Tag Archives: PUP

Avira starts lawsuit against adware distribution site

Avira has filed a lawsuit against the German Freemium.com download site for unfair business practices and misleading consumers into installing unwanted programs (PUA). We’re the first security vendor to stick up for customer rights and go directly after a software publisher.

The post Avira starts lawsuit against adware distribution site appeared first on Avira Blog.

Fake Chrome browser replaces real thing and serves up unwanted ads

Is something not right with your browser, but you can't quite figure out what?

Is something not right with your browser, but you can’t quite figure out what?

Does your Chrome browser seem a little “off”, but you can’t figure out why? Maybe it’s eFast.

 

Here’s another reason to slow down when installing software, especially free software. A new Potentially Unwanted Program (PUP) disguised as the Google Chrome browser is sneaking onto users computers bundled with legitimate software, hidden deep within the ‘Custom’ or ‘Advanced’ settings that most people skip over. Once installed, eFast, as it has been called, serves up ads and tracks your online activities and sells personally identifiable information to advertisers.

“Read the installer screens to make sure what they actually install,” warns Michal Salat, researcher in the Avast Virus Lab. ” The Next->Next->Next->Done approach is exactly why we deal with PUPs daily. If there isn’t an option not to install some additional software, terminate the installer immediately. Better safe then sorry.”

Researchers at Malwarebytes says that eFast actually installs a new browser rather than hijacking your existing one. If you already have Chrome installed, it will replace it making itself the default browser. The fake browser uses the same source code for the user interface as the real thing making it difficult to tell the difference. It is so tricky that it even replaces shortcuts on your desktop that look similar to Google Chrome.

In addition to all that, eFast hijacks some file associations, so that it can open as many times as possible therefore having the opportunity to show you more ads! If you open a file like JPEG, PDF, or PNG, it will be opened with eFast, resulting in pop-ups, more ads in your searches, and other adware. You can see the list of file associations on Malwarebytes security blog.

How to find out if eFast is on your computer

Open your browser and type in chrome://chrome. The authentic Chrome browser will take you to the ‘About’ section and check if your browser software is up-to-date. It looks like this.

About Chrome frame

If you have a fake version of Chrome, then you will be taken to a fake About page, get an error, or the link won’t work. In that case, check out the removal instructions on PCrisk.

eFast is classified as a Potentially Unwanted Program, also known as a PUP. PUPs are annoyances like search bars, intrusive adware, etc. that Avast does not detect by default. However, the option can be enabled.

How to turn on PUP detection in Avast

  • Open the Avast program and go to settings
  • Open Active Protection
  • Click Customize next to Web Shield
  • Go to Sensitivity and put a check mark beside PUP and suspicious files

Follow Avast on FacebookTwitterYouTube, and Google+ where we keep you updated on cybersecurity news every day.

 

The voice of a user – why PUA is a misleading term

In quite severe cases, not only are additional programs installed but several settings on the computer are changed too, making it behave completely differently. In the worst case, this then means that the computer can no longer be used correctly and must be reconfigured.

The topic of PUA makes the issues with free software particularly clear. If, as a user, I purchase a piece of software, then I expect to get that exact software. No more. No less. Ultimately, I am paying for the effort put into developing the software.

If I download a free piece of software from the Internet, that’s where it gets complicated – because a lot of effort has also been put into developing this software and if the software is good and up-to-date, it is being maintained by someone and is constantly being optimized and improved. This “someone” may want to or only be able to afford to do this occasionally, and if the software is distributed for free, this “someone” needs to earn money in some other way. It doesn’t matter if the developer is an individual or a company. One possible way to pay for the effort put into development is as follows: Additional applications are installed alongside the actual application, and the manufacturers of these additional applications then pay for their software to also end up on the users’ PCs.

The topic of PUA makes the issues with free software particularly clear.

Who, then, is still interested in bundled software being installed along with other software? Download portals, i.e., the areas of the Internet where users download software, are opportune places for this. Although these portals offer a “free” service (presenting and providing software) for users, they still need to be financed somehow. It is also here where some software manufacturers are willing to pay for the distribution of their software, a possible source of revenue for the operators of the download portals. The user downloads program A from the Internet and installs it. At the same time, programs B and C are automatically installed alongside it. The manufacturers of programs B and C pay for this, meaning that their software is distributed further, whether the user had wanted it or not. From a financial perspective, this may be a good reason for software manufacturers and download portals to combine further applications with the application that was actually wanted, and install them at the same time. But what’s the picture like for those on the other side – the users?

Bernard has bought a new PC. He is quite familiar with computers, but he is by no means an expert. After a short amount of time, he has got his computer set up in the same way as his old one. Bernard loves filming and wants software he can use to edit small films. After a few searches he finds exactly what he is looking for in a download portal and it’s free! Bernard installs the software. He doesn’t understand why he has to click through lots of different windows once the software has been downloaded. Actually, he was expecting the software to install quickly and easily. But the manufacturer must think that this is the easiest way of installing the software, so Bernard clicks on “Next” several times so that he can test the software as quickly as possible. While the installation is still running, it slowly but surely fills the desktop with more and more icons. “Why does an application need so many icons?”, Bernard asks himself. Again and again, he is presented with further windows which require him to confirm something. It seems strange to him, but the supplier of the software must know why this needs to be done. After 20 minutes, the installation is finally completed. On the desktop, next to the icon for the film editing software, are seven other icons which must come from software that Bernard did not want. As Bernard opens his Internet browser, he hardly recognizes it. The usual search has disappeared, new toolbars are displayed, and everything looks different somehow. His Windows installation, which was still almost brand new just an hour ago, is no longer useable. He only has one solution: to call his son and ask for his help.
“You’ve really got yourself in a mess here”, he says dryly after a quick inspection of the computer. “All PUA”.
“PUA?”, asks Bernard. “What’s that then?”
“Potentially unwanted applications”, says his son. “Programs you don’t actually want”.
“What does it mean by ‘potentially’ unwanted applications?”, replies Bernard. “They are unwanted applications!”

As a user I would like to know what I am getting without having these things imposed on me using various tricks and ruses.

Many years ago, the principal of WYSIWYG (what you see is what you get) was “devised”. This implies that what I see as a user is what I get. Sure, the term was introduced in a different context, but it actually suits the current discussion on PUA quite well. As a user I would like to know what I am getting without having these things imposed on me using various tricks and ruses, things which I do not want at all and need even less so. The additional software is not potentially unwanted, it IS unwanted, as long as I as the user have not explicitly agreed that I want it.

The post The voice of a user – why PUA is a misleading term appeared first on Avira Blog.