Thursday, June 19, 2014

Today's PSA - Caveat Emptor (because there is no Latin word for downloader)


 

Just a lesson (re)learned from exploring Web 2.0 this week.  I have spent the last four hours working on cleaning my computer, and I am only a little more than halfway through the process.  No, I did not get a virus or a trojan horse.  I got a PUP, and not the cute furry kind.  I picked up a Potentially Unwanted Program (PUP), which is the new name for spyware.  You can read more about it here.




These programs are not considered viruses or trojan horses because you invite them into your system.  Let me repeat.  You have them because you downloaded them.  The PUPs are typically bundled with software that you actually want, and you accept them being downloaded with it.  The kinder ones require you to click yes or check the box accepting it, but the more vicious have a default setting that you have to actively choose NOT to download the software.  Once you have them, they act a lot like a virus.  They bury themselves in root systems, and a simple uninstall will not do the trick.

I believe I picked up my PUP while updating my Flashplayer, a common activity.  I was multitasking, trying to perform multiple actions on my computer, and was not paying attention.  The next day, my PUP Trovi made herself known.  Trovi takes over your homepage and search toolbar, and I suspect any Internet searches you make are tainted by it.  This malware tries to direct you to sponsors that have paid to have Trovi push you towards their product.  It is annoying, interferes with your routine processes, and slows your online activity.  If you suddenly find a toolbar with an unfamiliar name in your browser window, you have picked up a PUP.

The four steps I am using to remove it I found on this blog.  This basically takes you through four different anti-malware programs to clean your computer.  I have done two, and I am having trouble downloading the third.  I am confident I have the PUP off of my system, but I want to be sure.

To avoid picking up a PUP, I have cobbled together the following recommendations.

  1. Always download directly from the site that publishes the software you want, and check that the program is safe before you do.
  2. When prompted to update existing software, refer to rule #1.
  3. When downloading, doublecheck and triplecheck that the link you are clicking is the software you want.  There are a lot of mimic ads on trusted sites that can be confusing.
  4. When downloading the program and when running the installation application, read all the terms of use and pay close attention to what you are agreeing.  This can be tedious, but what I am in the middle of is much worse!
  5. If you see "Next" or any other continue buttons, READ THE DIALOG BOX WITH IT!  I believe this is how they got me.  This applies to both the download manager and the installation application.
  6. If you suspect you selected something you did not want, close the program immediately.  Start over.  It is better to be safe than sorry.
My last word of caution.  I went to a trusted site (CNET) to download one of the removal tools to clean my computer.  Halfway through the install, I caught a dialogue box that said click "NEXT" to continue downloading Trovi!  I shut it down and started over.

Good luck out there.
Posted by at

6 comments:

  1. UnknownJune 19, 2014 at 5:17 PM

    Thanks for the tip. My dad is a computer guy, and he always makes sure I have antivirus and malware protection running on my machine. Once I forgot to have the regularly scheduled scan done for over a month, and when I finally did it, there were almost 200 different PUPs to remove. You know what, I think I'll run a scan now :)

    ReplyDelete
  2. VanessaJune 19, 2014 at 8:00 PM

    Yes -- it is critical to make sure you're on the legit site and to click the right link (which is not always obvious). I'm a super cautious downloader. And on a Mac, which helps.

    Curious: What were you downloading when the PUP came along?

    ReplyDelete
  3. Yvette BuchampJune 19, 2014 at 9:17 PM

    Sorry to hear of your woes, Mark, but appreciate your sharing your hard-earned knowledge.
    I think that's one of the reasons I've been so reticent about making the web my favorite playground. It can be scary out there.
    If you take a breather from your clean up please visit my story and share your thoughts. URL is https://storify.com/juvibug/how-about-that-medical-marijuana. Consider this your personal invitation. Thanks and good luck

    ReplyDelete
  4. Yasin YalcinJune 20, 2014 at 9:26 AM

    This type of installment has been very popular recently. I am super cautious when I am downloading and installing new software. I have not had any super nasty malware in my system so far, however, I had some small things which changed my home page on my browser for example. It is pretty annoying and I hope you will get rid of it completely.

    ReplyDelete
  5. UnknownJune 20, 2014 at 7:02 PM

    You've provided some good tips. The one about paying attention to the 'Next" or "Ok" button is most likely the time most people download something malicious. Also concerning email, legitimate service providers do not ask for your private info or account. information via email. Great job, Mark.

    ReplyDelete
  6. UnknownJune 21, 2014 at 7:54 PM

    @V - I think when visiting one of the social media sites, a popup for a Flashplayer update displayed. Those updates are so routine, I wasn't paying attention. It may have been a spoofed popup that looked like Flashplayer for all I know.

    As an update, I got a phone call from a "Microsoft help desk" that claimed for the last few weeks MS was getting error traffic from the computer at my location. Since no one had been in residence at my location in the past 6 months, I knew it was a scam. I did some more research, and they either get your login information or get you to download malware. Be warned!

    ReplyDelete

Subscribe to: Post Comments (Atom)