What is a PUP?
When it comes to anti-malware terminology, there’s quite a bit of jargon floating around the web. This is true of most things computerized. You’ve got bits and bytes, .exes and .mp3s. Trojans, rootkits, social media, and RSS feeds. Platforms, consoles, operating systems, applications. Articles on websites that are posted on blogs.
It can all get very confusing, especially when terms overlap. In the world of anti-malware, one term that is particularly troublesome is that of the PUP.
First thing’s first, a PUP is not a Pet
Though named like one, a PUP is a program, not a four legged pet. PUP stands for Potentially Unwanted Program, and programs that fall under this moniker are slightly different than malware.
From a technical standpoint, a PUP is not malware. PUPs are not created with the intent to destroy your computer or steal your personal information. Rather, PUPs are usually just marketing tools that find their way onto people’s computers through a bit of social engineering.
In the past, PUPs were referred to as spyware and ad-ware, but many of the companies that create these programs didn’t like these terms. They found them counterproductive, as they associated their programs with malware and scared people away. As such, there now exists a fine legal line between what constitutes a PUP and what constitutes malware, and anyone in the business of labeling programs must be cautious about which term they use.
How can I get one?
Fittingly enough, getting a PUP is kind of like getting a puppy. Let’s consider two scenarios.
Every day when you come from work, your 10 year old child asks if she can get a puppy. Early on, she’s very upfront about it. “Mommy, can we get a puppy,” she politely asks. You say no, because you’re well aware of everything that’s involved. Chewed-up furniture, obnoxious yellow stains, hair everywhere, and who knows what else. All sorts of things that won’t per se destroy your home, but will certainly make it look, feel, and smell much worse.
But your child is persistent. She continues her puppy campaign for a good month, every day after work asking if the family can get one. She grows more creative in her approach, drawing out detailed action plans and comparing the benefits of owning a puppy to the costs. “It will teach me to be responsible,” she says. This goes on and on, until you grow tired and in a moment of weakness breakdown and say, “Okay. A puppy it is.”
Yet it doesn’t stop there. On Saturday morning when you get to the pet store, you walk in to find that they’re having a Puppy Extravaganza. There’s puppies everywhere, and a bubbly, young salesgirl informs you and your child that they’re having a 2-for-1 Puppy Day Sale! Your daughter’s eyes light up with glee. You think about slapping the salesgirl, but you know that it’s simply too late. You’re going home with two new puppies, whether you want to or not.
Every day when you come home from work, you log onto your computer and surf the web. You’ve just purchased a brand new laptop and man is it fast! You can run with upwards of 30 separate windows at once, and when it comes to finding new entertainment or information you are simply unstoppable.
You’re excited, because the Internet is just about exploding at the seams with all sorts of new plug-ins and applications. Most of them are free, and many of them are useful. Every single day you find something new and intriguing that you’ve just got to try, and you fall into a routine where you click INSTALL, INSTALL, INSTALL on repeat until everything is done.
In one way, you’re kind of like the excited child who wants a puppy. You simply want to try something that’s fun, and you don’t consider the long term implications of what you’re doing. Even worse, you can have what you want instantaneously, without having to beg your mom or your dad.
In another way, you’re kind of like the exhausted parent. You know that downloading all sorts of freeware realistically can’t be good, but you’re tired from work and simply don’t care about all of the fine print included in every install. You just want to relax, and enjoy your freeware.
What’s really going on?
Freeware is great, but the reason that most of it is free is because it serves as a vector of advertisement for proprietary software. How does this happen? In cases of installation-induced-glee or its counterpart, the “I’m too tired to read the fine print” variant, people end up installing much more than they had originally bargained for.
Creators of PUPs know this well. They know that people don’t take the time to read through all the steps of every installation wizard they encounter, and, being software developers, they see this as a prime opportunity to advertise their software for free.
What do you end up getting? Well, it depends on the developer. Sometimes, it’s an Internet toolbar that helps you accomplish some novel task, all the while displaying its creator’s logo right where your eyes go every time you search. Other times, it’s something like a branded desktop weather monitor that informs you of the environmental conditions from your hometown to Dubai and everywhere else in between. In still other cases, PUPs are simply spyware (don’t repeat that), that monitor your search habits and try to coax you into buying things you really don’t need.
Alone, a single PUP is relatively harmless. But walk into the pet store during Puppy Day Extravaganza, and we can guarantee that you’re going to walk away biting off much more than you can chew.
The Problem with PUPs
The problem with PUPs is that most people don’t have just one; they have a whole litter. This happens because, over time, most computer users download a lot of freeware – and most of this freeware comes loaded with at least one PUP.
Load your computer with too much of anything, and you can be sure that it will slow down. At the end of the day, this is why PUPs are named the way they are. “Potentially unwanted” because if you install enough of them, your computer is going to turn into a slug. Kind of like how one puppy comes loaded with just enough destruction to ruin your carpet or your couch, but 2-3 puppies will make you want to burn your home down.
In an even simpler analogy, consider PUPs the junk food to the body that is your computer. One or two won’t kill you, but eat the whole bag and, well, you know how that goes…
Like our canine friends, PUPs can come in near infinite variations, from large to small, to clumsy and drooling, to overly yippy and on all accounts downright annoying. Some of them look like this:
If you click on the image and take a closer look, you’ll notice many things. One is that the Windows taskbar along the bottom of the screen has a new shortcut (the blue P). In this specific screenshot, the user has clicked on the shortcut. Because this ‘short cut’ is actually a PUP, it has automatically directed the user to the web address in the URL field, rather than launch a program. What this amounts to is basically an automated advertisement for computer security software, and the advertisement is designed to appear as though it has scanned your computer and your situation is desperate.
Many times, PUPs will take advantage of the Windows taskbar because it makes them seem more legitimate. Some PUPs will even go as far as ‘enhancing’ Windows features, by adding novel elements. One recent PUP tried to impress its owners by bringing the Start button back to Windows 8. Why did it do this? Mostly, it’s a case of puppy eyes. PUPs know they’re bad, but they still want you to love them. Still other PUPs will appear something like this:
Notice the (over) abundance of Internet toolbars at the top of the screen. Each one is a PUP, waiting to be clicked and waiting to display an obnoxious new advertisement. Given enough PUP toolbars, your Internet browser will eventually crash, as each PUP simultaneously battles for your attention (i.e., eats memory on your computer). What has happen here is that the battle for PUP dominance has caused one PUP to get desperate and revert to displaying a ‘System Failure’ alarm that tells you you’ve downloaded too many PUPs. Its solution? Downloading more PUPs of course!
How Can I Avoid Getting a PUP?
Fortunately, preventing your computer from getting a new PUP is much, much easier than telling your children No. Computers aren’t as cute as kids (at least not yet), and they don’t really care what you do to them.
The best way to avoid PUPs is simply to slow down your installation process. PUPs can come in on any new software, freeware or not, and all it takes to keep them from entering your computerized home is a bit of close reading and a few clicks to un-check what’s usually a pre-checked box.
This particular example displays just how deeply layered PUP installs can be. ‘Delta Search‘ is itself a PUP toolbar, and its installation is preset to install yet another PUP. RealPlayer is a legitimate product, but it does include a lot of automated marketing many users would prefer to live without. This is relatively benign enough on its own, but click ‘Next’ and the Delta Search installer displays yet another PUP install screen.
This time it’s for a free trial of TuneUp Utility 2013, which in PUP speak translates to a free means of advertising. Like the PC Speed Up described above, TuneUp Utility 2013 is designed to convince you that your computer is broken and that the only way to fix it is to buy the TuneUp Utility program. Not malicious, per se, but certainly what one could describe as aggressive salesmanship. One program that takes this shark mentality to a whole new level is called Install IQ.
That’s 4 separate install screens for 4 separate PUPs! Ask yourself how likely it would be for you to read through the finer print of each one, and you’ll have an answer as to whether or not your computer is vulnerable to PUPs.
Emsisoft’s PUP Signature Database
Beyond a bit of patient reading, another method of PUP prevention is to utilize an antivirus software that’s designed to identify PUPs, such as Emsisoft Anti-Malware. Emsisoft focuses specifically on PUPs that come packaged in freeware because they are the most common. In fact, our extensive signature database identifies 1000s of PUPs so that you don’t have to, and brings them to your attention before you click INSTALL.
Consider us the slap you wished you could have given that overzealous puppy seller, before they announced their 2-for-1 sale. And don’t worry, our installation process is completely PUP free.
Have a Great (Malware-Free) Day!