor, Internet Download Manager, Internet Explorer 8, IrFan View, Internet Explorer 9, Outlook Express, PDF Converter, PDF Reader
    • SourceForge – 7Zip, Audacity, Camstudio, DVD Styler, Filezilla, KeePass, Media Player Classic, Process Hacker, Password Safe, VLC Media Player
    • Filehorse – Avast Free Antivirus, Advanced System Care Free, Adobe Reader, AVG Free Antivirus, Java, Moborobo, Skype, iTunes, VLC Media Player, Winamp Media Player
    • Software Informer – Free Download Manager, Avira Free Antivirus, Avast Free Antivirus, Free 3GP Video Converter, Free MP3 Wma Converter, AVG Free Antivirus, Free Sound Recorder, Free Video to JPG Converter, Free DWG Viewer, 123 Solitaire Free
    • Soft32 – Counterstrike, DC++, Mozilla Firefox, Google Chrome, Google Earth, Virtual DJ, Internet Explorer 9, Yahoo Messenger, VLC Media Player, MSN Messenger
    Download Portal Mayhem: how many can you safely trust?
    We tested all the above mentioned downloads per portal to see how many PUPs come bundled with them. Please note that only PUP programs were counted; potentially unwanted modifications or changes (such as changing the search homepage tab without installing a program) were not. The overall results:


    [​IMG]

    [​IMG]

    As you can see, nearly every download portal contained at least one or more PUPs. Out of the ten tested download portals, only SourceForge managed to keep their top software PUP-free. The download portals that should be avoided at all costs are: Download.com, Tucows, and Softonic.

    Be careful when clicking the big green Download button
    The big green “Download Now” button looks pleasantly appealing to the naked eye; however, what is really hidden within it once you click on it? A massive variety of “Download Now” buttons on several of the top download portals and software vendor websites are unsafe to use because they are in fact cleverly disguised PUP installers. Your desired software will be presented to you at the very end of the installation after being presented with tons of junkware offers and PUPs first. A word of warning: the direct download link will most likely be disguised or even hidden, you may find yourself having to carefully search for it. Below are a few example screenshots of installers that describe this very scenario:

    [​IMG]

    SourceForge may do a good job at keeping their top ten applications PUP-free; however, some PUPs are delivered through optional installs per the freeware vendors choice. Sourceforge provides software developers the option to make cash with their freeware through software bundles, and apparently some software vendors chose to do so as you can see in the above screenshot with the popular Sourceforge application FileZilla.

    Soft32 makes no attempt to hide its efforts to push its “smart download manager” which will “smartly” download a plethora of PUPs onto your computer. Once again, the seemingly safe “green” download button betrays a user and the safe direct download link for Avira can be found underneath in very small print. Ironically, PUPs are even bundled with various free antivirus products that are designed to keep your computer free of such threats.

    [​IMG]

    This site is so “clever” that it even incorporate the McAfee Secure logo to further ease a users mind about downloading this software using their “smart download manager”.

    Lastly, Software Informer not only hosts a PUP downloader; but, actually warns the user that it “might” contain adware or suspicious components. This is a clear giveaway that you are about to be presented with several unwanted offers and maybe even more before the real installation even begins. Another seemingly suspicious factor that can be taken into consideration is the color coding of the download button. The “download anyway” button is actually presented to the user in an orange type color which is a clear indication that you might want to use caution before clicking it.

    [​IMG]

    Below the PUP downloader, you can actually see several other options. Within the three options, you can find a “Download latest version” button which will present you with a direct vendor download link. Always use the direct vendor download when possible to ensure that your computer will remain PUP- free.

    Top 5 commonly found PUPs across all download portals
    Many download portals appear to bundle similar potentially unwanted programs. Some of the below listed PUPs may seem harmless; however, they are bundled in applications unknowingly to the user, and in addition could pose privacy concerns or potential security holes.

    PUP Portals it was found on
    Dropbox Download.com, Snapfiles, Filehorse, Software Informer

    AVG SafeGuard Toolbar Download.com, Snapfiles, Softonic, Filehorse, Software Informer

    Spigot Download.com, Filehorse, Software Informer, Soft32
    Search Protect Download.com, Tucows, Filehippo, Softonic
    Pro PC Cleaner Download.com, Tucows, Softonic
    Out of all the similar PUPs, Dropbox and AVG SafeGuard Toolbar are the most common bundled programs across all download portals. Dropbox is seemingly bundled with a plethora of free antivirus software. Spigot and Pro PC Cleaner were most widely distributed on Download.com. Search Protect was found a multitude of times, often bundled with Spigot.

    Conclusion: best to stay away from download portals
    Out of the top ten download portals 90%bundle PUPs with their top ten software applications. The total number of PUPs found altogether across all download portals totals one-hundred potentially unwanted programs. This result is quite alarming considering only the top ten applications on each portal were sampled. It’s simply better to stay away from download portals altogether.

    Here are a few tips to stay clear of PUPs:

    • Ensure that you only download reputable software from a favorable download source and always download and install with caution.
    • Use the direct vendor download approach and avoid download portals altogether. Although many direct vendors include PUPs too, it’s safer to download directly from the source.
    • Run an up to date antivirus program such as Emsisoft Anti-Malware and run frequent scans to check for malware and PUPs.
    • Alternatively, run on demand scans with Emsisoft Emergency Kit which will scan and remove potential malware and PUP infections absolutely free.
    Have a wonderful (PUP-free) day!
     

Share This Page