How to detect and help remove a potentially unwanted application (PUA)

They hide in plain sight, alongside legitimate apps. Some are merely annoying as they unleash the chaos of multiple pop-up ads. Others have more malicious intentions. Find out why Potentially Unwanted Applications (PUAs) are common, unwelcome house guests on our devices, what security risks they might introduce, and how you can stop them. Then help eliminate even the latest online threats with powerful scanning technology from Avira Free Antivirus. It’s the fast, free, effective way to help remove PUAs and more.

What is a Potentially Unwanted Program (PUA)—and how does it work?

When you hear “unwanted” you may feel (almost) sorry for them but spare no mercy for PUAs, even when they’re rather sweetly called Potentially Unwanted Programs or PUPs. These undesirable and unexpected software programs are anything but cute (although they can show their teeth later). Here’s how they hitch a ride onto our computer systems: You’ll find them embedded within other software programs as part of a bundle, where they’re waiting to download and install themselves when you install that bundle. Here are the top three ways that a PUA downloads automatically to worm its way into your computer system and life:

• You download and install a legitimate software app that contains a PUA.
• You download and install a spoofed or “cracked” version of an app from a third-party site, and it’s laced with a (possibly malicious) PUA.
• You click on an infected link, file, online advert, or email.

Although we trigger their download, PUAs are considered unwanted because we weren’t made fully aware of their presence and never consented to installing them as extras.

They may just be along for the ride but don’t take PUAs too lightly. They can clog our screens with unwanted ads or an unnecessary toolbar, which is distracting and annoying. There’s potentially a darker side too: Some PUAs come with serious risks to our online privacy and security.

The birth and rise of PUPs

The term PUP was first coined by the internet security company McAfee when marketing firms objected to having their lovingly crafted products called “spyware”. They argued that there was no illicit spying as users had the option of giving (or denying) informed consent as part of the download agreement. If you’re like most ordinary humans, you’ll tend to rush through terms and conditions—or ignore them altogether. Very few of us take the time to study reams of complex small print in enough detail to understand exactly what we’re downloading or agreeing to. Marketing companies know this.

Historically, the first major companies working with PUAs to drive revenue sprung up in the US in the mid-2000s. Many, such as Zango, were investigated and eventually charged with unfair and deceptive business practices. Have you heard of Download Valley? It’s generally considered the birthplace of many PUPs today. This large cluster of software companies allegedly monetises vast volumes of shareware by blending it with common malware. Remember that the next time you’re tempted to click “download” without thinking.

Are they worth the risk? See the common types of PUA

If you can’t resist downloading free software, remember that there really is no such thing as a free lunch. You’ll usually end up paying in other, unexpected ways, such as with your personal data as currency. As users, we all have a different sense of what constitutes privacy and our willingness to tolerate ads varies too. Only you will know if the benefits of your new, free software bundle are worth the hazards. To help you decide, take a quick look at the typical risks posed by PUAs, as they often function as:

• Adware displays unwanted advertising (usually popups) on your computer or mobile device and can even redirect your browser to certain websites.
• Browser hijackers are malware that change your web browser settings without your permission and redirect you to a web page you didn’t intend on visiting. Some browser hijackers may contain spyware, but usually the aim is to help the cybercriminal generate fraudulent advertising revenue.
• Spyware can hide on your computer and record your keystrokes or track your online activity. It gives cyberthieves the gift of your personal information, opening the door to many illicit activities (like granting them access to your online accounts).

Are PUPs malware?

This is where it gets murky…or to be more specific “grey”. Potentially Unwanted Programs are classified as greyware, which is a category of software that languishes in the “grey area” between legitimate software and malicious software (malware), like worms, Trojans, and viruses. So, they’re not officially malware, and the main difference is that you give consent to download the PUP, even though you might not know about it.

If they’re not malware, are PUAs bad? As you’ll have seen above, they can contain online nasties like keyloggers, dialers (malware that dials expensive numbers), and web tracking software that may lead to identity theft, so they’re a potential threat to your privacy. And if you’re inundated with pop-up ads, your sanity and productivity could be at stake too. Even if the PUP doesn’t contain malicious content, too many PUPs can be frustrating as they slow your computer down by taking up storage space. They can even weaken your online security defences by making the system more vulnerable to malware.

Dislike spam? Of course you do. PUAs can contribute to it by redirecting you to ‘spammy’ websites or gathering user data that powers these unsolicited emails. If you’re being buried under a deluge of spam, find out how to help stop spam emails here.

PUA detected? It usually falls into one of these software categories

If you have a software security solution, it will typically detect and divide potentially unwanted programs into the following categories. This also serves as a handy checklist of common PUA hot spots—and a reminder of what can happen when PUAs run riot! Beware of:

• Software bundles, unless you know and trust the source: Software that asks you to download additional software that’s integrated into it is called bundled software. Be suspicious, as who knows what’s lurking? The embedded installation file could be malicious.
• Marketing software: It’s a popular tool used by marketing agencies to monitor customer activity to improve marketing campaigns and enhance the user experience. Avoid it if you don’t like being tracked.
• Crypto-mining tools: Crypto-mining software runs in the background and uses computer resources to mine cryptocurrencies. Sometimes, the attacker creates a network of botnets and uses their resources simultaneously to mine digital currency like Bitcoin.
• Command and control software: This type of PUA connects your computer to the hacker’s instruction server, putting the hacker in the driver’s seat. They can then install malicious files on your machine which run in the background as they execute the hacker’s commands.
• Exploit kits: This file contains a code that takes advantage of a vulnerability in an app, driver, or firmware to perform an illegitimate activity. It can be difficult to detect, especially if it’s encrypted and integrated with other files.
• Evasion software: As the name suggests, this software is a pro at escaping detection by security solutions while it quietly goes about its work (whatever the hacker intended).
• Rogue security software: These potentially unwanted applications appear to be legitimate security solutions but don’t provide any real security. Instead, they serve up bogus alerts and hog resources, while convincing users to upgrade to “enhanced” protection. Don’t!

How to detect and remove PUAs

The easiest and generally most reliable way to help keep your devices free of PUAs and other unwanted software is a reputable antivirus. Avira Free Antivirus comes with a PUA shield that’s specifically designed to detect unwanted software piggybacking on legitimate apps. It also helps prevent intrusive and malicious ads, pop-ups, and banners from loading. And if you’re ever directed to a harmful website, the Safe Browsing feature can prevent it from loading.  And have you heard of Avira NightVision™? While it sounds like it’s leapt straight from the big screen, we’re talking about the intelligent, automated learning system behind Avira’s anti-malware technology. Beyond PUAs, it helps detect Trojans, viruses, and even zero-day (i.e.: the latest) online threats.

Simply use the Smart Scan feature within Avira Free Antivirus to check your device for malware, including potentially unwanted programs. You can choose from a full or quick scan and schedule scans too.

If you try and manually remove a PUP, you might not delete it entirely—or worse: You could end up agreeing to more terms and conditions and downloading another PUP while uninstalling the original program! Don’t go it alone when there are specialised solutions to help. If it’s time for a clear-out, read our quick guides on how to help delete or hide unwanted apps on an Android device or get rid of unwanted apps on your iPhone.

How to help avoid PUAs

Do you really need that screensaver of a dancing cat? If you’re tempted to click on a link or download a free file, remember the risks, and always follow these rules:

• Be fussy. Be vigilant: Choose original software from legitimate sources. Only download branded software directly from trusted vendors. Be extra cautious when downloading freeware or programs from unknown companies!
• Be patient: Read the end-user licence agreement (EULA) and pay careful attention to what you’re consenting to, such as a free browser add-on you don’t want. Unless you’re 100% happy, opt out! The EULA may include a clause about PUPs, so look out for it.
• Make it personal: Choose a custom installation.Avoid the standard or default installation settings when installing software as this version usually includes programs you don’t need. Opt for the custom or advanced settings—they’re much more likely to be free from PUAs.
• Be strategic and stay a step ahead: Implement reputable anti-malware.Specialised, comprehensive security tools like Avira Free Antivirus help detect, block, and automatically remove a multitude of online threats, from viruses to ransomware and PUAs.

Avira Free Antivirus also comes with a built-in PUA shield and is available for PCs and Macs. Avira Security has your mobile devices covered too: Find your protection for Android or iOS.

It’s easy to find yourself floundering in an online ocean awash with unnecessary software that collects data it shouldn’t and abuses permissions. We’ll never be entirely free of PUAs and attempts to track us, sell to us, or infect our machines with malware— but we can make choices that help keep our digital lives safer.