Enable Adware Protection on Your Windows Machine with a Simple Hack

It was merely a week ago when Microsoft announced a new opt-in feature on Windows to keep unnecessary and potentially harmful adware — often found in installers –at bay. Although the public reveal by Microsoft insisted that the feature is only available for enterprise users, a simple tweak proves that millions of home- and end-users can also gain the much-needed adware protection.

They’re called PUAs or potentially unwanted applications. Those who try new software or update existing software frequently through installers are likely to be aware of “friendly” toolbars, search-engines and other features bundled into package installers. These small add-ons almost always bring advertising revenue to the developer of the software you’re installing. Adware, to sum it up.

A classic PUA

Most times, they’re a mere annoyance. An extra toolbar that takes up unnecessary screen real-estate while you’re browsing or an intrusive search engine that replaces your original. However, adware can also turn into malware when they pose a system and security risk. For instance, banner advertisements in Flash could eat into system resources. Clicking on untrustworthy advertisements could also lead to the installation of malware on a machine.

To curb the threat of such PUAs, Microsoft published a blog post noting a new security feature that is available to all enterprise users. The Redmond giant explained the need for such long-overdue protection by stating:

These applications can increase the risk of your network being infected with malware, cause malware infections to be harder to identify among the noise, and can waste helpdesk, IT, and user time cleaning up the applications.

Bemusingly, Microsoft deemed it prudent to bestow the protection for enterprise user only, instead of the hundreds of millions of everyday home-users who are more vulnerable to adware and adware-related malware.

“The Potentially Unwanted Application protection feature is available only for enterprise customers.  If you are already one of Microsoft’s existing enterprise customers, you need to opt-in to enable and use PUA protection,” Microsoft said.

Thankfully, Martin Brinkmann of Ghacks.net has had a look at the feature to reveal that it can be implemented among the Home and Pro versions of Windows too.

Default Adware Protection on your Windows

As revealed by Ghacks, Microsoft’s new ‘Enterprise exclusive’ security feature is, with irony, unsecured. Quite simply, end-users at home and businesses can still make use of the feature that Microsoft claimed was “available only for enterprise users.”

To keep things simple, Microsoft integrated PUA’s virus definition updates into the default OS security program – Windows Defender.

If you are running a Windows machine with Windows 10 Home or Windows 10 Pro, you can enable the feature by simply adding a registry key into the system. Here’s how that goes:


  1. Hit the Windows-key to type regedit before hitting enter.
  2. Click Yes if you receive a User Account Control prompt.
  3. Navigate to the Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender
  4. Right click on Windows Defender (the folder) and choose New > Key.
  5. Name that new key MpEngine.
  6. Now, right-click on MpEngine and choose New > Dword (32-bit) Value.
  7. Name this Dword MpEnablePus
  8. Scan to your right and double-click on MpEnablePus to enter the value 1. This enables the feature.
  9. Restart your Windows PC.

A test conducted by Ghacks revealed the feature to quarantine any potentially harmful or unwanted programs. A few pointers here:

  • You can allow these auto-quarantined programs by launching Windows Defender and choosing History to select “allow item” under the list of “quarantined items.”
  • The PUA protection feature might block the complete installation of the very software in its entirety if it detects any PUAs.
  • To disable the feature, simply navigate back to the registry thread and change the Dword value to 0, instead of 1. You can also delete the MpEnablePus folder entirely if you choose to forego the feature.

A quick scan by Windows Defender caught a common service called OpenCandy, often used to distribute PUAs on target systems during the installation of software.

Ghacks screenshot
Credit: Ghacks

The simple hack is courtesy of Ghacks.

Featured image from Shutterstock. Additional images from Ghacks and KMPlayer.

Samburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.