Does Malwarebytes 2.0 Identify & Remove PUPs (toolbars, etc.)?


Glossary of Terms:

  • PUPs: Potentially Unwanted Programs – such as toolbars.
  • PUMs: Potentially Unwanted Modifications – changes to home page, search engine, etc.
  • MBAM: Malwarebytes Anti-Malware

mbam logo-miniIt’s been almost a year since Malwarebytes’ decision to stop supporting the identification and removal of PUPs created a backlash of protests (see: Malwarebytes Anti-Malware: Can it still be trusted).  The developer’s logic at the time was that these potentially unwanted programs did not actually constitute “malware” in the strict sense of the term. Several months later, following a slew of complaints and negative comments, Malwarebytes published an announcement saying that the feature had been re-instated.

Last week we published the news that a major new MBAM version (2.0) had been released, to which regular reader “Jonno” submitted a comment questioning whether or not PUPs were indeed now supported. With one tech blog in particular continuing to insist that MBAM still isn’t identifying these ubiquitous menaces, such as the Ask and Conduit Toolbars, I decided to check it out and see for myself.

The first clear indication that MBAM does in fact include identifying PUPs in its scanning engine comes from the software’s own interface – under Settings>Detection and Protection:

mbam pup and pum settings

Here you will see options for dealing with identified PUPs – set to “Warn users about detections” by default. As well as a choice of actions for identified PUMs – set to “Treat detections as malware” by default. The user can then utilize the associated drop down menus to choose between three options, according to his or her own preferences:


mbam pup options

At this stage it seemed pretty obvious to me that the insistent tech blog is wrong, but I wanted to be doubly sure so I put MBAM through a practical test. I downloaded and installed both the Ask and Conduit Toolbars in a virtual environment:

install ask toolbarinstall conduit

 

Just as an interesting aside; during the Ask Toolbar installation my resident anti-virus, Avira Free, did not communicate at all. However, during the Conduit installation, Avria threw up the following warning:

avira warning messageOkay, so now my Firefox browser resembles many of those I have to deal with when working on clients’ machines:

firefox toolbars

Next step was to change MBAM’s default setting for PUPs to “Treat detections as malware” and then initiate a full  scan. One of MBAM’s traits I have always found a tad annoying is that it doesn’t display results in real time, you have to wait right until the end of the scan before knowing if it is flagging anything or not. Anyway, here is MBAM’s report, as displayed at completion of the scan:

mbam scan results

As you can see from the screenshot, MBAM has flagged 9 items associated with the PUPs for removal to Quarantine.


So there you have it. It appears, to me anyway, that MBAM Free definitely includes support for dealing with PUPs.

 

About the Author

Jim Hillier

Jim is the resident freeware aficionado at DCT. A computer veteran with 30+ years experience who first started writing about computers and tech back in the days when freeware was actually free. His first computer was a TRS-80 in the 1980s, he progressed through the Commodore series of computers before moving to PCs in the 1990s. Now retired (aka an old geezer), Jim retains his passion for all things tech and still enjoys building and repairing computers for a select clientele... as well as writing for DCT, of course.

3 Comments

  1. Thanks Jim for discovering a ‘new’ improved MalwareBytes program. Hopefully they listened to ‘techies’ and world-wide users and discovered that Perion, the makers of insidious taskbars were destroying the integrity of MalwarBytes, and money isn’t everything.
    For more than 2 years, Ask & Conduit et al toolbars were never indicated in regular scans by MWB, as discovered with client complaints and regular investigation, and my complaints to MWB resulted in the ‘we are right, you are wrong’ syndrome, and of course total denial holds a great deal of fright of the truth at times.
    On the destruction of malware scene, Emsisoft Anti-Malware is becoming extremely popular and is the only program I now recommend.
    The Perion tentacles stretch far and wide, I hope that MWB don’t fall in the same hole as Incredimail, which has been in the hands of Perion for quite some time.

    Regards,

    Jonno.

  2. You mention that “Emsisoft Anti-Malware is becoming extremely popular and is the only program I now recommend”. I already have Malwarebytes Pro paid for and installed for the next year. Can and should I run Emisoft Anti-Malware along with the MalwareBytes I alrady have or could that cause problems? I also have Avast, and Mil Shield as well.

    Joe

    • Can and should I run Emsisoft Anti-Malware along with the MalwareBytes I already have or could that cause problems.

      No, definitely do not try to run both at the the same time, it will almost certainly cause problems.

      The latest Malwarebytes version is excellent, including support for identifying and removing all sorts of potentially unwanted programs. It, along with Avast, should provide you with more than adequate protection.