D

Deleted member 2913

Currently trying uBlock Origin.
Its badware risks filter is blocking sites like download.com, softonic, etc... This is correct & the way it works or are FPs?
 

Jack

Level 85
Verified
Staff member
Currently trying uBlock Origin.
Its badware risks filter is blocking sites like download.com, softonic, etc... This is correct & the way it works or are FPs?
I also get that alert. The Badware filter is enabled by default.
1.jpg

The downloads from these site are sometimes bundled with PUP's, however the sites itself are safe....I for one would disable or ignore the "uBlock filters – Badware risks"‎, as I think it's the job antivirus to block PUP's, not the adblocker. Overall it won't make any difference if you use it or not, as the filter has very thin content...
2.jpg

Here is the official version from uBlock Origin:

The sites below are included in the "uBlock filters – Badware risks" -- or are candidates for inclusion. The sites are documented to be badware risks. To quote Wikipedia:

Spyware or other malware is sometimes found embedded in programs supplied officially by companies, e.g., downloadable from websites, that appear useful or attractive, but may have, for example, additional hidden tracking functionality that gathers marketing statistics.

Note the word "risks": not necessarily all downloads on a site may be affected by badware. The block page is there to remind the user to be cautious, and the user is free to dismiss temporarily or permanently the blocked page for the site ahead.

uBlock is not an antivirus, the sole purpose is to remind a user of what is ahead, and the feature is more useful to non-technical users, who are more likely to be the target of badware.

Below are sites currently part of the list, or sites being candidate for the list (will be added once there are enough sources to support the badware risks qualifier), and links giving further information as to why. Feel free to add good sources if you find more (please respect the chronological order, keep everything neat).


01net.com (candidate)
baixaki.com.br (candidate)
com.com
download.com / download.cnet.com
filehippo.com (candidate)
filehorse.com (candidate)
freewarefiles.com (candidate)
majorgeeks.com (candidate)
nonags.com (candidate)
snapfiles.com (candidate)
soft32.com (candidate)
softonic.net
softpedia.com (candidate)
software.informer.com (candidate)
sourceforge.net
tucows.com (candidate)



Here is the content of the Badware risks filter...

Code:
# uBlock -- To block sites known for delivering adware/crapware.
#
# For sites documented to put users at risk of installing adware/crapware etc.
# The purpose is to at least ensure a user is warned of the risks ahead.
#
# Each entry has to be well enough sourced, see:
# https://github.com/gorhill/uBlock/wiki/Badware-risks

# Using request of type `other` will cause the whole site to be blocked through
# strict blocking, yet the site will render properly if a user still decide to
# go ahead.

# 2015-03-11: http://blog.emsisoft.com/2015/03/11/mind-the-pup-top-download-portals-to-avoid/
# 2015-01-21: http://www.howtogeek.com/207692/yes-every-freeware-download-site-is-serving-crapware-heres-the-proof/
# 2015-01-11: http://www.howtogeek.com/198622/heres-what-happens-when-you-install-the-top-10-download.com-apps/
# 2012-06-27: http://insecure.org/news/download-com-fiasco.html
# 2011-12-05: http://seclists.org/nmap-announce/2011/5
# 2011-08-22: http://www.extremetech.com/computing/93504-download-com-wraps-downloads-in-bloatware-lies-about-motivations
||download.cnet.com^$other

# 2015-08-12: https://isc.sans.edu/diary/.COM.COM+Used+For+Malicious+Typo+Squatting/20019
#     via https://twitter.com/SwiftOnSecurity/status/631972601460494336
# 2013-12-10: https://blog.whitehatsec.com/why-com-com-should-scare-you/
||com.com$document

# 2015-06-18: http://www.information-age.com/industry/software/123459675/hotbed-malware-another-blow-sourceforge-google-discovers-588-pages-malicious-software
# 2015-06-02: https://blog.l0cal.com/2015/06/02/what-happened-to-sourceforge/
# 2015-05-28: http://libregraphicsworld.org/blog/entry/anatomy-of-sourceforge-gimp-controversy
# 2015-05-17: http://lifehacker.com/antiadware-gets-rid-of-bundled-crapware-on-popular-down-1702818594
# 2015-03-11: http://blog.emsisoft.com/2015/03/11/mind-the-pup-top-download-portals-to-avoid/
# 2015-01-21: http://www.howtogeek.com/207692/yes-every-freeware-download-site-is-serving-crapware-heres-the-proof/
# 2014-11-25: http://blog.tedd.no/2014/11/25/sourceforge-malware/
||sourceforge.net^$other


# 2015-05-17: http://lifehacker.com/antiadware-gets-rid-of-bundled-crapware-on-popular-down-1702818594
# 2015-03-11: http://blog.emsisoft.com/2015/03/11/mind-the-pup-top-download-portals-to-avoid/
# 2013-05-23: http://www.intego.com/mac-security-blog/another-problematic-softonic-installer-brings-adware/
# 2013-04-19: http://www.esecurityplanet.com/malware/softonic-delivers-adware.html
# 2013-04-17: http://www.intego.com/mac-security-blog/softonic-download-site-briefly-delivers-trojan-adware-installer/
||softonic.com^$other
 
Last edited:

Vipersd

Level 6
Verified
Some entries for this filter seems like the wrong choice, why would anyone block emsisoft or how to geek. I know some people that would benefit from filter like this to not download every stupid program they see on the web.
 

Vipersd

Level 6
Verified
All the PUP websites, which is good for those people that doesn't know what PUP is and all the do is click Next, next ...

For newbie this is good filter and Unchecky would be useful too, for the rest who have some knowledge this is not needed.
 

JakeXPMan

Level 15
Verified
Is Ublock alone more effective then Adguard, Bluhell or Disconnect ?

I'm starting to wonder how much block I really need here. Just want what I need not all addons at once.
 
Last edited:
  • Like
Reactions: LASER_oneXM

dunchloe

New Member
Currently trying uBlock Origin.
Its badware risks filter is blocking sites like download.com, softonic, etc... This is correct & the way it works or are FPs?
uBlock Origin blocked site because with software you want to download is software that you didn't choose to have downloaded. This software can do many things, like track your browsing habits, "steal" your personal information including banking accounts, credit cards, mother's maiden name, etc. It can also send email to anyone you've ever emailed as-if email came from you. Email seems innocent except it probably spread what is now in your computer, namely a hidden program to steal information. Or, it just starts running little programs that eat up processing power. These eventually, over time cause your system to literally grind to a halt. Processor too hot to touch but no mojo left to even scroll down a page. So, yup. it's not a mistake that you push a button to blow thru to the page, it's protecting you. Well, too late for you, but keep this in mind after you get your next computer.
 
  • Like
Reactions: LASER_oneXM

Arin

Level 3
I also get that alert. The Badware filter is enabled by default.
View attachment 68936
The downloads from these site are sometimes bundled with PUP's, however the sites itself are safe....I for one would disable or ignore the "uBlock filters – Badware risks"‎, as I think it's the job antivirus to block PUP's, not the adblocker. Overall it won't make any difference if you use it or not, as the filter has very thin content...
View attachment 68937
Here is the official version from uBlock Origin:






Here is the content of the Badware risks filter...

Code:
# uBlock -- To block sites known for delivering adware/crapware.
#
# For sites documented to put users at risk of installing adware/crapware etc.
# The purpose is to at least ensure a user is warned of the risks ahead.
#
# Each entry has to be well enough sourced, see:
# https://github.com/gorhill/uBlock/wiki/Badware-risks

# Using request of type `other` will cause the whole site to be blocked through
# strict blocking, yet the site will render properly if a user still decide to
# go ahead.

# 2015-03-11: http://blog.emsisoft.com/2015/03/11/mind-the-pup-top-download-portals-to-avoid/
# 2015-01-21: http://www.howtogeek.com/207692/yes-every-freeware-download-site-is-serving-crapware-heres-the-proof/
# 2015-01-11: http://www.howtogeek.com/198622/heres-what-happens-when-you-install-the-top-10-download.com-apps/
# 2012-06-27: http://insecure.org/news/download-com-fiasco.html
# 2011-12-05: http://seclists.org/nmap-announce/2011/5
# 2011-08-22: http://www.extremetech.com/computing/93504-download-com-wraps-downloads-in-bloatware-lies-about-motivations
||download.cnet.com^$other

# 2015-08-12: https://isc.sans.edu/diary/.COM.COM+Used+For+Malicious+Typo+Squatting/20019
#     via https://twitter.com/SwiftOnSecurity/status/631972601460494336
# 2013-12-10: https://blog.whitehatsec.com/why-com-com-should-scare-you/
||com.com$document

# 2015-06-18: http://www.information-age.com/industry/software/123459675/hotbed-malware-another-blow-sourceforge-google-discovers-588-pages-malicious-software
# 2015-06-02: https://blog.l0cal.com/2015/06/02/what-happened-to-sourceforge/
# 2015-05-28: http://libregraphicsworld.org/blog/entry/anatomy-of-sourceforge-gimp-controversy
# 2015-05-17: http://lifehacker.com/antiadware-gets-rid-of-bundled-crapware-on-popular-down-1702818594
# 2015-03-11: http://blog.emsisoft.com/2015/03/11/mind-the-pup-top-download-portals-to-avoid/
# 2015-01-21: http://www.howtogeek.com/207692/yes-every-freeware-download-site-is-serving-crapware-heres-the-proof/
# 2014-11-25: http://blog.tedd.no/2014/11/25/sourceforge-malware/
||sourceforge.net^$other


# 2015-05-17: http://lifehacker.com/antiadware-gets-rid-of-bundled-crapware-on-popular-down-1702818594
# 2015-03-11: http://blog.emsisoft.com/2015/03/11/mind-the-pup-top-download-portals-to-avoid/
# 2013-05-23: http://www.intego.com/mac-security-blog/another-problematic-softonic-installer-brings-adware/
# 2013-04-19: http://www.esecurityplanet.com/malware/softonic-delivers-adware.html
# 2013-04-17: http://www.intego.com/mac-security-blog/softonic-download-site-briefly-delivers-trojan-adware-installer/
||softonic.com^$other
Thnks for this information .,