Enable Adware protection in Windows Defender

[Secondmineboy]

In a recent Blog post Microsoft showed how to enable PUA Protection in Microsofts AV Lineup:

Shields up on potentially unwanted applications in your enterprise - Microsoft Malware Protection Center - Site Home - TechNet Blogs

Alternativelly you can use the file i attached, just double click it and let the changes get in automated.

Download: MpEnablePlus.reg

 

[Atlas147]

Again have to wonder why MS is making this an opt in thing instead of an opt out. Having all users default to protecting against PUA would significantly decrease the chances of infection.

 

[LabZero]

Good, but I don't understand why it is not implemented by default.

 

[Secondmineboy]

Good, but I don't understand why it is not implemented by default.

Maybe we need to nag them to enable it by default

 

[jamescv7]

Microsoft false positive rate is worth convincing so having an adware protection can generally make a conclusion to be confirm as not a mistake to be flag.

They can detect those some PUA/PUP in such simple cases then no reason to opt-out.

 

[SloppyMcFloppy]

Why Microsoft not acquire AdwCleaner? Malwarebyte already acquire Junkware Removal Tool. If Microsoft acquire AdwCleaner that would be great for PUPs. And all they need to do after that is develop zero day protections for Windows Defender.

 

[Deleted Member 333v73x]

Looks good, is it worth doing and is there any way to confirm it is working? @Secondmineboy

 

[TheMalwareMaster]

Wasn't the correct name "MpEnablePus"?Add Adware Protection to Windows Defender - gHacks Tech News

 

[Deleted Member 333v73x]

Yes it is MpEnablePus.

 

[safe1st]

This good to know and thank you for the link!

 

[TheMalwareMaster]

Yes it is MpEnablePus.

So the registry value linked up (download from zippyshare) must be wrong

 

[safe1st]

I just put the link here

Enable PUP Protection to block adware in Windows Defender

 

[Deleted Member 333v73x]

Although it looks wrong check regedit and when you download it and restart your PC you have a large update.

 

[_CyberGhosT_]

Klipsh is right as are so many others with the confusion as to why MS took yet another BassAckword approach to this.
Yet another reason I employ other means and leave Defender sleeping peacefully

 

[Dirk41]

guys i am trying to add this feature too right now (for the first time in my life i want to test W defences on one pc) and i am confused : Plus or Pus? i surfed the net but someone say one thing, someone else say another. what's correct so?
thank you.
and agree: no sense not adding it by default

 

[Dirk41]

ok i think you opted for Pus. unfortunately (before coming to this forum) i added Plus.
how can i correct? i am not en expert sorry.

sorry for doublep post. i don't know how to delete

 

[TheMalwareMaster]

It's Pus. I think You can locate the key, delete it and them create an other one with Pus. Then reboot. After the reboot update the product. To see it you did everything correctly, install "CDburnerXP". During the installation, a WD alert should be popping up and in the detected items list you should see "PUA CandyOpen"

 

[Dirk41]

It's Pus. I think You can locate the key, delete it and them create an other one with Pus. Then reboot. After the reboot update the product. To see it you did everything correctly, install "CDburnerXP". During the installation, a WD alert should be popping up and in the detected items list you should see "PUA CandyOpen"

hey here's where i found that name: just here.

today i had problems. installed adwcleaner and it found cdburnerxp look the log please..how can i upload the adwcleaner file?

but wait i didn't downloaded it, i only googled it. how it is possible?

***** [ Browser web ] *****

[-] [C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Eliminato : cdburnerxp-pro.it.softonic.com

 

[kaddy]

MS WD does excellent detection wise now. and free, no nagging, and does its thing and you would never notice it unless you get a detection. Low FP. I have never gotten a false flag.
As long as you are smart, and use safe practices, WD should be good enough for most people. Once they implement this fully, plus 0 day, WD could become all that is necessary.

 

[Dirk41]

It's Pus. I think You can locate the key, delete it and them create an other one with Pus. Then reboot. After the reboot update the product. To see it you did everything correctly, install "CDburnerXP". During the installation, a WD alert should be popping up and in the detected items list you should see "PUA CandyOpen"

May I ask you where I can find it?