From time to time, a popup like this popups up and installs some random app.
I scanned my PC with Avast, but it did not recognize any threat.
And how to remove it?
Asked
Active
Viewed 84 times
1
-
1Did you download Avast! from Avast's website, and not some aggregator like Softpedia or CNet/Download.com? if you use Process Explorer, what is the process spawning that window? just click the CrossHair icon and drag it onto the window, and procexp will highlight the process in question. https://technet.microsoft.com/en-us/sysinternals/processexplorer.aspx – Frank Thomas Jan 06 '16 at 22:50
-
1@Xavierjazz I would be shocked if Avast's actual installer looked like that. I haven't used Avast in a while, but when I did, all its windows were themed and had their logo. – Ben N Jan 06 '16 at 22:51
-
Guys, Avast was installed from its website. This is not Avast screen. avast is below. this is a popup that opens and tries to trick a user to install some apps. I am not a beginner, just have no idea why Avast is not deleting this beast. – JoeM Jan 07 '16 at 08:21
1 Answers
2
I am almost completely sure that that's not the legit Avast installer; Avast themes its windows heavily and uses visually pleasing text layouts.
That's called a trojan - it claims to do one thing (install Avast) but does another (puts bad things on your computer). It's probably not detected by Avast because it's obscure/uncommon/new and none of the software it installs does anything super terrible. (The usual drops are placebo driver updaters, ad injectors, and toolbars.) It would be rather inconvenient if antivirus programs blocked everything they didn't know about, so the vast majority allow apps unless their badness is known.
Further reading: a Cisco article on types of unwanted software.
To remove it, you might try another antivirus product; I have used MalwareBytes and found success. There might also be PUP (potentially unwanted program) detection thresholds configurable in other products. If that doesn't do it, you could try to rip the bad program out with Sysinternals Autoruns or by looking through the usual suspects - Task Scheduler, the Run registry keys, and the Startup folder.
Ben N
- 40,045
- 17
- 140
- 181
-
Ditto on using Malwarebytes or super anti spyware. Both are good at finding PUPs, Trojans, etc – DrZoo Jan 07 '16 at 06:07
-