Jump to content

Recommended Posts

Hi,


If something is reported as ransomware - that is worse/different from PUP right? i.e. if something was just a PUP it would not be labeled ransomware - correct? And hence a PUP questionaire would not sense?

I am asking because the only response I received after reporting ransomware false positive over email was I got emailed that I should email and request a PUP questionaire - which I have done twice without reply.

Now, the software is not PUP by Malwares own published definition list (not even close to any of the points mentioned) - but I am just wondering if a PUP questionaire at all makes sense for a ransomware false positive report... But I do not know how Malwarebytes categories things.

But with lack of any response on the matter - I am trying to assess where I should direct my focus in making sure the case is a least in queue for review. If somehow Malwarebytes is waiting for a PUP questionaire, but I never receive one... Then I can not email them one...

For reference, the case is this:

 

Link to post
Share on other sites

No.

Ransomware is a devastating form of malware and is definitively malicious.

PUP is short for 1Potentially Unwanted Program.  It is not malicious software.  It is obtrusive software.


1.  Other vendors may call it a Potentially Unwanted Application ( PUA ).

A Potentially Unwanted Modification ( PUM ) detection is based upon  modifications to the OS, such as certain modifications to the Windows Registry.  Such settings can be modified for legitimate reasons but may also be made illegitimately.  For example on an Office Computer the administrator may disable the Windows Task Manager.  However on a home computer that should not be the case thus disabling the Windows Task Manager would be unwanted.  Because of this ambiguity, disabling the Windows Task Manager will be flagged as a PUM.

 

Edited by David H. Lipman
Link to post
Share on other sites

Thank you

My thoughts exactly.

Then the Malwarebyte email responder must have been mistaken. Before I discovered I could report false positive for ransomware in the forums, I tried emailing them about the ransomware runtime detection during installation of my software.

And the response I got was I should email their pup department for a PUP questionnaire I should fill. (Which I did, but never heard back) This seemed weird to me. Thank you for clarifying this for me - I will not pursue the PUP part further then - only the false positive for ransomware.

Edited by ThomasSchulzMS
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.