Skip to Main Content

Legit APPS or PUA? Keep your eyes wide open!

Probably most of you (me included), after buying a brand new and shiny computer, can’t wait to install all the needed applications to listen to music, edit the coolest photos, watch online videos and movies or simply read all types of documents.  And which is the easiest way to download all of them without having to visit a big amount of websites? Download portals. Is it the wisest choice? Probably not. Here’s why:

I won’t go into details on how Potentially Unwanted Applications (PUA) are crawling into our computers nowadays. Andreas already wrote a good article on the topic. What I will show next is a concrete example of a “not so trusty” website and a download process experience.

We will visit to download our apps. This website offers source code repositories, bug tracking as well as Download mirrors. What I need from this website is VLC to watch movies and FileZilla to manage my files stored in a FTP. So let’s download them:

VLC Download Page
FileZilla download page

Dare to play the “Find the differences” game? Ok, they are completely different applications, their version number, Editor’s review and so on are not the same. Even so, both download pages look very similar and (where I wanted to get) they have similar download buttons. Or… not?


As you can see, they look very similar but there are small differences like the “i” button or the short redirect link (Direct Download). If you are in hurry or just not paying enough attention, you won’t realize that there is a big difference in the downloaded files.


The VLC file comes with the original and genuine installer. If you execute it, you’ll have no problem watching your videos with this cool application. The problem appears with the FileZilla installer. The icon is quite suspicious as it is not the original icon from the Application. Well, we don’t need to know which is the original icon to figure this out since, in this particular case, the “S” and “F” from Source Forge make it kind of obvious. Anyway, we won’t think about it as a bad sign and we will proceed with the installation.


This is what we call a “PUA /InstallCore”. It is a bundle that will offer some “extra” applications apart from the ones we initially wanted to install. In the example above, we are talking about iStartSurf and BrowserSecurity. The first one also changes our default search and the browser’s Start Page. If we don’t check carefully what is happening in the installer, these PUA will all be installed. As users, we often are FTL (Faster than Light) clicking “next” while downloading Applications, so be careful if you don’t want some annoying extra applications on your computer.

It might be that the fastest and easiest way to find all the applications we need is by visiting a download portal. They can sometimes be safe and you might not encounter any problems getting what you want. Nevertheless, today’s tip is: next time you need an application try downloading it, if possible, from the original source. If this is not possible, you should at least pay close attention to the file you are about to download. Even if you download it from the original source, always check the installation carefully to don’t get extra stuff. Basically, always keep your eyes wide open!

This post is also available in: GermanItalian