Jump to content
RubbeR DuckY

New Criteria for Detecting Potentially Unwanted Products (PUPs)

Recommended Posts

Since the changes aren't highlighted, is it possible to tell us what was added/removed/edited?

Share this post


Link to post

Hi @Aura, according to our researchers, we're being more aggressive now i.e. Reg cleaners, optimizers, etc.

The biggest change is this criteria we use: "predominantly negative feedback or ratings from the user community"

https://www.malwarebytes.com/pup/

-Cecile

Share this post


Link to post

Guessed as much, thanks Cecile! :) 

Share this post


Link to post

Nothing to do with Competition @PaidCustomer - the item targeted that upset you is not in competition with any product in the security field period, certainly nothing we have like it. Yes, true that there will be some users such as yourself that find they have different ideas on what is PUP and what is not. As was recommended to you in another topic one can easily set PUP and PUM to Ignore, Warn, or as a Threat. However, for every one person that does not like that feature, there will be thousands that do. Why do you think tools like AdwCleaner get 200 million downloads? Because people, in general, despise these type of tools and add-ons and in many cases did not even know they were installed because some other piece of software silently installed it trying to make a few dollars on the side by being sneaky.

Thank you for your input, though.

 

ignore_pup_pum.jpg

 

Share this post


Link to post

Personally, I applaud the new more aggressive approach to PUPs and PUMs.

Keep up the good work, Malwarebytes.

Have a great day.

Regards,
-Phil

Share this post


Link to post

I also applaud the new more aggressive approach to PUPs and PUMs.

If for what ever reason one want such items on their computer, well go for it.

I personally don't want the garbage on my computers.

Jack

Share this post


Link to post

Thanks for the kind words of encouragement, I'm glad that you appreciate our new stance on PUPs.  For the longest time we got almost constant complaints that Malwarebytes wasn't detecting/removing X where X was some software/add-on which didn't quite check enough boxes to be considered PUP under our old policy.  Getting so much feedback from our users, most of whom wanted us to be far more aggressive with regards to our definition of what is PUP caused us to reevaluate how we categorized items as PUP and determined that, since the very definition of PUP is "Potentially Unwanted Program", that the opinions that mattered most were those of our users and customers, not necessarily some specific set of criteria that we were using to define what was and was not PUP.  So we listened to our users/customers and changed how we do things to be even more aggressive (at the time we were already one of the most aggressive anti-PUP security vendors in the entire industry) against what our community of users and individuals across the web as a whole consider to be PUP and started using these user opinions to determine what should and should not be classified as PUP since they (i.e. you and users like you) often know what software you do (and especially do not) want on your computers better than any independent team of researchers ever could.  So the voice of the users more than anything else is what guides us now with regards to the PUP classification.

Share this post


Link to post
On 4/3/2017 at 1:02 PM, DragonFireDon said:

Is Advanced SystemCare really bad?

I don't think it's necessarily "bad", but I don't think any PUP is necessarily bad either.  The reason we detect anything as PUP has more to do with whether users find the software desirable and worth having installed, especially if a piece of software comes bundled with other software and/or uses aggressive/borderline deceptive advertising tactics etc.  There are many reasons for classifying something as PUP, but if we see something as truly "bad" (or "mal" taken from the Latin "malus") then we would detect it instead as malware (the "mal" in the word "malware" stands for "malicious" and the "ware" stands for software thus the meaning of the word "malware" is "malicious software") but in this case, as with all PUPs, we simply classify it as potentially unwanted due to the criteria we use to define what is and is not PUP.  These kinds of detections are optional and it is up to the user to decide if they wish to have us flag/remove items detected as PUP (there's a drop-down menu under settings where the user may select how Malwarebytes treats PUPs; an option not provided for actual malware since PUPs aren't really a malicious threat, just a potential annoyance and/or may be undesirable to the user).  If we believed that Advanced SystemCare or any other software was actually "bad" then we'd flag it as malware rather than just PUP.  I do not know for certain as I'm not a member of the Research team, but I do believe a big part of the reason ASC and tools like it are flagged as PUP is due to some of the functions it provides and claims that it makes, especially with regards to registry cleaning and system optimization (I do not know about ASC specifically, but many such "optimizing" programs out there are little more than snakeoil which make false claims about improving system performance and can sometimes even damage an operating system and/or other installed software if the wrong registry keys/data/values are removed) and possibly also due to some of the advertising tactics observed for this software (fake "download" buttons on download pages for other software and such) but that's just based on my limited knowledge of the product/situation.  Again, I'm not on the Research team so I don't know all of the exact reasons for this specific PUP classification but it does make sense to me based on other software we detect as PUP and my personal observations of ASC and how it's advertised online.

The wording that we use for the PUP classification is very specific and was chosen for a reason.  We call such detections Potentially Unwanted Programs meaning that potentially (i.e. possibly) the user may find the software undesirable and/or may have gotten the software installed on their system unintentionally (as is the case with PUPs which get bundled into the installers for other software along with bundled installers themselves, which we also detect as PUPs) so we detect it to allow the user to remove it if that was the case and if the user does not wish to have that software installed.  Of course, if the user intentionally installed ASC or any other software that we classify as PUP and they do not wish for the software to be detected/removed, all they need to do is add exclusions for the software so that Malwarebytes will no longer detect it.  And of course the user may always change how Malwarebytes handles PUPs in general via the setting I mentioned before.  They can have PUPs completely ignored or simply have Malwarebytes ask and not automatically remove or select for removal any PUP detections so that the user may decide what to have Malwarebytes do whenever anything is detected as PUP rather than having it be automatically removed/selected for removal by Malwarebytes as actual malware threats are.

I hope that helps clear things up.

Edited by exile360

Share this post


Link to post
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.