Author Topic: What can Win32:Pup-gen do?  (Read 53963 times)

0 Members and 1 Guest are viewing this topic.

Damstas

  • Guest
What can Win32:Pup-gen do?
« on: May 25, 2011, 07:46:39 PM »
Win32:Pup-gen [PUP] was found on my computer and Avast deleted it.
Have it done something on my computer?
Or when i have logged previously can it transport my passwords to somewhere..?

EDIT: What viruses can even send your login info somewhere?

Offline Left123

  • There Is No Patch For Human Stupidity.
  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1048
  • Proud Community Member&Helper.
Re: What can Win32:Pup-gen do?
« Reply #1 on: May 25, 2011, 08:09:17 PM »
PUP=potentially unwanted program.It doesn't belong to keyloggers,backdoors,spyware family etc.
AMD Athlon(tm) X2 Dual-Core Processor 4200+ - 2.20 GHz,3,00 GB RAM -
Browser:Mozilla Firefox +WOT - SoftWare:CCleaner - Windows 7 32 bit
No Anti-Virus

Damstas

  • Guest
Re: What can Win32:Pup-gen do?
« Reply #2 on: May 25, 2011, 08:13:33 PM »
Ok.. but.. What can it do on computer?

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88897
  • No support PMs thanks
Re: What can Win32:Pup-gen do?
« Reply #3 on: May 25, 2011, 08:46:23 PM »
First you have to ask avast to scan for PUPs in the on-demand scan and second it doesn't delete it unless you say it should ?

Deletion isn't really a good first option (you have none left), 'first do no harm' don't delete, send virus to the chest (a protected area) and investigate.

We can't say what it might or might not do to your system as we have no information to work with.

PUPs are generally programs that can have a dual purpose, malicious or a tool. Like any tool it could be used for good or evil and intent is hard to determine, hence the PUP category as it is only the user that can determine intent.
e.g. did you install it and do you know what it does.
Because you need to have some knowledge of what is on your system to be able to answer this PUP question, I feel that is why it isn't enabled by default.

What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ? 
For detection on on demand scans, check C:\Documents And Settings\All Users\Application Data\Alwil Software\Avast5\Log  (Windows 2000, Windows XP). Or C:\ProgramData\Alwil Software\Avast5\log (windows Vista, windows 7).
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Damstas

  • Guest
Re: What can Win32:Pup-gen do?
« Reply #4 on: May 25, 2011, 10:04:19 PM »
Thanks David for a big answer. The file came from some download that i did. It was on desktop, and is now gone, so there shouldn´t be any threats anymore?

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88897
  • No support PMs thanks
Re: What can Win32:Pup-gen do?
« Reply #5 on: May 25, 2011, 11:15:02 PM »
There shouldn't be a problem provided it hasn't been run, but it is important to state what the file name was, so those locations arrowed and also the file system shield file if it wasn't found on the on-demand scan.

With this information we can get a better understanding of what it was and any associated risk.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: What can Win32:Pup-gen do?
« Reply #6 on: May 26, 2011, 12:41:12 AM »
There was a similar thread on this subject here: http://forum.avast.com/index.php?topic=74135.0
Potentially Unwanted Programs are potentially unwanted as the user of the computer did not install it willfully and knowingly. If that isn't the case the program can be considered a risktool.
Had the program been installed, then a System restore to a point before the infection occured in Safe Mode also had been a secure way of removing a Win32:Pup-gen infection. A full avast bootscan should then follow this procedure,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!