Windows 10: Windows Defender PUA feature?

Page 1 of 2 12 LastLast
  1.    28 Aug 2017 #1

    Windows Defender PUA feature?


    WD has this new feature called PUA.
    Is this for domain environments or can this be done on a standalone Win10 Enterprise? Or is this needed on a standalone system?

    I know it has to be enabled in the registry.

    If enabled, how will this effect the use of a machine? Will I get constant annoying notifications all the time?

    How intrusive is enabling PUA?

    How is it different fron enabling or disabling this feature from standard malware protection?

    Thx!
      My ComputerSystem Spec


  2. Posts : 3,081
    10.4 Home 1709 x64
       29 Aug 2017 #2

    PUP/PUA is not really a malware, so even a legitimate software might be detected.

    Windows Defender PUP Registry Tweak tested - YouTube

    MS and Malwarebytes have decided to go over the top and detect virtually anything as PUP.

    MSRT October 2016 release: Adding more unwanted software detections Windows Security blog
      My ComputerSystem Spec

  3.    29 Aug 2017 #3

    So it's best to just leave it disabled?

    Anyways, I practice safe computing habits and I rarely install programs which I do not need.
      My ComputerSystem Spec


  4. Posts : 3,081
    10.4 Home 1709 x64
       29 Aug 2017 #4

    win10freak said: View Post
    So it's best to just leave it disabled?
    Probably yes. If you have had PUA, you would surely notice, that is it, what they are made for, like adware.
    Attached Thumbnails Attached Thumbnails download.png  
      My ComputerSystem Spec


  5. Posts : 5,408
    10 Home x64 (1709) (10 Pro on 2nd pc)
       29 Aug 2017 #5

    Is this for domain environments or can this be done on a standalone Win10 Enterprise? Or is this needed on a standalone system?
    win10freak said: View Post
    ...So it's best to just leave it disabled?

    Anyways, I practice safe computing habits and I rarely install programs which I do not need.
    TairikuOkami said: View Post
    Probably yes....
    I disagree. Enabling PUA protection in Defender will scan anything save to your Downloads folder for PUAs, adware and unwanted browser extensions (things like the Ask Toolbar) stuff you often find bundled within the install packages from some of the sites offering popular software. It's similar to the sort of protection afforded by Malwarebytes Premium (the paid-for one) - real-time protection against PUPs.

    While Microsoft aim PUA protection firmly at the Enterprise environment (and provide Enterprise tools to manage it) it can be enabled on anything, right down to my 10 Home. There's a Tutorial on this....
    Note

    The Potentially Unwanted Application protection feature is available only for enterprise customers. If you are already one of Microsoft's existing enterprise customers, you need to opt-in to enable and use PUA protection.


    While Microsoft announced the new PUA feature as only available for the Enterprise edition of Windows 10, Home and Pro editions can also enable it on their Windows 10 PCs to block the deployment of adware during software installations.

    PUA protection updates are included as part of the existing definition updates and cloud protection of Windows Defender.


    Enable or Disable Windows Defender PUA Protection in Windows 10

    ...and starting at post #19 on in that thread I describe my experiences of enabling and testing that it works in Home. I leave it enabled permanently, I've not seen any false detections. Here's some of my test results...

    Click image for larger version. 

Name:	Defender history.PNG 
Views:	19 
Size:	13.0 KB 
ID:	150921
      My ComputersSystem Spec


  6. Posts : 3,081
    10.4 Home 1709 x64
       29 Aug 2017 #6

    Bree said: View Post
    I've not seen any false detections. Here's some of my test results...

    Click image for larger version. 

Name:	Defender history.PNG 
Views:	19 
Size:	13.0 KB 
ID:	150921
    Both are false positives, sort of. EICAR is a test file and ytddownloader works, it is just adware/PUA.
    Attached Thumbnails Attached Thumbnails capture_08292017_153546.jpg  
      My ComputerSystem Spec


  7. Posts : 5,408
    10 Home x64 (1709) (10 Pro on 2nd pc)
       29 Aug 2017 #7

    TairikuOkami said: View Post
    ...false positives, sort of... ytddownloader works, it is just adware/PUA.
    As adware/PUA ytdownloader is a true positive, surely?
      My ComputersSystem Spec


  8. Posts : 3,081
    10.4 Home 1709 x64
       29 Aug 2017 #8

    Bree said: View Post
    As adware/PUA ytdownloader is a true positive, surely?
    The point is, that it is a working legitimate software, just someone has decided to mark as unwanted.
    Malwarebytes has gone crazy with that, it even marks competitive anti-malware products as PUP.
      My ComputerSystem Spec


  9. Posts : 5,408
    10 Home x64 (1709) (10 Pro on 2nd pc)
       29 Aug 2017 #9

    TairikuOkami said: View Post
    The point is, that it is a working legitimate software...
    Depends on your definition of 'legitimate'...

    Microsoft - Windows Defender Security Intelligence said:
    This application was stopped from running on your network because it has a poor reputation. This application can affect the quality of your computing experience. We have seen this leading to the following potentially unwanted behaviors on PCs:
    • Adds files that run at startup
    • Modifies boot configuration data
    • Injects into other processes on your system
    • Changes browser settings
    • Changes browser shortcuts
    • Installs browser extensions
    • Disables User Access Control (UAC)
    PUA:Win32/YTDVideoDownload
      My ComputersSystem Spec


  10. Posts : 3,081
    10.4 Home 1709 x64
       29 Aug 2017 #10

    AD-supported software implements/display ADs (like Google/Microsoft), who would have thought.
    The reason, why it is marked as PUP, because it is not malware, it can be easily get rid of/uninstalled.

    Also detected as: not-a-virusdownloader.Win32.WinWrapper.cd (Kaspersky)
      My ComputerSystem Spec


 
Page 1 of 2 12 LastLast

Related Threads
Hello. Using BitDefender. Cant seem to activate Windows Defender (also). Does Bit Defender prohibit Windows Defender from being activated ? Any idea why I can't activate ? Assuming I can, somehow, do I want both ?
Windows Briefcase Feature in Customization
While there are many ways to sync files in Windows 10, some may be accustomed to Windows Briefcase Feature. Personally I've never used it, but, if you wish to restore, (or remove), the feature, copy the following code(s) into Notepad and save as a...
Windows 10 new Reset feature ? in General Support
Hi Back in March 16, the Windows team of MSFT revealed that Windows 10 won't use a separate "Recovery" image for "Refresh" and 'Reset" feature. Later MSDN page on "Reset" is updated with some more info about this new change. So according...
Windows 9 Feature List in Windows 10 News
More
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 01:06.
Find Us