In this tutorial we are going to talk about the main ways in which we can find it, as well as a series of tips to prevent it from ending up installed on our computer.
What is PUP malware
To understand what it is PUP malware we have to understand well what each of the two words that compose them mean. PUP comes from the acronym in English Potentially Unwanted Program which, translated, means potentially unwanted application. These are programs that do not benefit users and that can cause:
- Slow down, track or saturate our team.
- The change of the home pages.
- Redirect to websites.
- Alter the result of our searches.
Another thing that also characterizes them is that the installation is done with the authorization of the user. This does not mean that the user is not being deceived, since sometimes, with legitimate software, harmful software is also added.
These potentially unwanted programs often disguise the installation of unwanted software in two ways:
- Noting it in the Agreement with the end user. We often look far over at these types of documents.
- Camouflaged within the various installation screens of the program or in the advanced installation options.
Regarding the malware, refers to malicious software or any type of software that can perform harmful actions on our computer system without the user’s knowledge. Thus, cybercriminals can perpetrate information theft using Trojans, cause a computer to malfunction, or blackmail a user by encrypting their data with ransomware.
PUP malware We could define it as a potentially unwanted application that will end up installing harmful software on our computer without our permission. The PUP is somewhat less dangerous, but it can affect privacy and receive too much publicity. We must both try to eliminate them from our teams.
Why are both malware PUPs and regular PUPs dangerous
When we are going to install a program we must walk with a thousand eyes and take our time. As we explained in the previous section, you have to try to read the license agreement and be attentive to everything. The other important point is the installer screens, whether or not the desired software is installed may have to do, for example, with leaving a box checked or not.
A typical example that many of you may have noticed on occasion is that, after installing a program, a browser extension has been installed. Sometimes it is clear that it is from a certain program and may have some utility. However, it may also be the case that they end up threatening our privacy.
Therefore, malware and other types of PUPs will pose the following threats to our computers:
- The change system settings, here we find that they can change our home pages and hijack our browser’s search engine.
- The PUA insertion along with the software that we do want to install. This can be with or without permission from the developer. Keep in mind that cybercriminals sometimes manipulate the installer.
- The espionage of our activity in which they could observe our web browsing habits and then sell them to advertisers.
- The abusive or intrusive advertising in which cybercriminals to make a profit put their own advertising on the websites that the user visits.
- The introduction of malware, an example would be PUP.Optional.Delta which is a browser hijacker that can deactivate our antivirus, the firewall, and also reduce the general performance of the system.
This last category is the one that would be most related to PUP malware
How should I install a program so as not to be a victim of PUPs
When installing a program you have to have common sense, be patient and be cautious.
The first thing we have to do is download the latest version of the program from the developer’s website. This way we avoid that a third party has been able to manipulate it by introducing malware or other PUPs. The next thing we need to do is carefully review the license agreement in case we find anything suspicious.
On many occasions when we install a program we can do it in different ways:
- Using the standard, quick or recommended installation. It does everything for you automatically and will install all the components for you by default. If there is any PUP I would install it too.
- Using the custom installation. Being requires the most effort and attention, but it is also the safest. In it, generally all the boxes are activated, which means that all the elements will be installed. We must read them one by one and dispense with those that constitute a risk to our security or those that we are not going to use to save space on the hard disk.
We do not always find facilities of this type. There is also a simple type of installation that in some of its screens have activation boxes that if you do not deactivate it, it will install additional software. Generally, if you go very fast, you have a good chance of not deactivating that box and that harmful software ends up on your computer.
What other additional measures can I take to protect my equipment
As we have already seen, an essential part to prevent PUP malware or any other potentially unwanted software is to be very careful during the installation process. Our first line of defense should be to have a operating system with the latest updates installed Y have an updated antivirus installed.
It may also be the case that we are a careful person and committed to safety. However, sometimes that may not be enough because other people occasionally use your PC or laptop. In those cases a solution may be create guest accounts so they don’t install anything without your permission.
A good idea in Windows is to go to Add or Remove Programs and review the installed software. If you are sure that you do not need it or it may be dangerous to uninstall it. Another very convenient option is have antimalware software installed. A free example that we could use is Malwarebytes. In the same way that we periodically scan our computer for viruses, we must also do it for malware.
This is an example of Malwarebytes looking for threats on our computer.
These are the results I have obtained after analyzing my PC:
If you look at detected PUPs, it says 0. That means that I am free of PUP malware or any other type of PUP. In the event that malware is detected, most of this type of software will quarantine those executable files and / or folders where that PUP is installed.
It could also be the case that this assessment is unfair. In that case we should manage a tool that is usually called exclusions, white list or list of allowed sites. There we will have to put the location of the folders or files that we want to allow. Finally, in RedesZone we recommend not allowing any unless we are very sure that it is not harmful software.