Emsisoft: ALL free AVs (except BD Free) try to install PUPs on your PC

When accessing avast.com from Romania in mid December this was the download URL your site linked to when downloading the free version:

Code:

http://avast-free-antivirus.software.informer.com/download/

At the moment it links to CNET it seems. In any case, I have removed the screenshot from the blog post since it no longer appears to be the case.

 

Thank you, both.

 

Contact sales by email, they will give you a 20% discount.

The way it works, is they'll send you a temp 1 month activation code, then once you activate it, hit renew license through the product itself, and it will give you a 20% discount

 

I dont know if Baidu products are good, but I know that they are PUP for sure. (Hao123 is a joke)

They have a very bad reputation where I live, because many people are "infected" with Baidu by using some freeware software or downloader.


http://artigos.softonic.com.br/como-remover-baidu-pcfaster-baidu-antivirus-hao123


They are so many forums with people asking to remove Baidu that isnt funny. I have seen many machines with Baidu and the owner simple doesnt know how it installed in first place.

I really hate Baidu and its agressive pup behavior, it should be a legal problem here.

 

it is when the user does not or did not want it to be installed.....its one thing if the user installs chrome but i would guess more then 80% of all computers even business ones i get called out to fix i see chrome on and the person or people say something like "not sure what they is i never installed chrome" and then i explain it probably came bundled with something else. chrome in itself is not crapware but when its forced on people who dont know better imo its not far from it.

 

agreed. imo all "extra" programs should be DEFAULT be unchecked. if someone wants the extra junk then they can check it and install it. but by default these should be unchecked so they are not installed by default. but then you know companies would cry and moan they are not making all the money off them. it also should be in plain text before you even download the program that it will include x and x and x programs you must choose to install oir not during the installation.

 

Don't remove it.. People need to realize what Avast really is. I spend time each week moving people away from Avast if I spot them running it, and have a wealth of 'informative' links I give them for my reasoning. Your links are also valuable to educate people about junkware vendors.

BTW: Still waiting on a nice Emsisoft sale!

 

you stole the words out of my mouth, thanks bro. As I said, I apologized for labeling it as crapware, but anything a user doesn't explicitly ask for is bundleware / crapware in my books. I mean really, if someone wants Chrome, they surely can easily google it and download it, takes a click. Why Chrome is being pushed down the throat of users I don't know, perhaps that explains the high percentage of Chrome users maybe it just got installed with something else. Heck, even NERO Platinum Suite 2015 after being installed and running the updates, one of the updates is called "Nero Pre-requesties" when that launches, it makes it sound as if Chrome is mandatory for the proper functioning of the suite, I simply clicked decline but have sworn never to buy anything from Nero anymore after being a loyal customer upgrading every year since Nero 11. Now even their download site for the trial / updates links to some shady website ( www.softonic.com ) which got detected by ESET NOD32 as a malicious site.

 

Question: Does Emsisoft have any reputation/insight type systems in it?

My experience with Emsisoft is dated (Mamutu), and limited (EEK). While I have used EEK in close to 6,000 malware removals, I've got little to no experience with the actual product other than running the trial a couple months ago when the BSOD drove me away (that's been fixed I read). Norton works very well for us. Terrible signatures in Norton (IMO), but very effective at blocking malware due to the reputation/insight aspect. So I am a bit worried in that regard.

 

http://help.emsisoft.com/a2am/

Scroll down to:
6.2 Surf Protection.
6.4 Behavior Blocker.

 

I also keep wondering why this negativeness about Google is so persistent. The privacy issue is probably the one that is affecting the opinion of many, but let's face it after the planetary scandal of the NSA, it is obvious that nothing on the Internet can be really private... I also think that Google has offered so many high quality free services that it deserves a little bit of respect... Nothing is perfect, and when a company becomes so ubiquitous, it is bound to attract some criticism...

Free versions of AVs should advertise their own or push for somebody else. If the free version was exactly like the paying one, what kind of motivation would there be to buy a license?

 

Err, that's not quite right.

If you click the three dots on the toolbar and enable Norton Safe Search, then restart your browser you will see a search bar powered by Ask. I don't have Norton Safe Search enabled because I prefer Google as a search engine.

The Safe Web icons come from Symantec's own database when you search with Google, Bing, or Yahoo.

Cheers.

 

Does Qihoo try to install PUPs?!!

 

Yes, occasionally when running a new application or a newly updated one, you get a little popup in the lower left side saying it recognized the file as SAFE.

http://i60.tinypic.com/28vfuhz.png

 

That is not a complete antivirus, it doesn't protect your PC so is not comparable to the products the talk about

 

Exactly, it's not in any way comparable because Emsisoft doesn't risk their users' safety or privacy by offering a seemingly free product that can actually slow down, annoy, invade their end-users' privacy and/or harm their security.
Since they don't want to squander the company's reputation and bundle garbage/privacy risks with their complete solution they have to charge money for it, if they're to survive as a company. Simple as that.
Nevertheless, they still offer the EEK scanner for basic scans on unprotected PCs or as a 2nd opinion scanner on PCs with competing AV products installed.
So why wouldn't they call out other AV vendors with far lower standards of ethics?

 

What are you talking about? when you install any of this free av's no one's forces you to install the PUP's, you can deselect them from installation, and I guess there will be people who will install them to help the developers, thats the way to pay them for the free AV.
Any of the pups included by the AV's harm the security, or slows down the computer... don't make up things

Honestly I don't see any problem with the ethics... it's just different ways of running a company.

 

If you want to talk honestly, I'd probably say that 9/10 people who install a free AV, just click next, next, next, without reading or understanding what else they're installing with that product.

These clueless users are placing their trust in an AV vendor to protect them, who in turn uses them as a quick and easy tool for monetization, sells their info to 3rd parties, exploits them for data mining or otherwise abuses that trust, all buried in mile-long EULAs that no one bothers to read.

I'm sorry you don't see the ethics problems here; it's akin to saying it's fine if a chemicals company dumps waste in a nearby river because it's just a different way of doing business as opposed to a company that adheres to (expensive) ecological safety standards..

That is why we (at least, we in the EU where consumer rights are usually provided a high degree of protection) need strict regulations concerning PUA/PUPs, because it's currently the wild west out there in this regard. A nice example this mess is the recent HowToGeek article on what mayhem the 10 most popular apps from Download.com can cause with their insane PUP bundling.

And I, for one, am glad that there are companies like Emsisoft out there bringing this issue to public spotlight.

 

You have made some very valid points here and I agree with you. I'm starting to see this issue from different perspectives now. I hope you don't mind that I underlined a few solid points in your quote. The majority of those everyday casual users certainly do click next, next, next and it is sad that a lot of software companies in general take advantage of that.

The sad reality is that the current state of the software industry (and users) in general has gotten accustomed to receiving junk piled in along with the software in which they were intending to install, particularly some of the popular download sites. Personally, I always go to the original source of whatever software I plan on downloading and installing. I assume that the software industry in general is taking advantage of the 'convenience factor' here whereby everyday casual users want to download everything that they need in one convenient download site as opposed to going to all of the individual software programs official web sites which can take some time, particularly for those less tech savvy users. Convenience, unfortunately, always seems to have a price to pay in the end.

But I see your point clearly, that these are specifically security oriented software companies who users should be able to place their trust in. I remember the old days where free AV's would simply just advertise their own paid products as an option to upgrade to. It is crazy to see where it has evolved from since that time, to the point of bundling in software from third party companies in which users may not even want.

I am definitely in favour of OPT-IN and sincerely hope that the current state of the software industry with regards to this particular topic changes for the better as time goes on as opposed to increasingly getting more shady. I agree that any of these companies releasing free versions of certain software should be able to able to make money of course, but there has to be a better way to do it.

Previously it was just about advertising their own paid versions within the free versions which is understandable. Free versions should be limited to a certain extent, yet should be great in it's own right enough to make the user want to pay for the upgraded version(s). Have they not been able to make enough profit from their paid versions? Have there not been enough free users paying to upgrade to the premium versions? Or have some of these security software companies simply just gotten greedy when they are provided with so many opportunities to bundle stuff in and make more money and take more risks at the users' expense? That is something that we may never truly know the answer to. And of course this is simply just discussion here and everyone's opinions are all different and I respect everyone's individual opinions.

 

I agree with and commend Emsisoft on their blog post. PUP/PUAs are a serious problem. I have spent hours removing things that have been installed inadvertently. These are on work computers that have brought these systems to a crawl.

After persuading a particular person to purchase EAM, I haven't seen any new PUPs. The last time I checked, there were 9 items in quarantine that were mainly adware. The unfortunate part is that I no longer receive money to repair this machine but on the bright side, she doesn't unnecessarily waste money paying to remove this junk. These PUPs are costing a consumer more than just their privacy.

However, what are some other avenues that a software vendor could take to make money to support free software? They need to make enough money to cover overhead just like you or I. It was mentioned that upgrades from free to a paid product, still, may not cover the costs.

 

I also consider PUA/PUP's a serious issue.

Many will remember how my father in-laws system a couple months ago was grinding to a standstill because of so much activity from PUP's. Webroot failed to protect him from what I consider maliciously operating PUP's since they were taking large amounts of CPU cycles, and filling the temporary folders. EEK was one of the tools I ran to clean it all up after removing WSA and replacing it with Forticlient (with PUP database activated). I noticed roughly 75% of the PUP's had no 'uninstallers' on his system, and resetting of the browsers didn't fix it. We monitor many thousands of machines at work, and I can tell you the PUP issue is pretty significant, and results in lost money for companies.

I have great respect for AV firms taking a strong stance against them, and I have an extreme dislike for companies that do not. I run Norton at home at this point because on aggressive Norton is quite good at stopping PUP's because most of them have low reputations. Trend has gotten better, but still needs to work on PUP detection. I consider ESET, Emsisoft, and Norton to be the best three 'suites' to deal with this issue at this point.