Potentially Unwanted Applications

Potentially Unwanted Applications Directory

Potentially Unwanted Applications will piggyback off of legitimate software and install themselves onto your system.


PUA: Potentially Unwanted Applications

PUAs (also known as potentially unwanted programs or PUPs) piggyback off of legitimate software and install onto your system. PUAs have become more of an issue on the Internet since software development is no longer a process that only big companies can deliver. Software development tools allow the individual to create applications, and these programs aren’t always beneficial. Sometimes, they are malicious programs such as adware, spyware, viruses, trojans or any other form of malware.


History of PUAs

The most popular history of PUAs was in the early 2000s. A company named Zango offered software in exchange for targeted advertising. The targeted advertising was unwanted popups, spyware behavior, and browser hijacking. The company was first listed as malware by several antivirus programs. It was later blocked by Internet content blockers. Finally, in 2009, Zango filed for bankruptcy after numerous reports of suspicious behavior.

Spying Icon

The term PUA was first used by McAfee to describe spyware installed through normal authorization channels. Zango started a trend for malware writers who bundled software with these PUAs that performed several different malicious activities on a user’s computer. Some would just install adware. Others would have much more devastating effects such as spyware stealing private information from the computer user’s machine. Others acted as trojans that made the computer vulnerable to other cyber threats.

This type of malware has increasingly become more popular to steal webmaster accounts, hijack domains, steal email services, and gain access to site analytics. In other words, PUAs are popular in the online hosting world. Malware creators have also moved on to Chrome extensions as an install vector.


What Does a PUA Do?

A PUA looks like legitimate software. Sometimes, it’s packaged with legitimate software installers. After you install an application, have you ever received a window asking if you want to install a secondary application unrelated to the one you just installed? This is the common way a PUA installs on your machine. Most people think the secondary application is from the same company, or they think it’s needed to run the primary program. Instead, they install a PUA.

What makes these programs distinct from other malware applications is that PUAs are actually installed with the computer owner’s permission. The installation first asks the user for permission, or the software installation is a part of the user agreement. However, most users don’t read the terms of service when installing software, so PUAs are installed frequently across several computers.

Potentially Unwanted Applications

Alert Icon

What a PUA actually does on a computer depends on what application was installed. One common activity is redirecting browser home pages and search engines. Instead of seeing the home page as the default when you open your browser, you see a site that’s usually made for ad revenue. PUAs also redirect users to an ad-related search engines. They change both of these settings automatically, and some are aggressive when the user attempts to change the settings back.

Spyware is common with PUAs. Spyware scans the computer for personal files, or it logs keystrokes and sends the information to a hacker. These keystrokes include web pages, user names and passwords used to log in to critical applications. Spyware is common with Internet fraud, identity theft, and fraudulent credit card activity.

PUAs also install proxy services on the machine. Proxy services send all web traffic to a middleman server that then sends the user’s browser to the correct website. The middleman server is hosted by the PUA creator. It lets him track user habits and interests in an effort to gain analytical data.

For users that leave cookies on their machines, a PUA can run behind the scenes to steal the cookie file’s information and use it to connect to websites. The connections allow the hacker to install malicious software without the user’s consent.

Some people still use dialup Internet access. PUAs scan a user’s computer and identify if a dialer or modem is installed. If one is detected, the PUA dials paid phone services and create charges on the user’s telephone account. This is also common with PUAs installed on cellular devices.


How to Avoid PUAs

Since PUAs are commonly installed with permission from the computer user, the best way to avoid them is by reading the terms during installation and choosing “No” when prompted to install a secondary program. This isn’t a completely safe way to avoid them, but it greatly reduces the chance that you’ll install a PUA on your computer.

Some PUAs have been classified as malware by antivirus software. With antivirus installed, most PUAs are blocked from installation.

When you see a window asking if you want to install software that is irrelevant to what you need, decline the installation. This includes any installations you find on the Internet. Never download applications from third-party sources. Third party websites package PUAs with legitimate software to trick users into voluntarily installing malware. You avoid this malware vector by downloading software only from the application vendor or developer.


How to Remove PUAs

Some PUAs have uninstall programs that you can use to remove them. Windows users can find the uninstaller in the Control Panel.

More malicious software doesn’t offer any way to remove it. Antivirus companies provide manual steps for removing PUAs. Just Google the name of the software and the name of your antivirus program, and you’ll find steps to remove a PUA.

Stop Icon

The best and easiest way to remove a PUA is to keep your antivirus software updated. If the software is listed as spyware or any other type of malware, your antivirus software should remove it after you update definition files. If you’ve already installed updated definition files, the antivirus application should block the program from installing without the need to remove it.

PUAs force browser hijacks, so changing your home page and search engine settings usually doesn’t work permanently. You need to manually disable the extensions. Extensions are a service offered by Firefox and Chrome. Disabling the extensions usually stops the PUA from affecting browser activity. You still need to perform manual steps for PUA removal, but disabling is half the battle of removing the malware from your system.

© Solvusoft Corporation 2011-2023. All Rights Reserved.