Does Malwarebytes 2.0 Identify & Remove PUPs (toolbars, etc.)?


Glossary of Terms:

  • PUPs: Potentially Unwanted Programs – such as toolbars.
  • PUMs: Potentially Unwanted Modifications – changes to home page, search engine, etc.
  • MBAM: Malwarebytes Anti-Malware

mbam logo-miniIt’s been almost a year since Malwarebytes’ decision to stop supporting the identification and removal of PUPs created a backlash of protests (see: Malwarebytes Anti-Malware: Can it still be trusted).  The developer’s logic at the time was that these potentially unwanted programs did not actually constitute “malware” in the strict sense of the term. Several months later, following a slew of complaints and negative comments, Malwarebytes published an announcement saying that the feature had been re-instated.

Last week we published the news that a major new MBAM version (2.0) had been released, to which regular reader “Jonno” submitted a comment questioning whether or not PUPs were indeed now supported. With one tech blog in particular continuing to insist that MBAM still isn’t identifying these ubiquitous menaces, such as the Ask and Conduit Toolbars, I decided to check it out and see for myself.

The first clear indication that MBAM does in fact include identifying PUPs in its scanning engine comes from the software’s own interface – under Settings>Detection and Protection:

mbam pup and pum settings

Here you will see options for dealing with identified PUPs – set to “Warn users about detections” by default. As well as a choice of actions for identified PUMs – set to “Treat detections as malware” by default. The user can then utilize the associated drop down menus to choose between three options, according to his or her own preferences:

mbam pup options

At this stage it seemed pretty obvious to me that the insistent tech blog is wrong, but I wanted to be doubly sure so I put MBAM through a practical test. I downloaded and installed both the Ask and Conduit Toolbars in a virtual environment:


install ask toolbarinstall conduit

 

Just as an interesting aside; during the Ask Toolbar installation my resident anti-virus, Avira Free, did not communicate at all. However, during the Conduit installation, Avria threw up the following warning:

avira warning messageOkay, so now my Firefox browser resembles many of those I have to deal with when working on clients’ machines:

firefox toolbars

Next step was to change MBAM’s default setting for PUPs to “Treat detections as malware” and then initiate a full  scan. One of MBAM’s traits I have always found a tad annoying is that it doesn’t display results in real time, you have to wait right until the end of the scan before knowing if it is flagging anything or not. Anyway, here is MBAM’s report, as displayed at completion of the scan:

mbam scan results

As you can see from the screenshot, MBAM has flagged 9 items associated with the PUPs for removal to Quarantine.

So there you have it. It appears, to me anyway, that MBAM Free definitely includes support for dealing with PUPs.


 

About the Author

Jim Hillier

Jim is the resident freeware aficionado at DCT. A computer veteran with 30+ years experience who first started writing about computers and tech back in the days when freeware was actually free. His first computer was a TRS-80 in the 1980s, he progressed through the Commodore series of computers before moving to PCs in the 1990s. Now retired (aka an old geezer), Jim retains his passion for all things tech and still enjoys building and repairing computers for a select clientele... as well as writing for DCT, of course.

There are 3 comments

Comments are closed.