MalwareBytes now detecting many Auslogics products as "PUPs"

As it happens, I found this morning that MBAM Premium had detected 2 Auslogics files on a scheduled overnight scan on my Win 7, namely:
PUP.Optional.AuslogicsDiskDefrag, C:\Users\joseph\AppData\Roaming\Auslogics\Disk Defrag\Reports\Disk_Defrag_Report.html, No Action By User, [eb2f06deb4e644f20cce1b8ab14faa56],
PUP.Optional.AuslogicsDiskDefrag, C:\Users\joseph\AppData\Roaming\Auslogics\Disk Defrag\Reports\Disk_Defrag_Report.xml, No Action By User, [eb2f06deb4e644f20cce1b8ab14faa56],

These files (both reports) were created in September/2013, when I was using Auslogics Disk Defrag, which I subsequently decided to uninstall, after Auslogics bundled Search Protect by Conduit with a defrag upgrade (which I allowed to install in an unguarded moment - my bad!). I just couldn't trust any company that would bundle malware like Conduit.  

So I uploaded both files to to VirusTotal, where 0/54 scanners detected anything amiss (including MBAM). I don't know if the scanners at VT scan for PUPs, however. So I downloaded the latest version of AdwCleaner from Malwarebytes, and its scan also flagged some Auslogic folders:
[!] Folder not deleted: C:\Users\joseph\AppData\Roaming\Auslogics
[!] Folder not deleted: C:\ProgramData\Auslogics
[!] Folder not deleted: C:\ProgramData\Application Data\Auslogics
It also detected 4 registry keys related to Auslogics.

I'm not surprised that Malwarebytes detected Auslogics files. What remains a bit of a mystery is why only now does MBAM decide that Auslogic files are potentially unwanted?

On this particular system, I have Auslogics Defragger 4.4.0.0 ;  (c) 2008-13 ; which was detected as a PUP.

Edit:   On another system, I have Defragger 4.4.1.0 ; and the MBAM detections were all during its heuristic analysis phase.

I just scanned with Malwarebytes(FREE Edition)(NO Trial) version on 12/3

It did NOT detect any issues with Auslogic's Disk Defragger Version 5.4.0.0

(Version has a copyright date of 2008 - 2015)

Rick

https://blog.malwarebytes.com/malwarebytes-news/2016/10/malwarebytes-gets-tougher-on-pups/

Thanks for the link, ky. It's about time Malwarebytes got more aggressive.

You guys were wise not to update your versions of Disk Defrag. I liked the program, and all my problems with it began with a version update. Out of interest, I went to Auslogics website, and looked at the version history of Disk Defrag. Of note were:

v. 5.3.0.0 (10/02/2015)
•the program now participates in the Auslogics Green Seal Project, which guarantees it to be free of toolbars, adware or third-party offers in the installer;
•fixed minor bugs.

v. 7.1.0.0 (09/11/2016)
•Users may now choose if they want disk temperature to be displayed in Celsius or Fahrenheit;
•Installer was optimized for better user experience;
•All known bugs have been fixed.

Wow- no 3rd party offers in an optimized installer! Could Auslogics have changed its ways? I had to investigate. So against my better judgement, I downloaded and ran the most recent version of Disk Defrag, using a "Custom Install".

Results:
The installer will set Yahoo as your home page and default search engine, and also install "BoostSpeed" (a registry and disk "cleaner"), unless you use the custom install, and uncheck these default options. Despite unchecking these options, it still tried to change my homepage to Yahoo (caught by WinPatrol), which I rejected. Despite rejecting Yahoo twice, WinPatrol kept throwing up alerts.

MBAM Premium detected a dozen or so Auslogic files during the installation, which I allowed (for now). After installation completed, I was re-directed to giveaway-club dot- com, which promoted Auslogics free "BoostSpeed". When I opened IE 11, my homepage was unchanged, but I got an alert that an unkown program was still  trying to change it to Yahoo, which I yet again rejected. 

I ran Disk Defrag, which ran without problems. But I was informed that over 2,000 problems with my computer had been detected, (most of them registry errors, plus junk files wasting 94 MB of disk space) that - you guessed it - BoostSpeed could fix. Talk about scareware!

In short, this PUPpy hasn't changed one bit. It ignored my explicit instructions, and installed what it dangwell pleased. If not for WinPatrol and MBAM real-time protection, my home page, my search engine would have changed, and I'd probably have a worthless registry cleaner installed.

So I uninstalled Disk Defrag (and its evil twin program - AuslogicsDriverUpdater) via Control Panel. Then I purged the Auslogics remnants (files, folders, and registry keys) found by MBAM (17) and AdwCleaner (6).

Malwarebytes was right to tag Auslogics as a PUP. I just wish I still had the installer for a version of Disk Defrag from before the time Auslogics crossed  to the dark side.

Joe,

Older versions of Auslogics Disk Defragger can be found HERE.

If I click on System Health, I get...

Registry errors = 7579

Junk Files = 3412

But I NEVER do anything about them. I like the Defragger part.

Rick

Joe,

Glad you were able to download/install a clean(er) version.    But to emphasize, my MBAM scans still had PUP objections to versions 4.4.0.0 and 4.4.1.0 --- probably "guilt-by-association" with analogous files in the newer versions.  

I am happy with my results/performance with 4.4.x, and intend to keep it... settings exclusions for any "objections" found by MBAM.

I spoke too soon. Just ran Malwarebytes and it detected the pups...

Registry Keys: 1
PUP.Optional.AuslogicsDiskDefrag, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1, Quarantined, [b78f8d5a0397082efc62c4e3d92744bc],


Folders: 2
PUP.Optional.AuslogicsDiskDefrag, C:\Users\Rick\AppData\Roaming\Auslogics\Disk Defrag, Quarantined, [163033b40397270f95d7a7004ab608f8],
PUP.Optional.AuslogicsDiskDefrag, C:\Users\Rick\AppData\Roaming\Auslogics\Disk Defrag\Reports, Quarantined, [163033b40397270f95d7a7004ab608f8],

Files: 2
PUP.Optional.AuslogicsDiskDefrag, C:\Users\Rick\AppData\Roaming\Auslogics\Disk Defrag\Reports\Disk_Defrag_Report.html, Quarantined, [163033b40397270f95d7a7004ab608f8],
PUP.Optional.AuslogicsDiskDefrag, C:\Users\Rick\AppData\Roaming\Auslogics\Disk Defrag\Reports\Disk_Defrag_Report.xml, Quarantined, [163033b40397270f95d7a7004ab608f8],

Rick

You're all too extremely paranoid, really. Just set malware bytes to ignore these warnings. 

It still flags Auslogics apps.

It's been over 5 years... and I would not expect anything to be changing at this point.

Hey Rick - thanks!

I downloaded Disk Defrag 4.4.0.0 (Released: 28 Nov 2013), which I believe is the last version that came without unwanted bundled junk