Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unwanted pup's


  • Please log in to reply
5 replies to this topic

#1 terryw45

terryw45

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 30 March 2017 - 10:28 AM

Dear sirs,

downloaded a programme from 'softronic', everything fine.  Emsisoft and malwarebytes are in the start menu, all normal. Later ran 'adwcleaner' and so many flags identifying 'softronic' and the download. Cleaned everything,all ok, but how did they slip through, have I not configured things correctly?

Windows 7, 32 bit on old HP 500B.

 

Thanks for any help.


Edited by hamluis, 30 March 2017 - 10:36 AM.
Moved from Win 7 to Gen Security - Hamluis.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,938 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:34 PM

Posted 30 March 2017 - 03:34 PM

A Potentially Unwanted Program (PUP) is a very broad threat category which can encompass any number of different programs to include those which are benign as well as problematic. Thus, this type of detection does not always necessarily mean the file is malicious or a bad program. PUPs in and of themselves are not always bad...many are generally known, non-malicious but unwanted software usually containing adware or bundled with other free third-party software as a common practice by legitimate vendors to include toolbars, add-ons/plug-ins and browser extensions. PUPs are considered unwanted because they can cause undesirable system performance or other problems and are sometimes installed without the user's consent since they are often included when downloading legitimate programs. Some, users intentionally install programs with PUP characteristics because they are willing to trade-off the undesirable effects for the benefits provided by using them.

PUPs may also be defined somewhat differently by various security vendors and may or may not be detected/removed based on that definition. That fact adds to confusion and a lot of complaints from end users asking why a detection was not made on a particular file (program) they are having issues with. Malwarebytes has an aggressive PUP Policy and has even taken a tougher stance...see here.

Some programs falling into the PUP category have legitimate uses in contexts where an authorized user or administrator has knowingly installed it. Since PUP detections do not necessarily mean the file is malicious or a bad program, in some cases the detection may be a "false positive". Anti-virus/Anti-Malware scanners cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert you or even automatically remove them. Usually, if you installed or recognize the program and it is not causing any issues, you can ignore the detection or add to it's exclusion list. If not or you downloaded it from an untrusted site, then you need to investigate further.
 

I do not recommend downloading anything from CNET, Download.com, BrotherSoft, Softonic, FreewareFiles and Tucows and similar third-party download hosting sites, you always have to be careful with deceptive download links and bundling of unwanted software.

To learn more about PUPs and how you get them, please read: About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs)
 


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 terryw45

terryw45
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:12:34 AM

Posted 31 March 2017 - 02:58 AM

Quietman7,

Thankyou for your reply, especially in terms I can understand !



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,938 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:34 PM

Posted 31 March 2017 - 05:40 AM

You're welcom
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,638 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:34 AM

Posted 01 April 2017 - 02:28 AM

Can you submit that program from softronic to VirusTotal? https://www.virustotal.com

And report the link back here?

 

Thanks.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#6 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,265 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:03:34 PM

Posted 01 April 2017 - 02:36 PM

One of the most common ways to unintentionally install PUPs is though installing downloaded programs.  Authors of downloaded programs often will earn extra revenue by allowing other authors to add third party software. There are two methods to install these downloads, Express (usually suggested) and the Custom installation.  If you use the Express method it will automatically install the advertised download, but it will also automatically install the third party software which often contains PUPs.  If you use the Custom method you will be able to read through the different downloads and decide if you want the software or not.  If you do this and see software you are not familiar with Google it to see just what it is.  If you have any qualms about the veracity of a program you can always use Should I remove it
to see exactly what it is.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users