"EFast Browser" which replaces the browser without user's noticing due to Chrome-like look and behavior

Impersonate Google browser Chrome, change any association, replace Chrome browser "EFast Browser (eFast Browser)"Security software company is calling attention. It is pointed out that the eFast browser not only displays its own pop-up advertisement but also collects privacy information.

EFast browser hijacks file associations | Malwarebytes Unpacked
https://blog.malwarebytes.org/online-security/2015/10/efast-browser-hijacks-file-associations/

Ads by eFast_Browser - how to remove?
https://www.pcrisk.com/removal-guides/9480-ads-by-efast-browser

Security counterpart organizationMalwarebytesReports on the official blog the existence of a browser similar to Chrome "eFast Browser" that replaces Chrome without user's permission. The eFast browser says that behaviors of icons and the browser itself are similar to Chrome, and they are not noticed at first glance. That should be that eFast Browser is based on Chrome's open source softwareChromiumBecause it is a browser based on, it is reasonable that behavior behaves exactly like Chrome.

According to the outline of the eFast browser, "eFast is based on Chromium, so malware and phishing protection functions are installed".


However, when Chrome is installed on the PC, the eFast browser replaces himself with Chrome without permission and designates it as the default browser, not only the browser but "gif" "htm" "html" "jpg" "xhtml" Such as file association such as "ftp" "http" "https" URL association with eFast browser.


In the eFast browser, Chrome settings are handed over automatically, there is no major change in ease of use with Chrome, so it is hard to notice that the user has replaced the browser, and the intention of using Chrome is actually using the eFast browser, That can happen. Also,PCriskAccording to the eFast browser, there is a possibility of displaying unique pop-up advertisement, collecting privacy information such as site browsing history and sharing information with third party companies, so suspicious program (PUP It is said that it is treated as).

The eFast browser infection route is often bundled with a free program, and it seems that it is introduced by carelessly installing software.


Whether or not Chrome installed on PC is replaced by eFast browser can be judged in one shot by looking at "overview" coming out if you enter "chrome: // chrome" in Chrome's address bar. If it says "Google Chrome" here, it is a real Chrome, but if it is shown as "eFast", it is replaced.


Suspicious program PCrisk says that it is desirable to delete programs from "Programs and Features" if eFast Browser is installed.


After deleting the eFast browser itself, it is recommended to also check Chrome's extensions and so on. Click on Chrome's "Menu Icon" → "Other Tools" → "Extension Function" to display the extended function list, and if eFast related extended function or unknown extended function is discovered, uninstall it It is said.


In addition, when it is difficult to make a decision, it is also ant to add again the necessary extended functions after initializing for the time being. Click on "Chrome" menu icon → "setting".


Click "Show advanced settings".


Click "Reset settings" to change Chrome to its initial state.


According to PCrisk, it should check not only Chrome but also add-ons and extended functions such as Internet Explorer, Firefox, Safari.


The entrance route, behavior and uninstallation of the eFast browser are explained in the following movie.

How to remove adware and potentially unwanted applications? - YouTube