• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos19 Stats

A PUP category

I had thought of the Idea od a PUP class of detection,  after a PC in front of me couldn't get past the "Welcome" screen on startup and I found a conflict between the AV installed and the 7 PUP's installed (yes 7)

I used Safe Mode to uninstall the AV then back in Normal Mode, although still slow going, I removed the 7 PUP's, with all objects.

A PUP grouping, For example,

PUP.babylon

PUP.conduit

PUP.ilivid

PUP.Freeze.com

PUP.mywebsearch_funwebproducts

...........................................

If Norton detects a PUP.[Program name] Norton pops up a dialog box telling the user Norton has detected PUP.[Program name]installed on the system (or being installed) and would you like 

 

(2 buttons)

 

a) No I want the program installed on my system

b) Yes, have Norton remove the program.

 

The a) option if click then has Norton also not detect that PUP.[Program name]  again in future

 

The b) option click then means Norton goes about removing the objects belonging to the PUP.[Program name]  in question including Drivers, Services, Files Folders,, Registry Keys (including uninstall keys) and so on, It could even be like Adwcleaner and reset the browser settings for search enging and homepage etc. as long as the browser is supported by Norton.

 

being a program (PUP) it is easy to remove the entries You could say basically Norton is uninstalling the PUP like Adwcleaner does.

 

Quads

Replies

Kudos0

Re: A PUP category

Quads,

Excellent suggestion!

Thanks.

A little bit of knowledge is... well a little bit of knowledge.
Kudos0

Re: A PUP category

I would add that Norton should launch the uninstaller for that program (if applicable) first before doing any cleanup. Personally, I prefer to remove PUPs with their own uninstaller first then use other programs to clean up the remnants.

Win10Pro | NS | MBAM | Spybot S&D | SpywareBlaster | Acronis Ransomware Protection | KeyScrambler Prem | O&O ShutUp10 | Ghostery | MAXA Cookie Manager | HostsMan | OpenDNS | NordVPN | CCleaner | JV16 PowerTools | PerfectDisk Pro~ www.needGod.com
Kudos0

Re: A PUP category

No need to, I don't when I am removing them, so Norton dowsn't need to.  Don't need to complicate things.

Quads

Kudos0

Re: A PUP category

Yes. Would be nice. 

Kudos0

Re: A PUP category

Great suggestion about PUP.  Could these PUPs be another way to gain unauthorized access to a system without being detected if a person allows them to be installed?  If that is the case, then this idea would help greatly.

Kudos0

Re: A PUP category

Symantec calls them PUA s instead of PUP's and are detected if bad enough.

Quads

Kudos1 Stats

Re: A PUP category

I came in here to suggest this very thing. Other AV solutions detect PUA/PUP, Norton should too.

Webroot even has a check box for detecting them in options! I've been waffling between Norton and them for a while now, weighing the pros/cons of each for my elderly parents who seem to click on every OK INFECT ME! SURE! GO AHEAD! pop up that comes up on their screen.

PUP/PUA detection would be a major headache reducer if Norton implemented this.

Kudos0

Re: A PUP category

I have already said Norton already does detect PUPs as PUAs if bad enough.

What is this  http://www.symantec.com/security_response/writeup.jsp?docid=2013-080900-1117-99  a PUA detection.

Quads

Kudos0

Re: A PUP category

I understand that, but I like your suggestion better. There should be a more proactive approach to all PUA's that present a challenge to remove and make sweeping changes to browser/homepage/searches.

If a PUA is as simple as using add/remove and that undoes everything it did, then I'm OK with Norton skipping it.

Kudos0

Re: A PUP category

Gorg,

One of the sad facts of computing life today is that no single security program can protect you 100% of the time from 100% of the threats being released by the thousands daily. That said, using one active scanner and one on demand scanner can improve protection. The other side of the coin is tha infection is a 'when' not an 'if'.

Stay well and surf safe

Dick Win 10x64 current current NSBU
Kudos2 Stats

Re: A PUP category

Because PUPs can generally be avoided by simply paying attention to the installation screens whenever you download a new program or update an existing one, I would not make PUP detection a primary consideration when choosing a security program.  If Norton's overall protection is superior to a competitor's, I certainly would not settle for the lesser security for the sake of allowing me to neglect my own oversight responsibility when adding or updating software.  Remember too, that PUPs are legitimate programs, albeit annoying and sometimes sneaky.  These companies pay to have their programs bundled with other software, and that income helps to keep many programs free.  Symantec cannot disrupt the business partnerships of legitimate companies by blocking the downloads, just because users who aren't paying attention may end up with an obnoxious toolbar or something similarly irritating but non-destructive.  As Quads points out, Norton does block those PUAs that cross the line from grayware to malware.

Kudos2 Stats

Re: A PUP category

You make a good point Jive, but in this time of elderly relatives and children online, there has to be much less expectation for "over-sight responsibility".  Symantec's need to "protect" its business relationships would seem to incur an obligation to choose wisely rather than allow all and sundry.  After all, 90% of this stuff is garbage.  We are not talking about a McAfee scan embedded with a Flash download.

Under certain circumstances profanity provides relief denied even to prayer.Mark Twain
Kudos0

Re: A PUP category


delphinium wrote:

...in this time of elderly relatives and children online, there has to be much less expectation for "over-sight responsibility". 


...not to mention some of my friends, one of whom fell for the ol' cold call from Microsoft scam.  <sigh>

Kudos0

Re: A PUP category


SendOfJive wrote:

Because PUPs can generally be avoided by simply paying attention to the installation screens whenever you download a new program or update an existing one, I would not make PUP detection a primary consideration when choosing a security program.  If Norton's overall protection is superior to a competitor's, I certainly would not settle for the lesser security for the sake of allowing me to neglect my own oversight responsibility when adding or updating software.  Remember too, that PUPs are legitimate programs, albeit annoying and sometimes sneaky.  These companies pay to have their programs bundled with other software, and that income helps to keep many programs free.  Symantec cannot disrupt the business partnerships of legitimate companies by blocking the downloads, just because users who aren't paying attention may end up with an obnoxious toolbar or something similarly irritating but non-destructive.  As Quads points out, Norton does block those PUAs that cross the line from grayware to malware.


I did suggest a mechanism that Symantec could potentially implement that would address this "business partnership" dilemma here:

http://community.norton.com/t5/Norton-Internet-Security-Norton/AVG-Secure-Safe-Search-and-AVG-Security-Toolbar-Malware/m-p/992501/highlight/true#M241745

Kudos0

Re: A PUP category

Protection from potentially unwanted software (Pups) - This needs to be implmented ASAP!

Kudos3 Stats

Re: A PUP category

Quads,

A great suggestion.

I may be covering topics already covered in other replys but this is my contribution.

Programs would come into this category if they:

1. Do not provide an uninstall procedure that completely removes all trace.

2. Do not show as installed processes.

3. If they just pop up again if uninstalled or are stopped.

4. If they are so well hidden that they are almost impossible to find.

5. If they change the status on the folder to hidden or perform other acts to disguise their presence.

Surely any program that does any of the above and is not a genuine part of the OS should be considered as invasive and a potential invasion of privacy. There is clearly an attempt on the part of the authors to prevent their program from being removed. This is not  ethical business practice and they should be treated in the same way as malware.

Giving the option for people to keep Addware/PUPware if they want it is a good idea.

Targeted Adds are one thing but for my part I do not want adds popping up everywhere for products that I do not want, nor do I want flying saucer games or casino games appearing randomly on the screen most with no way of closing them down.

If this cannot be achieved then at least there should be an industry board/web site that lists all of the known PUPs and known methods of removing them.

Best wishes

Derek

Kudos3 Stats

Re: A PUP category

If one has to jump through all of these hoops to remove a PUP (or PUS  -  Potentially Unwanted Software), how much happier would the Norton user be who could be warned ahead of time while downloading/installing such a program?

http://info.trovi.com/Uninstall

Thank you for considering.

A little bit of knowledge is... well a little bit of knowledge.
Kudos0

Re: A PUP category

i would like to see PUP option in norton even if its not turned on by default most other respected security providers offer protection against PUP also i would like to see surf protection Privacy risks -Hosts that are used for advertising or tracking purposes to be able to block them like a certain company has implemented into there suite.

Kudos1 Stats

Re: A PUP category

Found a screenshot for ESET installed products article May 2014. for PUP, PUA settings

http://en.kioskea.net/faq/29951-eset-nod-32-enable-the-detection-of-pups

Quads

Kudos2 Stats

Re: A PUP category

Symantec employee Nate_C posted an announcement here for a new beta version of Norton Power Eraser (NPE) v. 4.3 that includes an "Unwanted Application Scanner" feature.  He later confirmed in message # 9 of that same thread that "PUPs, PUAs, Unwanted Applications, Browser Plugin Hijacks, are all targets for the Unwanted Application Scanner." This new NPE scanner will launch KB aritcles with removal instructions for unwanted applications that do not come with their own uninstaller.

I haven't tested this beta version of NPE but I'm not clear why Symantec chose to add PUP/PUA detection to NPE, which I consider to be an aggressive system recovery tool for finding rootkits and other deeply embedded malware.  If the Norton model doesn't include real-time protection to prevent PUPs/PUAs from being installed on my computer in the first place then I'm not sure what value it adds above and beyond a free on-demand MBAM or SUPERAntiSpyware scan.

----------
MS Windows 32-bit Vista Home Premium SP2 * Firefox 29.0.1 * IE 9.0 * NIS 2013 v. 20.5.0.28
HP Pavilion dv6835ca, Intel Core2Duo CPU T5550 @ 1.83 GHz, 3.0 GB RAM, NVIDIA GeForce 8400M GS

Kudos1 Stats

Re: A PUP category

I would like to add my voice to those who would like to see Norton/Symantec come out with Adware proction.  I got Pureleads and SearchProtect on my machine recently and it was a pain to get rid of them.  How did I know I got them? All three of my browsers stopped working.  So to say these things don't harm your sytem, is not entirely correct.

Kudos2 Stats

Re: A PUP category

I too echo what other posters have said: there needs to be real time protection against PUPs.

I try to be fairly diligent if i'm downloading a program not to add on 'extra features' (ie PUPs) that i don't want. But i may slip up, or there may be programs installed without my knowledge. I want a program to proactively help me avoid slip ups, or the installation routine working around me, and frankly, that's what i expected from the Norton product i have, 360.

I've used Norton Power Eraser, but in my case of browser hijacking, it removed the threat, only to have it return a short time after. This is without me installing any further programs. So i guess the hijacker installed some kind of buried kernel that reinstalls the program after it's been removed. Norton is not helping me if i have to spend time investigating how to do a better job of getting rid of these hijackers.

The other thing about Norton Power Eraser is that it used a very disruptive process, requiring me to shut my pc down, restart and run the program, shut down again, then restart to remove the problem. This took time and stopped me from working on other things.

PUPs may generally not be damaging to the system, but they are so annoying and may take time to get rid of (eg in finding solutions). In my case of browser hijacking, the hijacker replaced my default search engine, and also seemed to bring up ad related pages when i clicked something else. So i'd click something to look at it further, and an ad page would come up which i'd have to get rid of first before i could look at what i wanted to originally. This is not to mention other less visible 'features' of browser hijackers.

So again, please bring on real time monitoring of PUPs!

Kudos1 Stats

Re: A PUP category

I'm still don't know what a PUP is other than what it stands for. If Norton were to give an option whether or not to instal the program how would we know if we should allow or not?

My elderly father has had a number on his laptop over the past few years and he is very careful about what he does, they are found when I run Malwarebytes scan. He does take care when he goes online and rarely downloads anything other than Windows and Norton updates, what would he do on the odd occasion he would see this.

I mention my father but I wouldn't know what to do. Malewarebytes found PUP's on an odd accasion on my laptop, I would have no idea how they were installed at the time they were I am very careful wha I do online making sure all programs are completely upto date.

This is not to say the original idea is not good and helpful, just a plea for all of us who have no idea what PUP's are and their usefulness or need on a computer.

Michael 

Kudos1 Stats

Re: A PUP category

PUP's / PUA's  have been continually added under different groups

MyPCBackup                        Potentially Unwanted App 
Adware.DomaIQ                          Adware
RegCleanPro                         Misleading Application
OptimumPcBoost                  Potentially Unwanted App
Adware.WebexpEnhanced  Adware
Wajam                                    Potentially Unwanted App

Or as an SAPE, although the odd one like Newplayer is detected as a Trojan

Bear in mind there would be new release of installers out there

Quads

Kudos1 Stats

Re: A PUP category

OptimizerPro  Potentially Unwanted App
SearchProtect Potentially Unwanted App

Also has definitions for Norton to detect and remove.

Quads

Kudos0

Re: A PUP category

Now that it has a page for users to see, this low end PUP / PUA has been added (I have removed this from some systems but does not compare to the stubbornness of some PUP's)

http://www.symantec.com/security_response/writeup.jsp?docid=2014-101012-1531-99&tabid=2

Quads

Kudos0

Re: A PUP category

Members talk about the problem, but did not offer. Why? Employees virlab best customers know the weakness of the product.

PUP hard look, because they are not as aggressive at the code level, as malware. They are difficult to identify proactively. That is why the ability to search these programs have built in NPE. So far, only developed the most sophisticated measures of search, which will bring a lot of problems with regular use.

In recent years, new technology has been introduced SAPE for proactive search PUP and other.