Author Topic: why avast does not catch chromium adware, injectiong 400 items  (Read 2623 times)

0 Members and 1 Guest are viewing this topic.

Offline jraju

  • Poster
  • *
  • Posts: 417
why avast does not catch chromium adware, injectiong 400 items
« on: January 15, 2019, 04:11:42 AM »
Hi, i installed a video converter and it injected the chromium add on to my chrome browser.
Just, the three dot settings menu was recpleced with the typcial red colour icon.
when you click , you get the same menu as chrome settings, but with different fake menus, hiding advanced options etc.
i hope that avast would have the knowledge of this fake chromium
i just use adware cleaner, it deletes, but it comes back on reboot.
i tried malware bytes and could remove it .
The injection of this chromium is huge, that infected the registry and pc with 389 items
At last i got rid of this menace and could get back my google chrome default settings.
my query is Why AVast scan fails to quarantine or block this program.
As it was the other pc, i could not just send the logs
i also moved it out of quarantine for safety

Offline jraju

  • Poster
  • *
  • Posts: 417
Re: why avast does not catch chromium adware, injectiong 400 items
« Reply #1 on: January 15, 2019, 02:49:33 PM »
Hi, am enclosing the log file of this chromium annoyance
please also the linkpdf document
http://www.cse.psu.edu/~trj1/cse597-s13/docs/chrome_ext_ndss_12.pdf
« Last Edit: January 15, 2019, 03:23:33 PM by jraju »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37507
  • Not a avast user
Re: why avast does not catch chromium adware, injectiong 400 items
« Reply #2 on: January 15, 2019, 03:53:52 PM »
Quote
why avast does not catch chromium adware
Have you turned ON avast PUP detection ? (default off)


Offline jraju

  • Poster
  • *
  • Posts: 417
Re: why avast does not catch chromium adware, injectiong 400 items
« Reply #3 on: January 15, 2019, 04:10:04 PM »
No, it was truned on as default.
what i want to is avast team may consider a solution to this new annoyance.camouflaging itself as a genuine search page, and then inject within seconds these items.
i do not think that avast has so far taken serious of this annoyance threat.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37507
  • Not a avast user
Re: why avast does not catch chromium adware, injectiong 400 items
« Reply #4 on: January 15, 2019, 04:18:12 PM »
Quote
Hi, i installed a video converter and it injected the chromium add on to my chrome browser.
Did you upload and check the install file at www.virustotal.com before installing?



Offline jraju

  • Poster
  • *
  • Posts: 417
Re: why avast does not catch chromium adware, injectiong 400 items
« Reply #5 on: January 15, 2019, 04:26:46 PM »
Hi, i got this , i suppose, when i downloaded  free any video converter. i had he necessity to  convert a mpfour file to avi fomat. I custom installed the program, anyhow,  i got this bundled annoyance.
what i want is avast to look in to this annoyance and provide the solution in next updates.
when i visted , avast caught a loserodo.exe and moved that to quarantine.
There may be some users , might have been afftected by this annoyance and users may think, that as a regular search engine.
One of the worst Pup annoyance, that gets in to your system in all search activities as noted in the pdf link and also in other link. i alsoread an article in avast blog article.
But, just an article without any solution

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37507
  • Not a avast user
Re: why avast does not catch chromium adware, injectiong 400 items
« Reply #6 on: January 15, 2019, 04:42:44 PM »
Quote
what i want is avast to look in to this annoyance and provide the solution in next updates.
Upload file to VT and post link to scan result here

If detected all those that are member at VT will get copy of the file and can add detection for it


You can also send file(s) direct to avast lab
https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438



Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5564
  • Spartan Warrior
Re: why avast does not catch chromium adware, injectiong 400 items
« Reply #7 on: January 15, 2019, 08:37:47 PM »
if you have a modern operating system you can also install and run Unchecky:  https://unchecky.com/

Might want to not install free programs for awhile.
Windows 10 Home 64-bit 22H2 Avast Premier Security version 24.1.6099 (build 24.1.88821.762)  UI version 1.0.797
 UI version 1.0.788.  Windows 11 Home 23H2 - Windows 11 Pro 23H2 Avast Premier Security version 24.2.6105 (build 24.1.8918.827) UI version 1.0.801

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: why avast does not catch chromium adware, injectiong 400 items
« Reply #8 on: January 15, 2019, 09:17:02 PM »
if you have a modern operating system you can also install and run Unchecky:  https://unchecky.com/

Might want to not install free programs for awhile.
When you install a program, any program, always select custom.
Always read what's about to be installed.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline jraju

  • Poster
  • *
  • Posts: 417
Re: why avast does not catch chromium adware, injectiong 400 items
« Reply #9 on: January 16, 2019, 04:23:38 AM »
Hi, bob, i already selected the customoption.
when i browse thro each screen, there were two programs marked with tick mark,
i just tab the Back button, not to select it.
But, when i click next , the alert of tick was not to be found, but installation proceeded.
If you check or uncheck, the programs are installed thro the application
It was any video converter.
My query is Why Avasst is waiting for re like thsponses from users to catch it and quarantine.
i saw the article in avast blog com.
It says the seriousness of the annoyance of this chromium add on.
it does show up on add in. i couldeasiy remove the add on. but, did you see my log txt. it ha created 398 entries in seconds.
i request avast team to do something in this regard.
when i click a link avast capture the webites that are malicious, and as i believe avast also remove adware, i requet the avast team to completely protect all the globalusers of this hazardous annoyance add on like they protect the ransomeware app thro microsoft download links

Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5564
  • Spartan Warrior
Re: why avast does not catch chromium adware, injectiong 400 items
« Reply #10 on: January 16, 2019, 08:08:56 PM »
No antivirus protects 100%.

Last I checked, there were over 5,000,000 (five million) virus protection entries for avast.  Not possible to protect against everything.  We're likely talking about trillions more than a 100,000,000 of bad files out there, of which Avast knows about 99% of them.
[EDIT:]  Goofed with initial estimate, but since each avast vpn is good for tens, even 100's of unique definitions... 1% not detected translates to around 1,000,000 bad files not detected via vps means.  Sorry.

Since that is true, then what one as a user should do, is to expect any antivirus program to not catch everything.  It's not just Avast.  One then modifies their online behavior to protect themselves from possible harm by:
Quote
Hi, i installed a video converter and it injected the chromium add on to my chrome browser.
Did you upload and check the install file at www.virustotal.com before installing?
Quote
what i want is avast to look in to this annoyance and provide the solution in next updates.
Upload file to VT and post link to scan result here

If detected all those that are member at VT will get copy of the file and can add detection for it


You can also send file(s) direct to avast lab
https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438
if you have a modern operating system you can also install and run Unchecky:  https://unchecky.com/

Might want to not install free programs for awhile.
When you install a program, any program, always select custom.
Always read what's about to be installed.
if you have a modern operating system you can also install and run Unchecky:  https://unchecky.com/

Might want to not install free programs for awhile.
« Last Edit: January 17, 2019, 07:01:49 AM by mchain »
Windows 10 Home 64-bit 22H2 Avast Premier Security version 24.1.6099 (build 24.1.88821.762)  UI version 1.0.797
 UI version 1.0.788.  Windows 11 Home 23H2 - Windows 11 Pro 23H2 Avast Premier Security version 24.2.6105 (build 24.1.8918.827) UI version 1.0.801

Offline jraju

  • Poster
  • *
  • Posts: 417
Re: why avast does not catch chromium adware, injectiong 400 items
« Reply #11 on: January 17, 2019, 10:09:41 AM »
Hi, I do not know the trick of uploading at vt.
I will try from next time.
I always use custom installation.'
There are programs , which install forcefully, whether you uncheck those in custom install
Avast eam themselves could check the behaviour of this nasty add on chromium.
Add on never inject these kind of files , as i quoted in my log.txt.
That will give avast team a clue, the place of attack in each and every machine.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37507
  • Not a avast user
Re: why avast does not catch chromium adware, injectiong 400 items
« Reply #12 on: January 17, 2019, 11:40:57 AM »
Quote
Hi, I do not know the trick of uploading at vt.
No trick, very simple

How to use virustotal videos  >>  https://www.youtube.com/results?search_query=how+to+use+virustotal