PUP's in flash scan at Malwarebytes

Page 1 of 2 12 LastLast

  1. petrox
    Posts : 69
    win 7 home premium
       New #1

    PUP's in flash scan at Malwarebytes


    Hi Forum members, a question please. I have Malware bytes pro one option is to scan memory and start up items. Today it found 98 items in those locations. They are PUP seach ui in files as well as in registry. I am wondering why Microsoft Security essentials lets them through as well as the Windows firewall and Windows defender. Any ideas? If I need another security tool please tell me and I will install whichever one is appropriate. Regards Peter
      My Computer
    Quote Quote

  3. Callender
    Posts : 4,776
    Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
       New #2

    PUP's


    Hi,

    A PUP is a Potentially Unwanted Program. That could be a toolbar or something similar. MSE and other security programs don't block them unless they're malicious. Some users even want to use these toolbars.

    Some security products might have the option to alert on PUP's if you look for it in the settings.

    Malwarebytes detects these PUP's as they might have been installed without the user's knowledge.

    https://helpdesk.malwarebytes.org/en...ey-be-deleted-

    Malwarebytes classifies the following as PUP's.

    Malwarebytes : PUP Reconsideration Information
      My Computer
    Quote Quote

  4. Lady Fitzgerald
    Posts : 9,600
    Win 7 Ultimate 64 bit
       New #3

    MSE is one of the worst AVs you can be using.
      My Computer
    Quote Quote

  6. petrox
    Posts : 69
    win 7 home premium
    Thread Starter
       New #4

    Thank you Callender for your reply. Also Lady Fitzgerald.I do understand it better now. I will search for a better Anti Virus. Some people think MSE is not that bad. Regards Peter
    Last edited by petrox; 09 Feb 2014 at 15:04. Reason: name
      My Computer
    Quote Quote

  7. UsernameIssues
    Posts : 10,485
    W7 Pro SP1 64bit
       New #5

    Lady Fitzgerald said:
    MSE is one of the worst AVs you can be using.
    Please do not take this the wrong way. The info presented below is as much for your benefit as it is for the OP. I agree that MSE could be a lot better. You have probably seen my rants about MSE's lack of heuristics. That said, in the context of preventing PUPs from installing on a computer, AVAST might be just as bad as MSE. AVAST happily allowed the Conduit toolbar (and the apps that its installer offered) to be installed. Other antivirus tools flagged these apps.

    PUP's in flash scan at Malwarebytes-avast-pup1.png

    PUP's in flash scan at Malwarebytes-avast-pup2.png


    Using Process Explorer...

    PUP's in flash scan at Malwarebytes-avast-pup3.png


    Picking two of the worst offenders:

    https://www.virustotal.com/en/file/5...is/1391980609/
    PUP's in flash scan at Malwarebytes-avast-pup4.png


    https://www.virustotal.com/en/file/3...is/1391980611/
    PUP's in flash scan at Malwarebytes-avast-pup5.png
    You might notice that there are ten findings, but the initial screenshot showed 9 findings. That is because the initial report was based on data that was 6 days old. I resubmitted the EXE for evaluation.

    I know that you rely on Malwarebytes Pro to keep these PUPs off of your computer(s), but again, in the context of this thread, moving away from MSE is not going to help the OP to stay free of PUPs (unless the OP picks an antivirus tool that does a better job than AVAST).

    I wonder why more antivirus tools don't add more PUPs to the list of things that they watch for?
      My Computer
    Quote Quote

  8. UsernameIssues
    Posts : 10,485
    W7 Pro SP1 64bit
       New #6

    petrox,
    You can see this post of how to get/setup Process Explorer:
    Process Explorer 16
      My Computer
    Quote Quote

  10. Callender
    Posts : 4,776
    Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
       New #7

    [/QUOTE]I wonder why more antivirus tools don't add more PUPs to the list of things that they watch for?[/QUOTE]

    I'd say that the answer here is probably about right:

    Why isn't a program malware if it installs additional, unwanted software? | PCWorld

    Except that some software bundles PUP's with no chance for the user to opt out of installation!

    I keep looking for a current list of executable file names for the installers or setup files for these programs but so far I've never come across a full list that is kept up to date!

    If there were such a list it would be very useful to me as I block installation of this stuff by detecting the installer process running and then when that happens I've set up a method of automatically launching another safe file to run in it's place.
      My Computer
    Quote Quote

  11. UsernameIssues
    Posts : 10,485
    W7 Pro SP1 64bit
       New #8

    I don't think that I was clear. I was not suggesting that installers that offer other apps should be classified as malware. The installer for AVAST and CCleaner would fit into that category. I was saying that apps like Conduit, Search Protect and the like should be highlighted to the user as a PUP by MSE, AVAST and the like. There is no reason to have AV tools look for one level of malware and Malwarebytes looks for another level of malware.

    I'm well aware of the need for layered protection and that no one tool catches all forms of malware - but my question stands: why do so many AV tools set the bar so low when it comes to PUPs? Many AV tools simply ignore that entire class of software. I realize that putting software into the PUP category is a subjective decision; but come on, Conduit!

    Trovi bought Conduit and here is what you agree to during the install:
    Information Trovi Collects and Receives. There are several types of data being collected from you as detailed herein.
    AVAST thinks the Conduit toolbar and website is just fine:

    PUP's in flash scan at Malwarebytes-avast-pup6.png


    I could not even get to the Malwarebytes website without being blessed with an endless offer scam from the adware that AVAST allowed.

    PUP's in flash scan at Malwarebytes-avast-pup7.png


    Most of those 293 items shown below are just snake oil*. They are harmless registry entries. Should they be cleaned? Yes. But they should not be listed in big bold red letters. Those bold red letters should be reserved for items that can cause something to actually happen on your computer.

    PUP's in flash scan at Malwarebytes-avast-pup8.png

    *The more items found, the better the user feels about Malwarebytes. The same can be said about UniBlue's registry tool. It will find more things "wrong" with the registry than the conservative CCleaner tool will.


    Don't get me wrong, Malwarebytes is an excellent tool...
    ...but it still uses the same tactics (perhaps unintentionally) used by Uniblue.
      My Computer
    Quote Quote

  12. Layback Bear
    Posts : 25,847
    Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
       New #9

    Malwarebytes Anti Malware finds lot of PUP's for me and I don't really care what color they use to indicate them.
    To me no PUP is a good PUP. If I wanted it downloaded I would of ask for it up front.
    Many anti virus let PUP through because they are not considered virus at this time in the anti virus world, and they are not. For what ever reason some people like some of the little free goodies that slip in. I consider them malware and Malwarebytes does to.
    Eset Free Online Scanner will also find PUP's along with viruses ect.
    If PUP's were nice to have then send they to me through the front door and not the backdoor of my system.

    Many wiser that me have posted: Their is no one program that does it all and I do agree.
      My Computer
    Quote Quote

  13. UsernameIssues
    Posts : 10,485
    W7 Pro SP1 64bit
       New #10

    Layback Bear said:
    Malwarebytes Anti Malware finds lot of PUP's for me and I don't really care what color they use to indicate them.
    To me no PUP is a good PUP. If I wanted it downloaded I would of ask for it up front.
    ~~~
    If PUP's were nice to have then send they to me through the front door and not the backdoor of my system.
    I asked for these installs "up front". The paid version of Malwarebytes Anti Malware might have stopped most of the installs; but Malwarebytes Anti Malware cannot clean what was installed for this tiny test of mine.


    Layback Bear said:
    ....Many anti virus let PUP through because they are not considered virus at this time in the anti virus world, and they are not....
    You are correct about these apps not being a virus. I was lamenting/questioning the decision of some antivirus tools not to include PUPs.


    Layback Bear said:
    ...Eset Free Online Scanner will also find PUP's along with viruses ect.
    ~~~
    Many wiser that me have posted: Their is no one program that does it all and I do agree.
    I mentioned the multiple program concept too; unfortunately, the concept can mean:
    1) use one tool to look for viruses and use another tool to look for PUPs
    or
    2) use more than one tool to look for all classes of malware and PUPs.
    Lots of people here operate under option 1.
    (which is better than just using MSE


    Not to beat a dead horse, but since I spent the time playing with the Conduit toolbar and the other things that I intentionally did not opt out of - I'll report that none of the tools listed in Lady Fitzgerald's system spec [AVAST!, MBAM, SAS, Spybot S&D (all but MBAM free] have managed to rid the virtual machine of the stuff that was installed. Also, ESET seems to have changed their online scanner to be a one time use.

    PUP's in flash scan at Malwarebytes-eset.png

    That is why I wanted the antivirus app to do what it can against PUPs and malwarebytes to do what it can against PUPs and any other tool that I throw against the problem. Then maybe - just maybe - if they all do what they can, the PUP can be eradicated from the computer.

    Or maybe I'm just looking at the virus/malware/PUP issue all wrong.
    I've been known to do that :-(
      My Computer
    Quote Quote

 
Page 1 of 2 12 LastLast

  Related Discussions
Recently I ran a Panda AV scan and a Malwarebytes scan. While the Panda scan found no threats; the Malwarebytes scan found 8 possible threats. Four of the items are registry values / keys which I am wary of removing or modifying. Furthermore, I think they may be related to my Wild Tangent game...
hi, I've Malwarebytes 3.1 installed on my win7 pc. I've noticed that scan takes forever and more often it stuck in the process. after some search online, I've disabled 'scan archives' and 'scan rootkits' as suggested, but to no vail. any suggestion?
guys i need you guys help, just want know you guys opinion, i scan a crack file for photoshop and adobe flash, when i run full system scan with my license KIS 2014 i didn't scan any virus, but when i run full system scan using Malwarebytes, it's detected as Riskware, how about you guys opinion...
Malwarebytes scan times
in System Security

Hi Folks A full scan with malwarebytes(free) takes around 35 mins on my machine and is using 70.000kb -80.000kb of ram to run, but when i run it as scheduled scan through task scheduler its taking over 2 hours to complete and is only using 5.000kb. Is there any way to speed this up ie enable it...
Hey guys, whenever I scan (Full or Quick) malwarebytes gets laggy, and then it freezes, and I noticed that it freezes after it starts scanning through the HKEY files. Any suggestions or help will be appreciated.
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 04:38.
Find Us