Malwarebytes stand towards PUPs or Potentially Unwanted Programs is well known. It aggressively detects programs that it considers as unwanted and quarantines them and asks its users if they want to remove it. In the bargain, it has started identifying several programs, some even from large vendors as PUPs. The latest program to be identified by Malwarebytes as a PUP is Advanced SystemCare 10.
Malwarebytes is a popular antimalware software that protects computers against malware, ransomware, and other online threats. Since recently, Malwarebytes has decided to take an aggressive stand against all such software that it considers to be potentially unwanted. It has also laid down the criteria on the basis of which it classifies a software as a Potentially Unwanted Program, and quarantines such software. There is transparency in this case, and aggrieved software developers have the option to submit their case for reconsideration.
Malwarebytes’ aggressive stand on PUPs
Recently, a user of Advance SystemCare 10 mentioned on their forum,
“Today my Malwarebytes Premium decided to quarantine ASC as a PUP and put all 526+ files into its quarantine area? I have restored them but why is it seeing ADS as potential damaging PUPs?”
Another user reported,
“MBAM Premium did the same thing to my ASC Pro yesterday. I had to restore over ASC files then rescan and tell MBAM to ignore all files in the future. This is crazy!”
Several other users have mentioned similar issues on the same forum.
Advanced SystemCare 10 is not the only program that has been detected as a threat by Malwarebytes. Some users have reported that some popular software by Auslogics are also detected as PUPs. One of the Auslogics product users reported on Dell Community,
“Auslogics Disk Defragmenter is included among the programs being detected… it is NOT a “False Positive” on MBAM’s part. I had “frozen” my Auslogics Disk Defragger program a few years ago (i.e., I intentionally haven’t updated it since then), so it’s possible that the newer/modern objections don’t apply to mine. Regardless, since it’s a program I want and use, I am instructing MBAM to allow/ignore it.”
Another program that was detected as a threat by Malwarebytes earlier was Baidu Antivirus. Baidu itself is an antivirus program; so it was quite a shock when one antivirus program had detected antivirus as a threat. Few users had reported this issue on our forum last year. One of the Baidu users had reported:
“Baidu antivirus addition, I have installed several computers Malwarebytes antimalware and recently detected a threat. But I put it down to make it detects a scanner that after cleaning and rebooting, reappears. It may be a false threat, but for testing whether Baidu and nothing else, I’ve uninstalled Baidu and these threats no longer appear, I have reinstalled and reappear.”
Posted a use of Wise Cleaner on a security forum:
I ran MalwareBytes AntiMalware (free) last night for a complete scan and guess what? It detected Wise Registry Cleaner (free) as PUP (I think 10 entries including dll, exe etc files) and when I click to remove them Wise Registry Cleaner just disappeared from my desktop. After the scan I have to re-install Wise Registry Cleaner again.
In response to questions by users about why Malwarebytes was flagging PCPitstop as a PUP, their forum administrator said:
The folks at Malwarebytes decided to flag our products as PUPs (Potentially Unwanted Programs) and their scans are removing our products. After reaching out to them, they made it clear that they are not interested in altering their database, so we have no choice but to remove them from any of our systems that are running both programs.
Seeing this stand of PCPitstop, will we see a future where competing security products starting flagging the other as PUPs?
PCPitstop clarifying its stand on this issue said:
Given the weak rationale behind the concerns outlined here and the fact that similar products are not labeled as PUP/PUA – we are lead to believe that the Malwarebytes classification of our products was actually motivated by our recent article that noted the AV-Comparatives test that highlighted poor detection rates for Malwarebytes.
Update:. It seems that Malwarebytes classification of PCMatic as a PUP has been resolved.
It is clear that Malwarebytes has upped the ante against what it considers as Potentially Unwanted Programs. In the list are included some software and/or installers from reputed companies like CyberGhost VPN too. If a user is sure that the software is safe and wants to continue using it, he/she will have to add the program to their Whitelist.
Since Malwarebytes quarantines programs it considers as PUPs, users are advised to check the list of threats detected by it before deleting anything. It could be that one of your useful programs was identified as a PUP and rendered useless by it.
I personally use Malwarebytes Free as a second opinion anti-malware scanner as it is good, but I always closely take a look at its detections very carefully, lest I end up quarantining or removing a legit program, due to it identifying it as a PUP or perhaps throwing up a false positive.
If you are a Malwarebytes user, what do you think of this aggressive stance by the antivirus? If you have found one of your programs identified as a PUP, what have you chosen to do? Remove it or Whitelist it and continue using the software. Do share your views.
Thanks for the heads up @PaulStreeting.