GridinSoft Threat Intelligence

PUP detection reports

Potentially unwanted programs, bundlers, installers, and utilities with intrusive behavior.

Detection category

PUP threat reports

Potentially unwanted programs, bundlers, installers, and utilities with intrusive behavior. ThreatInfo groups these records so analysts and users can review related filenames, hashes, and GridinSoft detection names from one place.

PUP reports cover potentially unwanted programs, bundlers, and utilities that may not be strictly malicious but still create risk or annoyance.

Indexed reports 33,500

Latest shown 60

Detected 33

Observed detection families

Common PUP verdicts

These are the most frequent GridinSoft detection names in the latest reports shown below. Repeated families help users recognize whether a file belongs to a broader campaign or bundled software cluster.

Adware.SweetIM 15 reports

General Threat 5 reports

PUP.Gen 3 reports

PUP.Systweak 3 reports

Adware.Eszjuxuan 1 reports

Hack.KMS 1 reports

PUP.Downloader 1 reports

PUP.ELEX 1 reports

Analyst focus

What to check first

For PUP triage, look for bundled components and persistence points before treating the file as trusted.

Installers that add extra software, browser extensions, or startup entries.
Aggressive notifications, system optimization claims, or unclear uninstall behavior.
Publisher, path, or product metadata that differs from the user-facing application name.

Frequent metadata

Publishers and products

Publishers APN LLC. 12 SweetLabs, Inc 5 UCWeb Inc. 4 APN 3 APN LLC 2 Elex do Brasil Participações Ltda 2

Products UC浏览器 4 App Explorer 2 Host App Service 2 Host App Service Updater 2 IDC Server Stub 2 IdcSrv 2

GridinSoft Anti-Malware

Scan for PUP detections

If a file from this category appears on your computer, verify the exact report and run a full system scan. GridinSoft Anti-Malware is used to detect and remove threats listed in ThreatInfo reports.

Download scanner

01 Match the hash

Use the MD5 value from the report. A filename alone is not enough because unrelated files can share the same name.

02 Review origin

Check the publisher, product name, certificate, and file path for mismatches or unfamiliar install locations.

03 Scan and remove

If the file is unexpected, scan the device and remove related startup entries, bundled components, and leftover files.

Recent reports

Latest PUP file records

A0427989.dll 2427fe812329ecd93304f5e4b64b16be Under review iSafeSvc.exe.bak 6fea419122dcfabd79a17fc6c9ffb0a6 PUP.ELEX ComputerZ_x64.sys 5fade7137c14a94b323f3b7886fba2a9 Under review $RP4488N.exe 94fef1eebf8b9ea06f49d7f8b7814826 Hack.KMS 9654796840502758392.exe 94bfdc941878aacd633d6c6596d0e3e6 Under review chrmstp.exe.del 539226398e549db4ad8dbfdef5049a65 General Threat stats_uploader.exe.del 5621e6f75d6576e39461747b25131813 General Threat UCAgent.exe.del 94e200359659754a01ce765421e85a3a General Threat $RECWO2B.exe 4bf9e4d6402010b6428664f6d94ceeb9 General Threat ucdrv-x86.sys.del 8ce04a3499594b3322932585f17f6293 Under review UCBrowser.exe.del 164d27c9830ccdf485bbd1701f9e577e General Threat $RM950EF.exe b47834aa24a378fd868230a695984774 PUP.Gen uclauncher-x64.exe.del 5141ea6b5f29546b2396c11bb003d392 Adware.Eszjuxuan cbsidlm-cbsi176-Flash_Video_Downloader_for_Google_Chrome-SEO 3a41815e8b51f2c408c90d56d6d5bf2a PUP.Downloader isxdl.dll 8221f21152e15f93258e2c990233313f PUP.SystemOptimizer sm.exe_ dd3c87a08c4d818857adb0ac11faca9b PUP.Systweak 10ea-22d8-9b9e-0a5b.exe 602cd1f0dd54e83de1413705aa378803 Under review A0061884.dll 157d3660fea65e2ebdcd48647720950c Under review A0054949.dll 55d44dc1ec699ffb6b3519a022153cac Under review A0054943.dll a8d8a483602be55485fc8c6d7b2b680f Under review A0054948.exe 9882e67a4555ea41cf177051c2ba8acc Under review IdcLdr.exe 0c0fc7162953c162d1e6e4c1274412d3 Under review IdcSrv.dll 19d62030c1124461a94fa6bccef70485 Under review IDC823E.tmp d92685007816eeec59d2072c8eab21a8 Under review A0054944.dll a40a8ed546f8667d6504d3facc1b7c38 Under review Dd29313.dll 8281fdc4f6a1fff661f0f19dd27e4697 Under review IDC81ED.tmp f0c25ed699ad52e411745f64299bb58d Under review TBNotifier.exe 4b0f7b45ad1b59858c0a0d9fa07c9f05 Under review A0237965.exe 5ab1619363cd6d32defd85f7a5973ab3 Under review A0054950.dll 8f0f88bd0e4dec0305e19ac88784817c Under review A0054946.dll 51d8129c77c091a76a327effc7d9c630 Under review A0054942.exe 265df1773951ac9fd16f034151157be3 Under review A0054945.exe a5bc93782cb9878183273dfe4e9a0fed Under review IdcSrv_x64.dll 92312b611f43e7f92a28ed982f0c684d Under review A0054940.exe f22a3ae791c78a31763499585180e46a Under review A0054947.dll ab3c0aa9a2425a5818a2f07402476f0a Under review roboot.exe e13eb9e063046524a63872851eebde37 PUP.Systweak Alcatel Setup_DriverDoc_2016.exe 7da6f3c5c9be4a3a53c520b19c9309a1 Under review qbshellicon2caf53b6.dll 4298ef1f49d563b2190ae5783468a58c Under review librtmp - Copie.dll 921b64a7dace4c93161b942b80b6b41b Under review HostAppService (1).exe da746ebbb1e7952da96ef0e0667fc740 Adware.SweetIM Uninstall (1).exe 0af5ae13508809e9a4bfe97186eec49c Adware.SweetIM HostAppServiceUpdater (1).exe#B3D56172C1308D4E 8cf918763c40167b8076ab103de27317 Adware.SweetIM HostAppServiceUpdater (1).exe 9a559763613b503245d425462f0727ca Adware.SweetIM vnlgp.exe.quarantined 7074c607215960a79457e8d76990c212 Risk.CoinMiner Uninstall (1).exe#895879AA94E52644 89b7d9f41453942d50e5dcca70c44fec Adware.SweetIM icudt (1).dll#46D3B0FF10AC4FD1 6736b554a4b5f7140180c50ae7b11df2 Adware.SweetIM HostAppServiceInterface (1).exe#675BEF1A81797481 39b53d508c9ac4ae7bcc0f87a82fb247 Adware.SweetIM WebAppHelper.exe#C0BF33F07971705C 199c353a3c0830cbb01f19036a8d20fa Adware.SweetIM HostAppService (1).exe#A8FEBE165DE74CED 38167772ee150ce235d03c771b5c5701 Adware.SweetIM avformat-54 (1).dll#35A20203E517620E c1889aa8debc30a968394a4e23e1e7de Adware.SweetIM libEGL (1).dll#94F9830766855466 235688032bbaecd1cfbb1464f9941fe1 Adware.SweetIM avutil-51 (1).dll#19A741211475961C 76ff3f16f03375d439bf1feec51d0dac Adware.SweetIM libGLESv2 (1).dll#A0DFDC2314AA4519 3cd3f6a9ca86b295086448d18f623a49 Adware.SweetIM avcodec-54 (1).dll#8E64C2626ADB224E 28918719e99b7af995bb222d6a0558bc Adware.SweetIM libPokki (1).dll#5D1240F54B29E155 0ded43808d5b0613e64e1b2ae5f23e76 Adware.SweetIM A0117167.exe bca1545f58cfbd93a1f239f0a078c3e1 PUP.Toolbar roboot64.exe f6f916abec34343ac7902b248cdddb78 PUP.Systweak vSnapshotServ.exe#96B0B71AFAFF3277 cc39b2015fd48ca82a8114146da966be PUP.Gen OnlineGuardian-v2.exe.quarantined 3f2e8e25f44ce81aede2b5e5165b7166 PUP.Gen

Questions

PUP FAQ

How should I use this category page?

Use it to find recent reports in the same detection family, then open the exact file report and compare the hash, publisher, path, and detection name.

Why can the same filename have different verdicts?

Attackers and bundlers often reuse common filenames, so the MD5 hash and metadata are more reliable than the name alone.

What should I do if a listed file exists on my device?

Do not rely on the filename only. Verify the hash, review the file location, and run a full system scan before keeping or removing it.