Avast Secure Browser for Windows was installed on my machine (Windows 10 Professional 64 bit) after a reboot to finish installation of a completely unrelated piece of software.
I was not asked.
I was not informed.
My default browser was changed.
Three additional services were installed.
Uninstallation FAILED through the normal methods (control panel). Simply shutting down the services and deleting the program failed due to lack of permissions (have to restart with the Administrator account enabled).
I FINALLY found (through a search) that there is a special uninstall program that must be used to uninstall this UNWANTED browser.
After that, I had to restore my default browser settings.
I have NO idea what this “secure” browser does. Does it send information to Avast? I don’t know. It automatically updates itself and runs a crash reporter communicating to Avast.
Again, I didn’t ask for ANY of this. It just appeared on my system after restarting to install a completely unrelated piece of commercial software.
This is NOT acceptable.
This is a private (not corporate) machine, completely (or so I thought) controlled and managed by me.
I still haven’t got Avast Secure Browser (ASB) installed on this system.
I tried it some time ago and I had to specifically download it. It is a stand alone program, but if you have Avast installed then there is some integration to get all of its functionality.
I wasn’t particularly interested in its functionality (I have much of that functionality in my default browser), nor did I like its underlying chromium coding, I have been avoiding the Google Chrome browser. So after my trial I uninstalled it from the control panel and that went OK (lucky me), but I have never had it installed after an Avast program update.
After a Program Update you really have to watch out as some the screens displayed about new features could well have a try ASB option and it could well be pre-checked. So if you miss it ASB would get installed, personally I’m against any pre-checked options, which goes for all software, so I do a custom installation on fresh installs and read all update screens.
There is an uninstall utility if the control panel uninstall doesn’t work:
I have updated the Avast Antivirus application on a second PC. Its definitions were up to date but the engine was 11 Feb. That updated and requested a restart which I did.
That all went cleanly with no rogue ASB install.
I am pretty sure that I followed the same steps as first time. I am fairly conscientious about not clicking on Avast’s resolve now, upgrade, etc.
So I am thinking that either the trigger is something obscure or that Avast have fixed the issue.
The lack of an uninstaller accessible via the Control Panel was a real issue.
I didn’t find out about the special uninstall program until after a second search (and activating the Administrator account, etc.).
I was not prompted about the install. I am always very careful about not upgrading, not adding the browser plugins, etc.
What happened for me is that I updated another piece of software that required a reboot, and apparently Avast had updated in the background, since I have silent notifications turned on. Upon reboot, I had the browser installed, three new services, and my browser preferences changed to use the Avast secure browser.
This is a heavily used development machine (Docker, Apache HTTPD, Apache Tomcat, MySQL, PostgreSQL, Metabase, R, etc.) as well as the normal productivity stuff. I do not need additional services on my machine. I certainly do not need a non-standard browser as my default browser to come up for testing.
If Avast wants to make a “secure” browser (how secure is it if at least two services chat back and forth with Avast), then it should be an opt-in option, not a stealth install. Also, the Uninstall package should be made a part of the install, so that it’s easy to remove (rather than having to search for it, and run it separately from the Control Panel).
There is a regular Uninstall from the Control Panel, that is how I removed mine, the avast_secure_browser_uninstall.exe tool is there in the event of the Control Panel uninstall failure. The same as there is a special tool to uninstall the Avast program in the event of a failure of the Control Panel uninstall function.
@DavidR one of the problems observed by me and others is that the rogue install of ASB did not have an uninstaller. The regular way of uninstalling apps using Windows Settings failed. I looked in the program folder and there was nothing resembling an uninstaller. At least the Avast web site provides one to those savvy enough to look for it.
I dare say that a user instigated install of ASB may well do the right things including bundling a working uninstaller. I suspect that Hanlon’s razor may apply.
An unprompted install, hijacking of the user’s browser, auto starting and non-trivial uninstall are symptomatic of malware that Avast is meant to be protecting against.
Yes, this tactic is just wrong. I turned on my computer and in a few minutes Avast pops up said it had updated my Avast Free Anti-Virus Software, then Secure Browser pops up. I did not authorize this install, Windows will not uninstall it because it can’t find the uninstall file, Avast has seen fit to hide the file. I’ve done some research and have found the Browser uninstall file is in User/appdata folder, I have not confirmed this yet as I’m at work at the moment.
So I will be removing Secure Browser and probably anything to do with Avast, this is just shady business on Avast’s part. I have used Avast for many, many years and always tasked very highly of them it’s ashame they have resorted to tactics like this.