Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Filezilla and unwanted third party software


  • Please log in to reply
20 replies to this topic

#1 crystalm36

crystalm36

  • Members
  • 114 posts
  • OFFLINE
  •  
  • Local time:05:43 PM

Posted 02 February 2015 - 05:21 PM

Hi,

I was trying to get my friend to download filezilla because I am trying to help her with her website. I had her download the client and she couldn't install it. When she tried she said there was a button that she clicked on "basic instatllation(recommended)  and when she did a bunch of other stuff came up preclicked...... like install taplike browser, make taplika add on my new tab on all browsers, set taplika as my homepage on all browsers and finally set taplika as my default search on all browsers. Plus it also made her install something called geekbuddy. I gave her this download link that I got from my filezilla: https://filezilla-project.org/download.php?type=client

 

Does anyone have any information on why this is like this? I thought filezilla was a trusted free ftp program?

Thanks!

 



BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:10:43 PM

Posted 02 February 2015 - 05:25 PM

Hi there,

From what I'm seeing, below the Download button from SourceForge has the warning:

"This installer may include bundled offers. Check below for more options."

What your friend got were Potentially Unwanted Programs (PUPs), as the warning has stated.

See here for more information on how to avoid PUPs.

Hope this helps.

Regards,
Alex

#3 crystalm36

crystalm36
  • Topic Starter

  • Members
  • 114 posts
  • OFFLINE
  •  
  • Local time:05:43 PM

Posted 02 February 2015 - 05:40 PM

So is this still a trusted program to install and use? If not, is there an alternative to this program to get her to download? Thanks!



#4 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:10:43 PM

Posted 02 February 2015 - 05:46 PM

Hi crystalm36,

Yes, FileZilla can still be used safely - but remember to ask your friend to choose Custom Install and uncheck everything that they shoved in the installer with the legit app.

If she had already ended up with PUPs on her machine, you can refer her to Am I Infected. She will be assisted in cleaning them off her machine.

Hope this helps.

Regards,
Alex

#5 crystalm36

crystalm36
  • Topic Starter

  • Members
  • 114 posts
  • OFFLINE
  •  
  • Local time:05:43 PM

Posted 02 February 2015 - 05:51 PM

Thank you!



#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:43 PM

Posted 02 February 2015 - 05:57 PM

It's kind of new. The author of FilaZilla partenered with SourceForge to distribute the product, and now SourceForge installer includes promotional offers as part of their "reward system" so the developpers can make some money by distributing their applications via their website. It's quite ironic since it's against the idea of open-source software and such, but they did it anyway. There was a thread posted on BleepingComputer about it containing all the information, here:

http://www.bleepingcomputer.com/forums/t/563279/looking-for-free-safe-ftp-client/?hl=filezilla#entry3602486

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 crystalm36

crystalm36
  • Topic Starter

  • Members
  • 114 posts
  • OFFLINE
  •  
  • Local time:05:43 PM

Posted 02 February 2015 - 05:59 PM

Thank you for the info! Hate this happened to my friend!



#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:43 PM

Posted 02 February 2015 - 06:07 PM

Yeah, that's a real shame considering how popular and used FileZilla is. The developper didn't need this but he opt for it anyway. If she needs, she can register here and get assistance to get all this bloat removed :)

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#9 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:43 PM

Posted 06 February 2015 - 08:46 AM

Just answered a call from someone at work which session wouldn't open correctly. It would only display the cursor. You had to bring up the Task Manager via Ctrl + Alt + Del, kill the explorer.exe process and re-launch it. The last thing he did on his computer was to install FileZilla and it didn't even install, however, two Adwares did, one of which messed up the way explorer.exe was being launched. Removed both and now it's working fine. This is just sad.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#10 Phantom010

Phantom010

  • Members
  • 1,022 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cyberspace
  • Local time:05:43 PM

Posted 06 February 2015 - 09:50 AM

It's sad, but free software vendors need to make a living somehow. Unfortunately, this is the best idea they came up with. They may have donation buttons, but they're not full of cobwebs for nothing... If people put on their glasses and pay attention while installing the programs by choosing "Custom installation" instead of the "Recommended installation", they'll notice all the crapware they can easily avoid with a couple of mouse clicks.

 

Education is the key...


Edited by Phantom010, 06 February 2015 - 09:51 AM.


#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:43 PM

Posted 06 February 2015 - 09:55 AM

It's sad, but free software vendors need to make a living somehow. Unfortunately, this is the best idea they came up with. They may have donation buttons, but they're not full of cobwebs for nothing... If people put on their glasses and pay attention while installing the programs by choosing "Custom installation" instead of the "Recommended installation", they'll notice all the crapware they can easily avoid with a couple of mouse clicks.
 
Education is the key...


One thing is that some of them also gets tricked. You know sometimes, when they propose you to install an additional program you have two options "I accept" or "I decline", but the "I decline" is greyed out, which makes you think that they can't click it, so they can't opt it out? I see that so often. Another nasty technique in order to trick users in installing these useless software.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 Phantom010

Phantom010

  • Members
  • 1,022 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cyberspace
  • Local time:05:43 PM

Posted 06 February 2015 - 10:02 AM

Yes, I know they have tricks. Unfortunately, they're targeting people who aren't computer savvy. You don't need to be a genius to notice the crapware, but users simply don't know if it's needed or not for the main software. Education remains the key...

 

The malware removal forums are literally flooded by users trying to get that crapware off their systems. Helpers should not simply and blindly help them clean up their machines without telling them afterwards why the crapware was installed in the first place, and how to avoid it in the future. They should have that responsibility.


Edited by Phantom010, 06 February 2015 - 10:06 AM.


#13 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:43 PM

Posted 06 February 2015 - 10:14 AM

I'm in the process of writing a canned for this issue specifically, as I feel like I'll be posting it over and over again. But I think there's already a thread here on BleepingComputer that address this issue, not sure. PUPs is still a relatively "new" concept, so I understand that not a lot of users are aware of it, but after getting infected once or twice, they should understand that they are doing something wrong everytime they install a free program.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#14 Phantom010

Phantom010

  • Members
  • 1,022 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cyberspace
  • Local time:05:43 PM

Posted 06 February 2015 - 10:18 AM

but after getting infected once or twice, they should understand that they are doing something wrong everytime they install a free program.

 

Many never learn. That's why they're back on a regular basis... :rolleyes:



#15 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:10:43 PM

Posted 06 February 2015 - 10:24 AM

In my 2nd post I've link to Emsisoft's post on PUPs, which is a very informative piece about what to watch out for.

You may also want to read Malwarebytes' article on PUPs.

Regards,
Alex




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users