Author Topic: What can Win32:Pup-gen do?  (Read 9513 times)

Offline Damstas

  • Jr. Member
  • **
  • Posts: 41
    • Personal Message (Offline)
What can Win32:Pup-gen do?
« on: May 25, 2011, 05:46:39 PM »
Win32:Pup-gen [PUP] was found on my computer and Avast deleted it.
Have it done something on my computer?
Or when i have logged previously can it transport my passwords to somewhere..?

EDIT: What viruses can even send your login info somewhere?

Offline Left123

  • There Is No Patch For Human Stupidity.
  • avast! Evangelist
  • Advanced Poster
  • ***
  • Posts: 1052
  • Gender: Male
  • Proud Community Member&Helper.
    • Personal Message (Offline)
Re: What can Win32:Pup-gen do?
« Reply #1 on: May 25, 2011, 06:09:17 PM »
PUP=potentially unwanted program.It doesn't belong to keyloggers,backdoors,spyware family etc.
AMD Athlon(tm) X2 Dual-Core Processor 4200+ - 2.20 GHz,3,00 GB RAM -
Browser:Mozilla Firefox +WOT - SoftWare:CCleaner - Windows 7 32 bit
No Anti-Virus

Offline Damstas

  • Jr. Member
  • **
  • Posts: 41
    • Personal Message (Offline)
Re: What can Win32:Pup-gen do?
« Reply #2 on: May 25, 2011, 06:13:33 PM »
Ok.. but.. What can it do on computer?

Offline DavidR

  • avast! Überevangelist
  • Certainly Bot
  • *****
  • Posts: 69213
  • Gender: Male
  • No support PMs thanks
    • Personal Message (Offline)
Re: What can Win32:Pup-gen do?
« Reply #3 on: May 25, 2011, 06:46:23 PM »
First you have to ask avast to scan for PUPs in the on-demand scan and second it doesn't delete it unless you say it should ?

Deletion isn't really a good first option (you have none left), 'first do no harm' don't delete, send virus to the chest (a protected area) and investigate.

We can't say what it might or might not do to your system as we have no information to work with.

PUPs are generally programs that can have a dual purpose, malicious or a tool. Like any tool it could be used for good or evil and intent is hard to determine, hence the PUP category as it is only the user that can determine intent.
e.g. did you install it and do you know what it does.
Because you need to have some knowledge of what is on your system to be able to answer this PUP question, I feel that is why it isn't enabled by default.

What is the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ? 
For detection on on demand scans, check C:\Documents And Settings\All Users\Application Data\Alwil Software\Avast5\Log  (Windows 2000, Windows XP). Or C:\ProgramData\Alwil Software\Avast5\log (windows Vista, windows 7).
Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/ avast! free 2014 9.0.2018/ Outpost Firewall Pro9.1/ Firefox 28.0, NoScript, RequestPolicy/ MailWasher Pro/ DropMyRights/ MalwareBytes AntiMalware Premium 2.0.1/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security

Offline Damstas

  • Jr. Member
  • **
  • Posts: 41
    • Personal Message (Offline)
Re: What can Win32:Pup-gen do?
« Reply #4 on: May 25, 2011, 08:04:19 PM »
Thanks David for a big answer. The file came from some download that i did. It was on desktop, and is now gone, so there shouldn´t be any threats anymore?

Offline DavidR

  • avast! Überevangelist
  • Certainly Bot
  • *****
  • Posts: 69213
  • Gender: Male
  • No support PMs thanks
    • Personal Message (Offline)
Re: What can Win32:Pup-gen do?
« Reply #5 on: May 25, 2011, 09:15:02 PM »
There shouldn't be a problem provided it hasn't been run, but it is important to state what the file name was, so those locations arrowed and also the file system shield file if it wasn't found on the on-demand scan.

With this information we can get a better understanding of what it was and any associated risk.
Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/ avast! free 2014 9.0.2018/ Outpost Firewall Pro9.1/ Firefox 28.0, NoScript, RequestPolicy/ MailWasher Pro/ DropMyRights/ MalwareBytes AntiMalware Premium 2.0.1/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security

Offline polonus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 20140
  • Gender: Male
  • malware fighter
    • Personal Message (Offline)
Re: What can Win32:Pup-gen do?
« Reply #6 on: May 25, 2011, 10:41:12 PM »
There was a similar thread on this subject here: http://forum.avast.com/index.php?topic=74135.0
Potentially Unwanted Programs are potentially unwanted as the user of the computer did not install it willfully and knowingly. If that isn't the case the program can be considered a risktool.
Had the program been installed, then a System restore to a point before the infection occured in Safe Mode also had been a secure way of removing a Win32:Pup-gen infection. A full avast bootscan should then follow this procedure,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now