NorPallas has been identified as a potentially unwanted program(PUP). This means that NorPallas carries some code which tries to perform unwanted actions on devices which have the application installed.
In many cases, the PUP can be deleted by using an up to date anti-virus, but if the PUP is not detected immediately by the anti-virus, there are still some options which will result in the removal of NorPallas
Potentially unwanted program
A PUP is often very intrusive as it will try to hijack various processes which run on a computer or smart phone. The processes or environments which are often targeted are the browsers on the device or computer, but the PUP could also edit important configuration files on the device which hold rules on how the device should behave and interact with other devices (internet).
So if the application is showing the following signs, NorPallas could be identified as a PUP:
- Hijacks / Opens various random pages via the browser
- Locks or hijacks the control of the device
- The device is sending / receiving more spam then usual
- If advertisements and pop-ups are activated by NorPallas
Why do devices get infected with Potentially unwanted programs (PUPs)?
On a monthly basis, millions of new programs are written and published, a lot of them can be classified as potentially unwanted programs. NorPallas and other PUPs are often installed by unaware internet users which have clicked on a bad link. It is also possible that the PUP is installed via other applications. For a while, Softpedia was distributing software from their site which contained pre-installed PUPs. Softpedia was doing this to earn a online revenue.
All the users simply downloaded the application which they needed from Softpedia, but they did not know that Softpedia included a new agreement, which stated that PUPs are attached to newly downloaded applications and that the user has to say “NO, I don’t want to install NorPallas” during the installment of the application.
So yes, PUPs are often installed on devices because the users are tricked or are simply unaware.
How PUPs are installed and how to avoid them
Software suppliers provide a neat installation screen, and in this screen, the user is often allowed to select between an automated installation or a custom installation. It is strongly recommended to ALWAYS choose the custom installation.
In the automated installation process, the software has all the rights to do whatever it wants, and it is likely that NorPallas has been installed via an bundled application which has been downloaded by the user.
In the custom installation process, the user is still in control, the user will be able to select which plug-ins and extra services should be installed or not, and it is in this step, which the user can decide to install NorPallas or not.
So I repeat, ALWAYS go for the “custom installation” option and skip the automated installation process.
How to remove NorPallas
There are various ways, which will allow you to remove the PUP. The first option is to use the default operating system “Uninstall” tool which you can find in the control panel (Windows).
The other way is to use an anti-virus tool, which will scan the device for unwanted programs and malicious files. I strongly recommend this option, as it will also allow you to identify other files which might have been installed via the malicious application.
- Download an anti-virus (https://www.malwarebytes.org/)
- Update the anti-virus to the latest version
- Perform a Threat scan on your device
Do not stop until the Malware Bytes screen looks like the screenshot below. We are going for 0 Threats on the device.