What is a PUP?

Puppy_Love

When it comes to anti-malware terminology, there’s quite a bit of jargon floating around the web.  This is true of most things computerized.  You’ve got bits and bytes, .exes and .mp3sTrojans, rootkits, social media, and RSS feedsPlatforms, consoles, operating systems, applications.  Articles on websites that are posted on blogs.

It can all get very confusing, especially when terms overlap.  In the world of anti-malware, one term that is particularly troublesome is that of the PUP.

First thing’s first, a PUP is not a Pet

Though named like one, a PUP is a program, not a four legged pet.  PUP stands for Potentially Unwanted Program, and programs that fall under this moniker are slightly different than malware.

From a technical standpoint, a PUP is not malware.  PUPs are not created with the intent to destroy your computer or steal your personal information.  Rather, PUPs are usually just marketing tools that find their way onto people’s computers through a bit of social engineering.

In the past, PUPs were referred to as spyware and ad-ware, but many of the companies that create these programs didn’t like these terms.  They found them counterproductive, as they associated their programs with malware and scared people away.  As such, there now exists a fine legal line between what constitutes a PUP and what constitutes malware, and anyone in the business of labeling programs must be cautious about which term they use.

How can I get one?

Fittingly enough, getting a PUP is kind of like getting a puppy.  Let’s consider two scenarios.

Scenario One

10731980_sEvery day when you come from work, your 10 year old child asks if she can get a puppy.  Early on, she’s very upfront about it.  “Mommy, can we get a puppy,” she politely asks.  You say no, because you’re well aware of everything that’s involved.  Chewed-up furniture, obnoxious yellow stains, hair everywhere, and who knows what else.  All sorts of things that won’t per se destroy your home, but will certainly make it look, feel, and smell much worse.

But your child is persistent.  She continues her puppy campaign for a good month, every day after work asking if the family can get one.  She grows more creative in her approach, drawing out detailed action plans and comparing the benefits of owning a puppy to the costs.  “It will teach me to be responsible,” she says.  This goes on and on, until you grow tired and in a moment of weakness breakdown and say, “Okay.  A puppy it is.”

Yet it doesn’t stop there.  On Saturday morning when you get to the pet store, you walk in to find that they’re having a Puppy Extravaganza.  There’s puppies everywhere, and a bubbly, young salesgirl informs you and your child that they’re having a 2-for-1 Puppy Day Sale!   Your daughter’s eyes light up with glee.  You think about slapping the salesgirl, but you know that it’s simply too late.  You’re going home with two new puppies, whether you want to or not.

Scenario Two

10497029_sEvery day when you come home from work, you log onto your computer and surf the web.  You’ve just purchased a brand new laptop and man is it fast!  You can run with upwards of 30 separate windows at once, and when it comes to finding new entertainment or information you are simply unstoppable.

You’re excited, because the Internet is just about exploding at the seams with all sorts of new plug-ins and applications.  Most of them are free, and many of them are useful.  Every single day you find something new and intriguing that you’ve just got to try, and you fall into a routine where you click INSTALL, INSTALL, INSTALL on repeat until everything is done.

In one way, you’re kind of like the excited child who wants a puppy.  You simply want to try something that’s fun, and you don’t consider the long term implications of what you’re doing.  Even worse, you can have what you want instantaneously, without having to beg your mom or your dad.

In another way, you’re kind of like the exhausted parent.  You know that downloading all sorts of freeware realistically can’t be good, but you’re tired from work and simply don’t care about all of the fine print included in every install.  You just want to relax, and enjoy your freeware.

What’s really going on?

Doma PUP2Freeware is great, but the reason that most of it is free is because it serves as a vector of advertisement for proprietary software.  How does this happen?  In cases of installation-induced-glee or its counterpart, the “I’m too tired to read the fine print” variant, people end up installing much more than they had originally bargained for.

Creators of PUPs know this well.  They know that people don’t take the time to read through all the steps of every installation wizard they encounter, and, being software developers, they see this as a prime opportunity to advertise their software for free.

What do you end up getting?  Well, it depends on the developer.  Sometimes, it’s an Internet toolbar that helps you accomplish some novel task, all the while displaying its creator’s logo right where your eyes go every time you search.  Other times, it’s something like a branded desktop weather monitor that informs you of the environmental conditions from your hometown to Dubai and everywhere else in between.  In still other cases, PUPs are simply spyware (don’t repeat that), that monitor your search habits and try to coax you into buying things you really don’t need.

Alone, a single PUP is relatively harmless.  But walk into the pet store during Puppy Day Extravaganza, and we can guarantee that you’re going to walk away biting off much more than you can chew.

The Problem with PUPs

The problem with PUPs is that most people don’t have just one; they have a whole litter.  This happens because, over time, most computer users download a lot of freeware – and most of this freeware comes loaded with at least one PUP.

Load your computer with too much of anything, and you can be sure that it will slow down.  At the end of the day, this is why PUPs are named the way they are.  “Potentially unwanted” because if you install enough of them, your computer is going to turn into a slug.  Kind of like how one puppy comes loaded with just enough destruction to ruin your carpet or your couch, but 2-3 puppies will make you want to burn your home down.

In an even simpler analogy, consider PUPs the junk food to the body that is your computer.  One or two won’t kill you, but eat the whole bag and, well, you know how that goes…

PUP Breeds

Like our canine friends, PUPs can come in near infinite variations, from large to small, to clumsy and drooling, to overly yippy and on all accounts downright annoying.  Some of them look like this:

pc_speed_up

If you click on the image and take a closer look, you’ll notice many things.  One is that the Windows taskbar along the bottom of the screen has a new shortcut (the blue P).  In this specific screenshot, the user has clicked on the shortcut.  Because this ‘short cut’ is actually a PUP, it has automatically directed the user to the web address in the URL field, rather than launch a program.  What this amounts to is basically an automated advertisement for computer security software, and the advertisement is designed to appear as though it has scanned your computer and your situation is desperate.

Many times, PUPs will take advantage of the Windows taskbar because it makes them seem more legitimate.  Some PUPs will even go as far as ‘enhancing’ Windows features, by adding novel elements.  One recent PUP tried to impress its owners by bringing the Start button back to Windows 8.  Why did it do this?  Mostly, it’s a case of puppy eyes.  PUPs know they’re bad, but they still want you to love them.  Still other PUPs will appear something like this:

too_many_toolbars

Notice the (over) abundance of Internet toolbars at the top of the screen.  Each one is a PUP, waiting to be clicked and waiting to display an obnoxious new advertisement.  Given enough PUP toolbars, your Internet browser will eventually crash, as each PUP simultaneously battles for your attention (i.e., eats memory on your computer).  What has happen here is that the battle for PUP dominance has caused one PUP to get desperate and revert to displaying a ‘System Failure’ alarm that tells you you’ve downloaded too many PUPs.  Its solution?  Downloading more PUPs of course!

How Can I Avoid Getting a PUP?

Fortunately, preventing your computer from getting a new PUP is much, much easier than telling your children No.  Computers aren’t as cute as kids (at least not yet), and they don’t really care what you do to them.

The best way to avoid PUPs is simply to slow down your installation process.  PUPs can come in on any new software, freeware or not, and all it takes to keep them from entering your computerized home is a bit of close reading and a few clicks to un-check what’s usually a pre-checked box.

real_player

This particular example displays just how deeply layered PUP installs can be.  ‘Delta Search‘ is itself a PUP toolbar, and its installation is preset to install yet another PUP.  RealPlayer is a legitimate product, but it does include a lot of automated marketing many users would prefer to live without.  This is relatively benign enough on its own, but click ‘Next’ and the Delta Search installer displays yet another PUP install screen.

delta_search

This time it’s for a free trial of TuneUp Utility 2013, which in PUP speak translates to a free means of advertising.  Like the PC Speed Up described above, TuneUp Utility 2013 is designed to convince you that your computer is broken and that the only way to fix it is to buy the TuneUp Utility program.  Not malicious, per se, but certainly what one could describe as aggressive salesmanship.  One  program that takes this shark mentality to a whole new level is called Install IQ.

IIQ PUP1 IIQ PUP2

IIQ PUP3 IIQ PUP4

That’s 4 separate install screens for 4 separate PUPs!  Ask yourself how likely it would be for you to read through the finer print of each one, and you’ll have an answer as to whether or not your computer is vulnerable to PUPs.

Emsisoft’s PUP Signature Database

Beyond a bit of patient reading, another method of PUP prevention is to utilize an antivirus software that’s designed to identify PUPs, such as Emsisoft Anti-Malware.  Emsisoft focuses specifically on PUPs that come packaged in freeware because they are the most common.  In fact, our extensive signature database identifies 1000s of PUPs so that you don’t have to, and brings them to your attention before you click INSTALL.

PUPs

Consider us the slap you wished you could have given that overzealous puppy seller, before they announced their 2-for-1 sale.  And don’t worry, our installation process is completely PUP free.

Have a Great (Malware-Free) Day!

  • Pingback: Emsisoft Malware Library | Emsisoft Blog()

  • Pingback: What is a Digital Certificate? | Emsisoft Blog()

  • Zeeb Ralston

    kind of like the old style ‘con games’ or ‘grifter’ schemes, the base of the scams, being they use human greed (looking for a deal) in the user, as the ‘pull in power’ of their schemes, so the creators of these PUP’s offer us ‘what we THINK we need i.e. “free, and cool stuff at a ‘steal’ or for ‘free “. NOTHING IS FREE (well mostly)…… and if we can all remember that, and get a bit paranoid (a healthy dose, not an overdose) about the internet and THOSE WHO USE IT FOR NON PERSONAL USE – we can go along way to speedy, healthy, safe and secure browsing. Me, I paid money for an email program THAT USES AN ENCRYPTED system and sends NO DATA (does NOT track you) beyond it’s own business parameters. (let’s see how long the governments of the world allow it to be in existence).

  • Larry Heme

    I have been a computer service agent for 25 years, seen it, done, it and still learning!
    I suggest EMSISOFT to all of my customers, above and beyond all others. This is the only software I trust to get the job done…and I have to admit; EMSISOFT you cost me business; but I have satisfied clients now.

  • Pingback: monster high characters wikia()

  • Pingback: Super Maio All-Stars()

  • Pingback: high items()

  • David

    Emsisoft just caught a pup for me. I get a nag at every startup of my computer to upgrade to the latest version of StartW8. At 4:30 a.m. tonight I made the mistake of upgrading. After wasting over an hour seeking a download point on their site, I took one of the offered links to a major downloader of freeware/malware junk. I though I had avoided their new cleverly worded agreement to include the malware. Something is still included that triggers an Emsisoft reaction:

    Verified information according to the digital certificate of the detected file (icc.dll):
    This file is not digitally signed C:UsersDavidAppDataLocalTempIS2574~146289~1icc.dll

    I can’t get rid of this warning!

    Oh, BTW, I downloaded StartW8 twice from the recommended links and got the same version of StartW8 that I started with! I have wasted 3 days on this and similar crap!

    • Mariska

      Hey David, looks like whatever is/was on your computer is not completely gone yet. Please head over to our support forum and include the warning message. Perhaps one of our malware experts can help you figure out how to get rid of the warning. Good luck!

  • Pingback: лучшее порно()

  • Pingback: writer resume()

  • Pingback: http://zgjzzx.cn/comment/html/index.php?page=1&id=20976()