Hi, I have 4 dedicated windows machines doing distributed computing. I checked in on one & it acted funny, I dl ADW cleaner & it found 4 PUP's (potentially unwanted programs) & removed. After the reboot the machine was stable. Are PUP's actual infections, or do they just have the potential to become infections? This machine uses AV 360 Total free. Were the PUP's in the browser, so 360 did not see? Should I ditch 360? Since one was acting strange, I decided to try portable AV's (av on USB): I tried Clam, takes quite awhile to scan. ON 3 machines used EMSIsoft emergency tool kit. Scanned for malware, very quick. Is one better than another, or a different one recommended? Why is it ADW seems to see things AV's don't, if an AV want's to be everything shouldn't it see what ADW sees as well? After ADW on the one, all 4 had zero detection's per EMSI. Thanks Rico
They are neither. PUP is an acronym for Potentially Unwanted Program. A few years ago, software that came bundled as unwanted extras with other software, was classified as being unwanted. These PUPs were not malicious, but could be considered a nuisance because they were often installed on computers when someone installed other software, as opposed to the user intentionally downloading and installing them. As I'm sure you are aware, when installers come bundled with extra software, almost always, you have to manually opt out of installing the extras, or they will get installed too. In more recent times, the definition of PUPs has expanded to include a lot of software such as registry/junk cleaners and driver updaters, even when they are not products they come bundled with other software. The reason for this is that often the publishers of such software often make high exaggerated and misleading claims of the benefits of the software, to increase sales. Also often these types of programs launch which you start Windows and will provide regular annoying popups, showing how many errors or outdated drivers they have found, in order to coerce you into buying the full versions. You said that ADW detected some PUPs that both 360 and Emsisoft failed to detect. This is actually quite normal. Because PUPs are just an annoyance, rather than being actual threats, often antivirus software will fail to detect them. As mentioned, ADWCleaner does an excellent job of detecting PUPs and so does Malwarebytes and HitmanPro. With regard to antivirus software DrWeb does an excellent job of detecting then and ESET products do well too, but with other antiviruses it's hit and miss. This doesn't matter, when there are apps like ADWcleaner and Malwarebytes with specialise in detecting them. Also, a program that one vendor classifies as a PUP, another vendor may not consider it to a PUP and may not detect it for that reason. Because PUPs are not malicious, it's really up to you if you want to remove them or not. For example, I've got a number of programs installed on my computer that AdwCleaner and Malwarebytes classify as PUPs. But, because it's software that I use and knowingly installed, I won't let AdwCleaner or any other software remove them. My advice to you is that if AdwCleaner ever detects software you actually use as being a PUP, don't let it remove it. If on the other hand it's something you don't recognise, then you may want to remove it. You can right click on anything that AdwCleaner detects and you will see the option add to Exclusions List. You can do this for anything you want to keep, so that it does not get detected in subsequent scans. If you do have an issue with unwanted extras getting installed. Other than paying close attention when installing software, to make sure you opt out installing any unwanted extras, you could install the excellent Unchecky. It automatically opts out of installing extras, so you don't have to do it yourself. With regards to 360, missing the PUPs, it's nothing to be concerned about, as PUPs are not malicious and as I've already explained, AV software typically doesn't do very well at detecting PUPs. Before anyone responds that PUPs are actually harmful. Well there are exceptionally rare cases, where this may be true. But for the most part they are just "Potentially Unwanted."
'Acted funny' should be clarified. It does not mean that finding PUPs and PC acting funny are related at all. You should have also stated which exact PUPs did you find. I don't claim to be an expert on PUPs, but simple logic is that if they had the potential to become malware then they would not be called PUPs but simply malware. With that said, PUPs are known to slow down systems, display ads, mine bitcoin and do similar non-destructive but certainly undesirable activities. To reduce the number of false positives is one of the reasons. PUPs are not really harmful and flagging a pesky critter in the same way you flag a godzilla can induce palpitations with certain % of users. For them, things are much clearer with a dedicated tool. Also, legal actions have been taken against AV companies that flag PUPs since what they do is not illegal (you gave it consent i.e. and installed the PUP consciously).
Per Wilders TOS I don't think I can say this straightforward. So read between the lines. 360 will never touch my machines. EEK [EMSIsoft emergency tool kit] is on my machine, wouldn't be without it. Clam has NEVER had a Final Version. ADW cleaner is very comprehensive & has led to some inconveniences [not problems] here.
It's not a "tool kit" else it would be EETK, not EEK. I, too, am an EEK fan (or an "EEK freak" as they say in Nerdoslobovia). That smacks of anti-sino-ism. Neither has Avira or Avast or Kaspersky, etc etc etc. In fact, ANY antivirus that has had a truly final version is dead & gone. Defunct. Kaput. DOA. KIA. Moribund. Gone to AV heaven. (Dr. Solomon and BOClean and Threatfire each had a final version. R.I.P. I STILL miss them. )
Picky picky lol. In order. My minor error. It's Anti-spyism not ethnic dependent either. Avira or Avast or Kaspersky all have final versions & might have beta versions before their final versions.
I loooved F-Prot!!! Also Twister (it's still around but not maintained current, sad to say. It had a good sized following here at Wilders, in days of yore -- when skies were blue and meadowlarks warbled sweetly and dear old Ronnie was in the White House and we all stood proudly when the National Anthem was played.) F-prot had its birthing in Iceland. F-Prot was a splendid AV, sired in what is surely one of the most spectacularly beautiful places on God's green earth. It's on my bucket list to visit there. Back in those days, ESET had its forum here, known then as NOD32. Look'n'Stop FW was born in France but it grew up here at Wilders. The proponent of A-squared (now Emsisoft) visited here often for critique and encouragement, as did the proponent of BOClean and the founder of AV-Comparatives. More than just those 5 examples, these forums have been a nursery for the birthing of many MANY other security apps that have grown into well-known maturity. Paul Wilders, the founder of this forum, was one of THE major pioneers of mentoring people to become security conscious & security smart, as well as providing a venue where new security apps could get skilled, friendly beta help and grow in effectiveness & popularity. Many of us do not realize the many years of faithful stewardship and mentoring that form the strong foundation for wilderssecurity.com. I wish LowWaterMark & Ronjor & Stapp and the other old-timer Mods & ex-Mods (bless you, FanJ) would post a sticky to summarize the amazing history of these forums and of the security apps and program originators that have sojourned here from time to time, over the years.
I 2nd a sticky on the history of Wilders. And bellgamin thanks for the brief action packed history. I'd like to see that expanded on if you wanted to do it.
Hi Guys, Thanks for the refresher course! Allot of this I knew about, but I have neglected my studying 'malware' for 5+ yrs now. I feel pretty silly, specially about the PUP thing, as years ago, I would have said the same thing. I did not expand on "acting funny", as I immediately suspected, malware. When ADW found the PUPs' & reboot, funny was gone, I thought perhaps PUP's changed, or my understanding was in complete. All 4 DC computers are accessed by Team Viewer, I monitor temps by Speccy, I recently (one week ago), cleaned all the dust bunnies, & temps, are hotter than normal PC. All run full blast 24/7, with two video cards each, 1070's to least shraders 750ti. All with new fancy CPU coolers & more fans, with more powerful fans (moves more CFM air movement), funny was was one mouse click & could not click again, closing team viewer & re-connecting allowed one more click, then kind a frozen. ctrl-alt-del did not work. With my one click, turned off F@H (dc project), did not change anything, reboot did not help. ADW 5 pup's & back to normal. Hmmm! Is my understanding of pup's incomplete, I wondered. Next is 360 Total something I should consider abandoning, (years ago SAS was good, now not so much). Then I thought 2nd opinion, instead of hours long AV scan on line from AV vendors. How about a portable, in the past never had much luck with Clam, awhile back, devoted user of EMSI. @bellgamin - Great reminiscing, remember Blackspear, I believe he had a pages long, instructions on hardening, was it NOD32? Another great one was Calendar of Updates (RIP Donna), no resurrected, by some Wilders guys. Reference to Ronnie, too political. I wonder whatever happened to "Bubba?" Also for me bucket list, Iceland.
Hardly any computers have the capacity to run 24/7 trouble-free. Some people moan about that. But Mission Critical machines are not sold off the shelf. I'd guess the "funny" could be the result.
Utter nonsense. His era was in the 80's, nearly 30 years ago. I was in my late 50's back then, & my grandkids were still toddlers. Salad days! Mentioning the Gipper is no more political than mentioning Jefferson or Eisenhower or good old "give 'em hell" Harry Truman. Good grief, it's history, not politics.
