StopBadware Report
Click here to return to the reports page

Popcorn.net

We find that the Popcorn.net Download Manager and components related to it are badware because it uses deceptive tactics to persuade users to install adware components without disclosure, as well as components that reportedly behave as a Trojan horse, allowing a third party unrestricted access to the user's computer. In addition, the application could not be uninstalled by conventional means, making it impossible for the average user to get rid of.

Background

Popcorn.net's Download Manager is essentially a repackaging of Movieland's Mediapipe software, which we reviewed in March 2006 (see our report here). According to user reports, Popcorn.net would advertise its Download Manager as a "free trial offer." If the user downloaded the software through this advertisement, they would subsequently have to "cancel" the software during the trial period (usually three days), or be subject to annoying, disruptive pop-ups ads demanding payment for an "annual license" of $19.95 per month. According to Popcorn.net, the user supposedly agreed to this license when they downloaded the "free" version and failed to cancel it within the trial period. Other unacceptable tactics that Popcorn.net reportedly used include requiring users to call the company in order to "cancel" their software, not uninstalling cleanly, and even reinstalling the software if the user attempted to uninstall it manually. The FTC is currently pursuing a court case against the companies behind Popcorn.net and Movieland.

Popcorn.net's full Download Manager is apparently no longer available on their site, although Popcorn.net is more than happy to take users' credit card information without providing the promised software (or anything at all, for that matter). Our tests focus instead on a "critical component" that users are encouraged to download when they click on the member's area of the site.

We currently recommend that users do not download the version of Popcorn.net Download Manager or its components that we tested, unless the user is comfortable with the level of risk we identify or until the application is updated consistent with the recommendations in this report.

 
Red_large
OVERALL RATING

Red_smallBadware Behavior 
Deceives users into downloading components (Deceptive installation) 
Installs Trojan horse (Harms user's computer, Deceptive installation) 
Installs adware on user's computer (Deceptive installation) 
Application cannot be uninstalled (Unacceptable uninstallation) 


Bad or Undisclosed Behavior
Deceives users into downloading components
If the user attempts to access the "members entrance" on Popcorn.net's website -- either after purchasing the Popcorn.net service or not -- a dialog box appears, informing the user that "You do not have access to our member area." Upon clicking "Ok," the user is redirected to a page that says that they are "missing a critical component of the Popcorn.net download manager" and must reinstall the missing component. Clicking on the "Click here to reinstall" button causes an executable file named Access.exe to download. Running this executable results in addition of new registry key entries and a dll component in the System folder. These additional components that were deemed "critical" by Popcorn.net are actually badware, as described below. Even after installing these components, our attempts to access the member's area were unsuccessful. Instead, we were redirected to a page that says: "Sorry, there was an error processing your request." Deceiving the user into installing badware by implying that they need to reinstall critical components is unacceptable behavior.
Installs Trojan horse
After installing Popcorn.net's executable file, we detected components that reportedly behave as a Trojan horse. This particular Trojan horse may allow a third party to have unrestricted access to the host computer while the user is online, thereby compromising the user's privacy and sensitive data such as passwords and credit card information. This Trojan horse is not disclosed to the user during installation, and such a disclosure would, in any case, be inadequate, as no legitimate reason exists for a movie player to have unrestricted access to a user's machine.
Installs adware
After installing Popcorn.net's executable file, we also detected components that reportedly behave as adware. Research on the component suggests that it causes unwanted pop-ups during web browsing. Furthermore, presence of the component might result in a slowdown of the user's browser and overall system performance. The installation of this adware is not disclosed to the user during installation.
Application cannot be uninstalled
This application is impossible to uninstall by conventional means. No entry appears for Popcorn.net, the Download Manager, or its components in Add/Remove Programs. Instead, the application adds a dll system component in the System folder and several registry key entries. Each of these components must be manually removed.
Recommendations
We recommend that the producers of the Popcorn.net Download Manager and its components do the following:
  • Do not use deceive users into installing badware components.
  • Do not install components that are known to behave as a system-compromising Trojan horse.
  • Do not install adware without informing the user and seeking their consent.
  • Provide the user with simple, effective uninstallation of the software.
We currently recommend that users do not download the Popcorn.net Download Manager or related components that we tested, unless the user is comfortable with the level of risk we identify or until the application is updated consistent with the recommendations in this report.

For more information, visit www.stopbadware.org.

  
REPORT INFORMATION

REPORT VERSION
Version 1.0

DATE
September 27, 2006


APPLICATION INFORMATION

SELF-IDENTIFICATION
Popcorn.net identifies this piece of software to be "a critical component of the popcorn.net download manager."

PRODUCER
The particular file downloaded was produced by Binary Source, Inc., which does business as Moviepass.tv. According to the FTC's complaint against those corporations involved in Popcorn.net and Mediapipe, other corporations responsible for this software and website include Triumphant Videos, Inc., which does business as Popcorn.net.

OBTAINED
We obtained the application that we tested from http:// www.popcorn.net/ reinstall.html

BUNDLING
The version of the Popcorn.net application we downloaded is not bundled with any other software.