Potentially unwanted programs, also known as PUPs, are a real threat. A Jblog post on CERT.org shows the pervasiveness of such programs on search engine results, software portals, popups, ads, etc. We are all annoyed by software that bundles other applications that we didn’t ask for. You want a specific application, but depending on what the application is, where you downloaded it from, and how carefully you paid attention to the installation process, you could have some extra goodies that came along for the ride. You might have components referred to as adware, malware, scareware, potentially unwanted programs (PUPs), or ransomware. Sure, these may be annoyances, but there’s an even more important security aspect to these types of applications: attack surface.
Recently I was working in a virtual machine, and I needed to extract an archive. 7-Zip seemed like a reasonable choice, so I used the default search engine in the default browser in the virtual machine.
I encountered quite the minefield, and I hadn’t even gotten to the point of downloading anything yet! It’s not that any of the sites outlined in red are necessarily malicious, but rather, if 7-zip is installed from any of those sites, I will likely end up with additional unwanted software. This got me wondering about what sort of software other folks might be downloading.
There are sites that are known for bundling installers for the purpose of generating advertising revenue, such as Download.com, Softonic.com, or Winstally.com. Let’s look at a single download from one of the many sites where you can download software, in particular, KMPlayer from CNET Download.com. I chose this application from the list of popular downloads that Download.com provides. In any given week, this application is downloaded approximately half a million times.
Call Ace Computer Guy to remove potentially unwanted programs from your computer.