These 5 antivirus suites keep potentially unwanted programs (PUPs) from biting

Potentially unwanted programs (PUPs) pack a nasty bite if left unchecked

Adware and potentially unwanted programs (PUPs) might not seem like viruses to some people, but they can wreak havoc and cause major annoyances. It's like comparing terriers to guard dogs: A misbehaved terrier (PUP) may not be as dangerous as a bad-tempered junkyard dog (virus), but the little ankle-biters can sure get on your nerves, and they tend to nip more often.

PUPs can change your web browser's homepage and search settings, and even redirect websites you try to visit. They can litter your browser with toolbars and install questionable PC cleaners and optimizers. They can also bombard you with ads that are often illegitimate and lead to further infestation of malware or viruses.

Though most antivirus programs are built to detect and remove more of the true viruses and other serious malware, some do offer protection against adware, spyware, and PUPs. However, you may have to enable the protection manually. 


In the AVG products, basic PUP and spyware protection is enabled by default. This protection is designed more to detect programs that are a security risk. Manually enabling additional protection may detect programs that are fairly harmless. However, that extra layer of defence can protect you from legitimate programs that could be misused.

Confirm the default PUP protection is still active, then consider turning on the additional protection as well.

To check these options, open AVG, click Options from the menu on the upper left corner and select Advanced settings. Double-click Computer Protection in the left part of the window, and then select AntiVirus.


The free and paid AVAST products also offer PUP protection, but it's turned off by default. Though they only have one setting related to how they classify the PUPs, there is a setting for each of the three protection shields: File System Shield, Mail Shield, and Web Shield. They refer to PUPs as programs you may have downloaded unknowingly, typically used for advertising or collecting information about your computer or Internet use.

I recommend enabling the PUP protection for all three shields. Open the AVAST program, click the Settings button, and select the Active Protection tab.

First, click the gear icon for File System Shield. Select the Sensitivity tab, click the Scan for potentially unwanted programs (PUPs) checkbox, and click OK.

Back in the Active Protection window, click the gear icon for Mail Shield.

Select the Sensitivity tab, click the Scan for potentially unwanted programs (PUPs) checkbox, and click OK.

Back on the Active Protection window, click the gear icon for Web Shield.

Select the Sensitivity tab, click the Scan for potentially unwanted programs (PUPs) checkbox, and click OK.


The Kaspersky products include PUP protection that they refer to as elevated riskware detection, defined as detecting software that can make your PC more vulnerable to attack. This includes programs like remote access software and keyloggers, but not toolbars and other software that requires user permission to install.

To enable the elevated riskware detection in Kaspersky Anti-Virus and Kaspersky Internet Security, open the program and click the Settings link on the bottom left of the window.

Select the Additional tab, then click Threats and Exclusions.

Click Detect other software that can be used by criminals to damage your computer or personal data and hit the back arrow.

In Kapersky PURE 3.0, the procedure is very similar, but the placement of the controls and links are different.

First, open up Kapersky PURE and click the Settings link in the upper-right section of the window. Next, click Threats and Exclusions, which is the bottom option under the first Protection tab, and click Objects Detection Settings.

Finally, check Other under the Adware, auto-dialers, other programs options.


Unlike the other vendors, ESET asks you during the initial installation of their products if you'd like to enable or disable what they call potentially unwanted applications (PUA). This enables or disables two of the three PUP-related settings:

The third setting, detection of potentially unsafe applications, detects legitimate commercial software that has the potential to be misused for malicious purposes, such as remote access tools, password-cracking applications, and keyloggers. This setting is turned off by default, even if you enable the PUA protection during the initial install.

Regardless of what you choose during the initial install, you can later access all three of the settings. Open the ESET application and select the Setup tab from the menu on the left.

Next, click Enter advanced setup... Double-click Computer and then select Antivirus and antispyware.

Activate the desired Scanner options and click OK.

Remember, the first and last options were either enabled or disabled during the initial installation. The middle option is considered extra protection that you must manually enable, if desired.


The protection from spyware and other potentially unwanted programs is turned on by McAfee automatically. However, you may want to verify it's still activated. Open the McAfee application and click the Schedule and run scans link.

Click the Real-Time Scanning link, then select Settings.

Scroll down, ensure the Spyware and other potentially unwanted programs checkbox is marked, and click Apply.

Unwanted programs by any name are still unwanted

Remember, antivirus vendors have varying definitions of what they refer to as adware, spyware, and PUPs. One may catch something the other wouldn't. If you still have issues with PUPs after enabling protection provided by your regular antivirus, consider an additional antimalware program that can run along with it. My favorite is MalwareBytes Antimalware.

Though enabling additional protections can help, the best way to combat these threats is educating yourself and other users on the tactics they use to invade your computer. Learn how to spot junk before it installs, and be careful where you browse and what you click and download.

Join the CSO newsletter!

Error: Please check your email address.

Tags securitysecurity softwaremalwareantivirus

More about AdvancedKaperskyKaspersky

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Eric Geier

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place