Windows Defender PUA feature?

Page 1 of 2 12 LastLast

  1. Posts : 864
    Win10
       #1

    Windows Defender PUA feature?


    WD has this new feature called PUA.
    Is this for domain environments or can this be done on a standalone Win10 Enterprise? Or is this needed on a standalone system?

    I know it has to be enabled in the registry.

    If enabled, how will this effect the use of a machine? Will I get constant annoying notifications all the time?

    How intrusive is enabling PUA?

    How is it different fron enabling or disabling this feature from standard malware protection?

    Thx!
      My Computer


  2. Posts : 5,492
    Windows 11 Home
       #2

    PUP/PUA is not really a malware, so even a legitimate software might be detected.

    Windows Defender PUP Registry Tweak tested - YouTube

    MS and Malwarebytes have decided to go over the top and detect virtually anything as PUP.

    MSRT October 2016 release: Adding more unwanted software detections Windows Security blog
      My Computer


  3. Posts : 864
    Win10
    Thread Starter
       #3

    So it's best to just leave it disabled?

    Anyways, I practice safe computing habits and I rarely install programs which I do not need.
      My Computer


  4. Posts : 5,492
    Windows 11 Home
       #4

    win10freak said:
    So it's best to just leave it disabled?
    Probably yes. If you have had PUA, you would surely notice, that is it, what they are made for, like adware.
    Attached Thumbnails Attached Thumbnails Windows Defender PUA feature?-download.png  
      My Computer


  5. Posts : 33,288
    10 Home x64 (22H2) (10 Pro on 2nd pc)
       #5

    Is this for domain environments or can this be done on a standalone Win10 Enterprise? Or is this needed on a standalone system?
    win10freak said:
    ...So it's best to just leave it disabled?

    Anyways, I practice safe computing habits and I rarely install programs which I do not need.
    TairikuOkami said:
    Probably yes....
    I disagree. Enabling PUA protection in Defender will scan anything save to your Downloads folder for PUAs, adware and unwanted browser extensions (things like the Ask Toolbar) stuff you often find bundled within the install packages from some of the sites offering popular software. It's similar to the sort of protection afforded by Malwarebytes Premium (the paid-for one) - real-time protection against PUPs.

    While Microsoft aim PUA protection firmly at the Enterprise environment (and provide Enterprise tools to manage it) it can be enabled on anything, right down to my 10 Home. There's a Tutorial on this....
    Note

    The Potentially Unwanted Application protection feature is available only for enterprise customers. If you are already one of Microsoft's existing enterprise customers, you need to opt-in to enable and use PUA protection.


    While Microsoft announced the new PUA feature as only available for the Enterprise edition of Windows 10, Home and Pro editions can also enable it on their Windows 10 PCs to block the deployment of adware during software installations.

    PUA protection updates are included as part of the existing definition updates and cloud protection of Windows Defender.


    Enable or Disable Windows Defender PUA Protection in Windows 10

    ...and starting at post #19 on in that thread I describe my experiences of enabling and testing that it works in Home. I leave it enabled permanently, I've not seen any false detections. Here's some of my test results...

    Windows Defender PUA feature?-defender-history.png
      My Computers


  6. Posts : 5,492
    Windows 11 Home
       #6

    Bree said:
    I've not seen any false detections. Here's some of my test results...

    Windows Defender PUA feature?-defender-history.png
    Both are false positives, sort of. EICAR is a test file and ytddownloader works, it is just adware/PUA.
    Attached Thumbnails Attached Thumbnails Windows Defender PUA feature?-capture_08292017_153546.jpg  
      My Computer


  7. Posts : 33,288
    10 Home x64 (22H2) (10 Pro on 2nd pc)
       #7

    TairikuOkami said:
    ...false positives, sort of... ytddownloader works, it is just adware/PUA.
    As adware/PUA ytdownloader is a true positive, surely? :)
      My Computers


  8. Posts : 5,492
    Windows 11 Home
       #8

    Bree said:
    As adware/PUA ytdownloader is a true positive, surely? :)
    The point is, that it is a working legitimate software, just someone has decided to mark as unwanted.
    Malwarebytes has gone crazy with that, it even marks competitive anti-malware products as PUP.
      My Computer


  9. Posts : 33,288
    10 Home x64 (22H2) (10 Pro on 2nd pc)
       #9

    TairikuOkami said:
    The point is, that it is a working legitimate software...
    Depends on your definition of 'legitimate'...

    Microsoft - Windows Defender Security Intelligence said:
    This application was stopped from running on your network because it has a poor reputation. This application can affect the quality of your computing experience. We have seen this leading to the following potentially unwanted behaviors on PCs:
    • Adds files that run at startup
    • Modifies boot configuration data
    • Injects into other processes on your system
    • Changes browser settings
    • Changes browser shortcuts
    • Installs browser extensions
    • Disables User Access Control (UAC)
    PUA:Win32/YTDVideoDownload
      My Computers


  10. Posts : 5,492
    Windows 11 Home
       #10

    AD-supported software implements/display ADs (like Google/Microsoft), who would have thought.
    The reason, why it is marked as PUP, because it is not malware, it can be easily get rid of/uninstalled.

    Also detected as: not-a-virusdownloader.Win32.WinWrapper.cd (Kaspersky)
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 02:38.
Find Us




Windows 10 Forums