PUPs are short for “personal use passwords.” They are passwords that are used by individuals for their personal online accounts, such as email, social media, and even their work accounts. PUPs can be a serious security threat because they can easily be guessed or stolen by someone who has access to your computer. There are a few ways to protect yourself from PUPs. First, make sure that you have strong passwords and use them only for personal uses. Second, keep your computer updated with the latest security patches and software. Third, never share your personal password with anyone else – even if they offer to help you protect your account. Finally, be sure to keep your PUPs secure – store them in a safe place and never give them away to anyone else.


Antimalware programs like Malwarebytes pop up warnings when they detect “potentially unwanted programs” you might want to remove. People call PUPs many other names, including “adware” and “crapware.” You almost certainly don’t want these programs on your computer, but they’re categorized differently for legal reasons.

Malware is a type of malicious software that infects your computer without your permission. “Potentially unwanted programs” often arrive bundled with other software and often have a EULA you probably clicked right through. PUP developers can argue their programs aren’t malware.

What is a Potentially Unwanted Program, or PUP?

RELATED: Defend Your Windows PC From Junkware: 5 Lines of Defense

The quick answer is that “potentially unwanted program” isn’t the best name. Instead, these programs should really be called “almost certainly unwanted programs.” In fact, if someone does want one of these “potentially unwanted programs” installed, there’s a good chance that person doesn’t fully understand what that program is doing on their computer.

These are programs which don’t really do anything good for you. For example, browser toolbars that clutter your browser, track your web browsing, and show additional advertisements to you are “potentially unwanted programs.” A Bitcoin-mining program like the one uTorrent once included is a “potentially unwanted program.”

Note that these programs do absolutely nothing good on your computer — they slow it down, track you, clutter the system, and show you additional advertisements.

The key difference is how a potentially unwanted program arrives. “Malware” is malicious software that arrives without your express permission. “Potentially unwanted programs” are programs that arrive along with a EULA that tricks you into installing them.

Why They’re Called PUPs and Not Malware

RELATED: Yes, Every Freeware Download Site is Serving Crapware (Here’s the Proof)

There’s a lot of money in crapware. All the big free Windows software download sites bundle crapware — even SourceForge does! And it’s now become normal for Mac freeware download sites to bundle potentially unwanted programs, too. If you download and install this stuff, your computer wasn’t infected against your will — you agreed to some fine print and gave the company permission to run this stuff on your computer.

This is all completely legal, of course. Blocking such an application and labelling it “malware” would open up a company to lawsuits — at least, that appears to be the feeling across the industry. Antivirus companies like Avira have even been sued just for labelling software programs like these as “potentially unwanted programs.” Avira won that particular lawsuit, but they might have lost had gone farther and labelled that program flat-out malware.

By classifying these programs as just “potentially unwanted programs,” antimalware software creators are attempting to shield themselves from legal action while detecting software most people don’t want on their computers.

Whether an antimalware — or antivirus — application chooses to flag and detect PUPs is up to that individual engine. Some security software makers are more focused on malware, while others — Malwarebytes, for example — are more serious about detecting and removing PUPs.

What Do PUPs Do, Exactly?

So what does it take for a program to be considered a PUP? Well, Malwarebytes offers a list of behaviors that will cause Malwarebytes to flag a software program as a PUP. Advertising that obstructs content or interferes with web browsing, pop-up windows, pop-under windows, search engine hijacking, home page hijacking, toolbars with no value for the user, redirecting competitors’ websites, altering search results, replacing ads on web pages — these are all actions that will cause a program to be flagged as a PUP.

While this all may be arguably legal, this is all the sort of nasty stuff most people just wouldn’t want on their computers.

Should You Remove that PUP?

You almost certainly don’t want that potentially unwanted program installed — remove it. If you’re curious, perform a web search for the detected PUP’s name to see more information about it.

This is how the phrase “potentially unwanted program” is usually used by antimalware programs. But some antimalware tools sometimes include certain system and security-related tools in the PUP category to help their enterprise customers.

For example, a utility that finds and displays the product keys for installed software on your current PC might be categorized as a “PUP” so large businesses can prevent their employees from running this type of software on their workstations. A VNC program for remote-desktop access might be considered a “potentially unwanted program,” too.