Malicious software authors have shifted their focus from illegal and malicious software to potentially unwanted applications (PUA) also know as potentially unwanted programs (PUPs) to earn revenue. Potentially Unwanted Applications (PUAs) blur the border between legitimate and illegitimate programs and thus fall within a grey zone.

As the computer security industry has grown, many technologies have emerged that can identify software applications that are truly malicious without too much difficulty. However, there are many other applications that are not as easy to define and whose maliciousness cannot always be confirmed. This type of application is now commonly referred to as a  potentially unwanted application (PUA) or potentially unwanted program (PUP).

Existing anti-virus and anti-spyware software are, in many instances,unable to detect previously unseen or zero-day attacks and separate PUAs from legitimate software. 

 In particular, there may be concerns about how these applications store and handle user data, or exercise privileges that allow them to monitor and modify system settings.

Type of Potentially Unwanted Applications

There are several varieties of software that, on a given system, could be classified as potentially unwanted. Not all of them are necessarily designed to cause physical or digital damage. Potentially Unwanted Applications (PUA’s) can’t be taken for malware in all cases. PUA vendors make different types of PUAs.

AdWare, SpyWare, RiskWare, and PornWare are the four classes of the program which are categorized as potentially unwanted.Unlike malware applications, PUAs or PUPs do not infect or destroy the end user’s system directly. But this does not mean they are harmless. In fact, they can actually be more dangerous than certain viruses and spyware.Potentially unwanted software can be a catalyst for the introduction of malware to a system and subsequently increase the possibility of infection or of user data to be stolen. Here are some common behaviors of potentially unwanted software. 

Adware ( not a virus ) Applications Infection

Users commonly download applications that possess features they don’t understand. Moreover, they may not read through all the information in the pre-installation window. PUPs or PUAs target these user habits. Offering users adware applications during installation is a very common method of pushing suspicious programs through to the end-user system.

Pop-up promotions, in-line advertising, and browser toolbars offering stuff for sale are among the preferred media for adware applications. These may be simply annoying or – if they feature as an unintended element of an online service or business venture – unprofessional-looking and distracting to users and consumers.

More sinister breeds of adware may be deployed as a means of luring unsuspecting users to malicious websites or to prompt the download of malware. Examples would include bogus warnings that “Your system has a virus. Click HERE to…” or fake reminders that software or operating system components may be out of date.

Spyware ( not a virus ) Applications Infection

Spyware is often legally used since installations can be authorized as part of the licensed “clickwrap” agreement that users agree to when downloading free utility and file-sharing programs from the Internet. In some cases, spyware is installed as part of legitimate computer applications provided by the business to their customers, to provide updating and communicative functionality to application users.

Spyware enables its controllers to observe and occasionally extract information stored on a host system, or passing through a network. It can take various forms, including traceable tokens in file storage areas, in-line monitoring utilities for network traffic streams, key-loggers to record keyboard strokes and mouse pointer movements or call recording tools for telecommunications.

Non-malicious spyware can assist business organizations in keeping tabs on the activities of their workers and assessing their performance. It can also be used to monitor the activity and behavior of customers and website visitors. These practices can be of benefit to an enterprise.

On the other hand with spyware, you can check on the computer activities of your friends and can be used to steal passwords or intellectual property. It’s one of the oldest and most widespread threats on the Internet, secretly infecting your computer in order to initiate a variety of illegal activities, including identity theft or a data breach.

Riskware covers legitimate programs, some of which are sold publicly and commonly used for legitimate purposes, which can cause damage when they fall into the hands of malicious users. Programs in this class include remote administration utilities, IRC clients, dialer programs, file downloaders, software for monitoring computer activity, password management utilities, and numerous Internet server services such as FTP, web, proxy, and telnet.

Pornware (not a virus) application infection

Pornware represents programs and other infected files that will force users to display and run adult content. The best definition is offered by Kaspersky Lab, a powerful fighter against all types of infected files: “The term Pornware denotes programs which are involved in causing pornographic content to be displayed to the user”. The Pornware class currently includes Porn-Dialer, Porn-Downloader, and Porn-Tool programs. Dialers connect to pornographic phone services.

Downloader programs will download pornographic material to the host machine. Porn-Tool covers all types of utilities that are connected with searching for and displaying pornographic material (e.g. special browser toolbars or video players). Pornware programs may be installed by a user deliberately in order to search for and access pornographic material. In such cases, the programs are not viewed as being malicious.