Potentially
unwanted
Program
That exactly is what PuPs are. Now that formulation with "potentially" is a protection against frivolous law suits; every PuP does something, in the opinion of it's author definitely something positive and useful. The word potential protects everybody who has to or wants to name these programs from lawsuits.
In my opinion EVERY PuP out there is outright malware and it is sad that existing laws and court decisions force us to use the word potential at all.
I happened to run across a good article (IMHO at least) about PuPs. You can find it here. Yes, it's three years old and I believe I have already linked to it in an earlier article. I hope you don't mind to get the suggestion to refresh your memory.
The article I linked to in the previous paragraph refers to an even older article about one of the major sources of PuPs on our computers, the so called Download Portals.
IMHO a refresher about this might be recommended as well.
Stay safe.
Showing posts with label portals. Show all posts
Showing posts with label portals. Show all posts
Wednesday, May 1, 2019
Wednesday, February 10, 2016
2016-02-11 WBKV Talking Points
Today I want to talk only (or mainly) about modern malware and how it gets in our computers.
Pull up this web page and you have the detailed blueprint for today's talk.
The 10 worst offenders are (IMHO #1 is by far the worst one):
- Download portals
- Fake updates (e.g. Java, Adobe Flash, Yahoo!)
- Installer programs (mainly from download portals)
- PuPs downloading and installing more PuPs
- Express installation (expressway to an infected computer)
- Custom Install abused with confusing EULAs
- Home page and search provider changed
- Forced install (e.g. Inbox Toolbar)
- Other people(!) using your computer (visitors, relatives)
- Researching PuPs; do it ONLY in a virtual machine!
Saturday, February 6, 2016
Top 10 Ways PUPs Sneak Onto Your Computer. And How To Avoid Them.
Disclaimer: I copied the title literally from this blog post.
And that is all I want to say here; this article is simply a MUST READ if you ever had PuPs installed or had to call me because everything got so slow or whatever problem you had.
95% or more of all computer problems I encounter nowadays are initially caused by a PuP! The authors of these PuPs have gotten very clever and constantly invent new tricks to dupe the unsuspecting computer user.
Only permanent vigilance, caution and attention to detail can ultimately somewhat protect us and our computers.
Please note the use of the word "somewhat" in the previous paragraph!
For the first time ever I will directly recommend a piece of commercial security software.
If you want the IMHO best automatic protection against all kinds of malicious programs including PuPs then you will have to pay some money, currently just shy of $40 per year for a single computer. You find details about Emsisoft Anti-Malware here.
Another disclaimer: I am in no way at all associated with Emsisoft or any of their distributors or resellers!
If you don't want to pay that is fine, you just have to DIY (do it yourself). MSE or Defender in conjunction with Malwarebytes Free will do it just as well but you have to regularly do more yourself.
Whether you want to pay for Emsisoft Anti-Malware or not doesn't really matter, IMHO you simply HAVE TO READ this article.
Stay safe.
Wednesday, November 25, 2015
Yahoo! Get away from there - QUICKLY!
Although I am on vacation this is too important for quite a few of my customers. Here it goes:
If you have a Yahoo email address you need to read this! All others can relax - for now.
It has happened; this ZD-Net article has the details why for some of their users Yahoo has made it impossible to access their emails. Currently for "some users" only but what if this "test" proves successful for Yahoo? They will do it to all accounts! You can bet on that!
Why did these good people with a Yahoo email address get bloaked from accessing their emails? They used an Ad blocker because
Then set up your new Gmail account to automatically pull all mails from the Yahoo account. Google so far always has been far better at blocking malicious content from the Internet.
Let's hope that Yahoo's attempt to force feed advertisements fizzles out and becomes a big failure.
If you have a Yahoo email address you need to read this! All others can relax - for now.
It has happened; this ZD-Net article has the details why for some of their users Yahoo has made it impossible to access their emails. Currently for "some users" only but what if this "test" proves successful for Yahoo? They will do it to all accounts! You can bet on that!
Why did these good people with a Yahoo email address get bloaked from accessing their emails? They used an Ad blocker because
- they could not stand the many obnoxious ads and/or
- they had heard about the many virus infected ads Yahoo has served in the past or
- they just happen to be my customers.
Then set up your new Gmail account to automatically pull all mails from the Yahoo account. Google so far always has been far better at blocking malicious content from the Internet.
Let's hope that Yahoo's attempt to force feed advertisements fizzles out and becomes a big failure.
Tuesday, April 28, 2015
Bye bye Viruses, Hello Carelessness
It's almost like in the Everly Brothers song "Bye Bye Love" from 1957. They sang
Bye bye happiness, hello loneliness...
I am enticed to, no, don't be afraid, not sing but say
Bye bye viruses, hello carelessness...
In August 2014 I wrote in this blog the 2014 Update On Malicious Programs. Everything in this article is still valid today – which in the fast changing world of computers is astonishing all by itself. Self replicating viruses that "find and infect" our computers by their own accord have gone almost extinct.
What has massively changed though are the tricks and methods used by miscreants to foist their malicious junk software on our computers. It is so bad that I feel compelled to say
Do NOT click on any link in any email,
do NOT open any email attachment
and NEVER click in any advertisement.
do NOT open any email attachment
and NEVER click in any advertisement.
Does that sound extreme to you? Good, because it is extreme. We are in an extreme situation and it's getting worse so extreme measures seem appropriate.
In the meantime you have learned to immediately delete emails with an unfamiliar sender address. But what about the email from that buddy of yours who always sends all the jokes? My advice is to IGNORE it! Just hit the Delete button. If that email really was from him and if he were a nice guy he would have told you in the email why and what he sends there. If he does not have the decency to do that you better err on the side of caution and delete that email; you may “miss” a joke but what is that compared to $100 or $200 cost for a good clean-up job?
Another way how modern malware (called PuPs) is distributed are dirty tricks pulled on us when we apply required updates. Even big, well known companies participate in these schemes; names that come to mind as examples are Oracle, Norton, McAfee and Adobe. Some visual examples are here.
And don't get me going on advertisements. Listen up:
If you see advertisements on your computer screen then you computer most likely already is compromised. Get it cleaned up!
And then the sneaky methods that well known download web sites like Download.com, Cnet.com and other use. You want to download that nice free little program and what they give you is a specially crafted downloader program that in turn is supposed to download the program you actually want. But what you get are one or several PuPs and then the program you really wanted.
The only method to help here is to watch for the tricks, traps and deceptions.
In July 2013 I published my 10 Commandments Of Safe Computing. To heed the first of these has become more important than ever before; it reads:
Thou shalt read and think(!) before you click.
Be vigilant, pay attention to details and always remember: If it sounds too good to be true it usually is not true; especially in this day and age on the Internet.
As usual I welcome suggestions and comments right here in the blog.
Click here for a categorized Table Of Contents.
As usual I welcome suggestions and comments right here in the blog.
Click here for a categorized Table Of Contents.
Monday, October 28, 2013
How Malware Gets Installed
You hear from me that your computer got infected with malware, especially PuPs, and you ask:
"How did that stuff get on my computer? I did not download or install it".Sorry, but in most cases you did give permission to install that garbage alongside some legitimate install or update. You did not do it consciously, you got duped or tricked into allowing the installation. See this article for just one all too common example.
These tricks can have many different shapes and forms. They all are designed to trick or fool us into allowing the garbage to get installed alongside a legitimate program or update. User beware!
One of the more and more common forms is a legitimate install or update that asks something along the lines of
- Default (or Express) install (recommended)
- Custom install (for experienced users)
Simple answer: Money! The authors of PuPs pay for their stuff being bundled with legitimate software. There is a lot of money to be made from advertising!
Distributing viruses is illegal, distributing "search helpers" or tool bars is not!
My advice: When you have to choose between Default and Custom installs always(!) click Custom; it is the only way to check for PuPs because so far at least they are being offered with some sort of a choice to decline or skip them.
If you are in doubt take a screen shot of the window(s) that sparked your suspicion, postpone the install and ask me in an email about it; don't forget to attach the screen shot please.
As usual I welcome suggestions and comments right here in the blog.
Click here for a categorized Table Of Contents.
Thursday, April 19, 2012
Download Portals - A Nasty Side Of the Internet
We all sometimes want or even need to download that nifty program that will do something we think we need done on the computer. Many downloads of really good software are offered on Download Portals, web sites that are specially designed to make many different programs available in "one convenient location" and accessible through "one convenient user interface".
Did you see what I put in quotes in the previous paragraph? "Convenient", one of the regularly (ab-)used weaknesses of human nature.
A consistent single user interface for many different downloads certainly is a nice idea - when it's done correctly and without a hidden agenda. Some very well known download portals do have a hidden agenda; mostly it is about making some money from the fact that many people use them.
Today I found an excellent article on the Emsisoft Blog about the abuse that unsuspecting visitors are subjected to by some well known download portals. Here you find the original blog post with quite a bit of technical detail; Emisisoft makes very good anti virus software and their blog is written for a technically inclined audience.
To save you the need to wade through the technical details here is an excerpt from that blog post (two paragraphs) and then I follow it with just the skinny:
What
are download wrappers good for?
You have every right to wonder what the point of download wrappers is at all, as conventional downloads have been just as simple and as well established for decades now. There are several reasons: Useful features such as pausing and resuming while downloading big files are mostly advertised. Current browsers support pausing and resuming downloads, though. You can also make use of professional download managers instead of having a wrapper imposed onto you. This argument is also rather weak as download wrappers are also used for very small target files that are sometimes even smaller than the wrapper itself.For download portals there is first and foremost a good reason for using download wrappers: the possibility of systematically putting in ads. Software you have designed yourself for that purpose is way more useful than a website is. Plus, this offers the advantage of collecting statistical data on used hardware, which enables the creation of detailed user profiles. One must not forget the commercial effect, either: When a user downloads software from a specific portal, they are highly likely to remember its name and use this portal for future downloads as well. Regular visits including unique user statistics result in more profits from advertising.
Example 1: download.com
Risk: Installing a browser toolbar and hijacking your browser’s
homepage.
Example 2: softonic.com
Risk: Installing undesired software, fraudulent ad banners.
Example 3: softonic.de / RegNow
Risk: Unintentional redirection to unknown third-party providers, ad
banners.
Example 4: tucows.com
Risk: Greatest risk due to accidentally installing third-party
software and tampering with your browser.
Should you at any time have downloaded anything from any of these four download portals you may find any of these icons on your desktop, in your Downloads folder or in almost any other location:
PLEASE uninstall these programs from your computer; uninstall them no matter what they tell you when you attempt the uninstall.
The vast majority of programs offered by download portals is available from other sources without all the "extras". My customers know who to ask.
The vast majority of programs offered by download portals is available from other sources without all the "extras". My customers know who to ask.
As usual I welcome comments and suggestions right here in the blog. Thank you in advance.
Click here for a categorized Table Of Contents.
Click here for a categorized Table Of Contents.
Subscribe to:
Posts (Atom)
