Threat Database Mac Malware PUP.EZ Software Updater

PUP.EZ Software Updater

Threat Scorecard

Ranking: 11,901
Threat Level: 10 % (Normal)
Infected Computers: 19,978
First Seen: July 9, 2014
Last Seen: February 17, 2024
OS(es) Affected: Windows

PUP.EZ Software Updater (PUP.MacOS.EZSoftwareUpdate.A) is a detection of a potentially unwanted program or app (PUP or PUA). Although PUPs are not malware they sometimes behave similarly. In most cases, potentially unwanted applications are designated as such because they might not do what they are advertised to do or they get installed without the user’s knowledge or permission.

One of the most common types of PUPs are fake optimizers or boosters. Applications of this type are advertised as tools which can significantly improve the performance of a Mac device. These applications usually have websites and are distributed officially. The developers rely on the user believing the claims that the particular PUA will make a Mac device run better. Typically, such applications either don’t do anything or they offer redundant features available as free native Apple utilities. These applications often have a free version which generates fake problem detections in an attempt to convince users to buy a license or a full version of the application.

PUAs which aren’t distributed through normal means can get on Mac devices in other ways. The method that seems to be most popular is the fake Adobe Flash Player update pop-up. Mac users can encounter such pop-ups on compromised websites or as a symptom of other malware. The pop-up looks very much like a real update prompt. In some cases it may even contain a real version of Adobe Flash Player. However, the important thing is that it also installs PUAs. So while the user may think they are installing an update, they are also allowing other applications on their system.

Another avenue for PUA distribution is bundling the applications with other software. In those cases, during the installation process the user is given the choice to go with an "express" installation or "custom," or "advanced" options. If the user chooses the express option, they are often not shown all the components of the bundle and some of those components can be different apps including PUAs.

While annoying, PUAs are easily detected by antivirus software. Manual removal may be somewhat complicated in certain cases, but security suites will easily take care of PUAs.

SpyHunter Detects & Remove PUP.EZ Software Updater

File System Details

PUP.EZ Software Updater may create the following file(s):
# File Name MD5 Detections
1. EZ Software Updater.exe.vir caf1f225002cc0e1dcfcb29d9cf20e6e 9,108
2. EZ Software Updater.exe 3f6966d04701c8dc020dfa2ed35b75f6 4,298
3. EZ Software Updater.exe f6c573367bd042bf1a49681b271c5bdd 2,787
4. EZ Software Updater.exe b47266f4b6325d297534e265b1942f7b 1,108
5. EZ Software Updater.exe 62e838a8e751e40e1db32f95706b8910 29
6. EZ Software Updater.exe 99033a5c18a1886a0a0d62b113ad01c6 2

Registry Details

PUP.EZ Software Updater may create the following registry entry or registry entries:
SOFTWARE\EZ Software Updater
SOFTWARE\Wow6432Node\EZ Software Updater
SYSTEM\ControlSet001\services\EZ Software Updater
SYSTEM\ControlSet002\services\EZ Software Updater
SYSTEM\CurrentControlSet\services\EZ Software Updater


PUP.EZ Software Updater may create the following directory or directories:

%ALLUSERSPROFILE%\Application Data\EZSoftware
%PROGRAMFILES%\EZ Software Updater
%PROGRAMFILES(X86)%\EZ Software Updater


Most Viewed