Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PUP.Files - MBAM


  • Please log in to reply
13 replies to this topic

#1 robert427

robert427

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:44 PM

Posted 21 November 2015 - 09:36 AM

New Member - First Post

 

New Member's tech I.Q. fails to register using any reasonable scale of measurement; therefore, the KISS principle would be appreciated since the final S in KISS applies to me. Hey, I'm 71, I need my GPS to get home when I'm in the driveway.  I also 95% of the acronyms used I have to Google. 

 

Here's my story.

 

I downloaded Driver Update; when it was time for my Malwarebytes Anti-Malware to run it found 439 PUP.Files that it indicated were harmful to my computer; like any uninformed, fearful user of modern technology who's not going to argue with the doctor, I allowed for their removal, actually they became quarantined. I'm now out $29.00 and back to zero due to not having a Driver Update software program.

 

Query: 

 

Are the PUP.Files found in my Driver Update something that my MBAM software should have removed or do you think it was more likely to be a False Positive; a term that I just recently picked up reading through the forums? Driver Update is an approved third party provider of Microsoft; so I'm inclined to believe it is safe; but it's also possible that the site where I purchased the software became corrupted; how do you ever know?

 

Also, to support the site corruption theory, before buying Driver Update, I bought Advanced Driver Updater from Herman Street, and as I was downloading it, Webroot Anti-Virus software stopped the process and had to remove the infection from my computer. Herman Street apologized and immediately refunded my money without question.

 

I would appreciate any insights into this issue.

 

Thanks,

Robert427

 



BC AdBot (Login to Remove)

 


#2 MoxieMomma

MoxieMomma

  • Members
  • 471 posts
  • OFFLINE
  •  
  • Local time:11:44 PM

Posted 21 November 2015 - 09:54 AM

Hi:

 

Disclaimer: I am not a trained malware expert and am unfamiliar with "Driver Update" or "Driver Updater" (especially without a link to the site from which you obtained it).

And without the MBAM scan logs or other data, it's impossible to say for sure.

 

Having said that:

  • I am a bit of an MBAM "power user" and volunteer helper at their forums.
  • No, it's not likely to be a False Positive.
  • It may be very well be a PUP that came "bundled" with the Driver Updater.
  • If you are only running MBAM Free and performing occasional manual scans, you might well have accumulated a large load of PUPs and other junk.
  • More about PUPs
  • ALSO, such "driver updaters" are, at best, worthless and waste of money and, at worst, harmful (because of bundled crapware or inaccuracy).

Until someone more expert comes along, I suggest the following:

  • If you think the detections might be False Positives, I would read this PINNED TOPIC and then post the requested information in the F/P section of the MBAM Forum HERE
    • Although PUPs themselves are not dangerous, per se, I would not restore anything from MBAM quarantine until someone has had a chance to check your logs for more harmful items
  • If, as seems more likely, the detections are legit, you might want to seek a bit of free, expert help in the malware removal section here or at the MBAM forum

Cheers,

 

MM


Edited by MoxieMomma, 21 November 2015 - 09:56 AM.


#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:44 AM

Posted 21 November 2015 - 10:03 AM

There are several Driver Update software programs available from different vendors. Depending on who actually created the program and where you downloaded it from, the software could be bundled with toolbars or other software which are often detected as Potentially Unwanted Programs (PUPs).

PUP detections are Potentially Unwanted Programs. These are programs our researchers have found are sometimes added to a system without the user's knowledge or approval.

Malwarebytes: What are the 'PUP' detections, are they threats and should they be deleted?

All security scanning tools are susceptible to glitches, bugs and false positive detections from time to time, especially if the scanner uses heuristic analysis technology. Heuristics is the ability of a scanning program to detect possible new variants of malware before the vendor can get samples and update the program's definitions for detection. Heuristics uses non-specific detection methods to find new or unknown malware which allows the anti-virus to detect and stop if before doing any harm to your system. The disadvantage to using heuristics is that it is not as reliable as signature-based detection (blacklisting) and can potentially increase the chances that a non-malicious program is flagged as suspicious or infected.If that is the case, then you can restore the detection and add it to Malwarebytes' exclusion or ignore list.

If you suspect false detections, report them to Malwarebytes Anti-Malware Support > False Positives so the Research Team can investigate and make corrections if confirmed.

Be sure to read the pinned topic at the top of that forum titled Please read before reporting a false positive
.

If a vendor wishes to dispute detections of their software, they should refer to this topic and contact the Malwarebytes Legat Team.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 buddy215

buddy215

  • Moderator
  • 13,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:44 AM

Posted 21 November 2015 - 10:08 AM

I agree entirely with MoxieMomma except....you can start a new topic in the Am I Infected What Do I Do Forum here at BC.

The reason being that it is most likely other adware has been installed. No one program will find and remove all the junk that is around these days.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:44 AM

Posted 21 November 2015 - 10:08 AM

BTW...you may want to read these articles, especially the one pertaining to Driver Updaters.


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 MoxieMomma

MoxieMomma

  • Members
  • 471 posts
  • OFFLINE
  •  
  • Local time:11:44 PM

Posted 21 November 2015 - 10:12 AM

Hi:

 

I agree entirely with MoxieMomma except....you can start a new topic in the Am I Infected What Do I Do Forum here at BC.

The reason being that it is most likely other adware has been installed. No one program will find and remove all the junk that is around these days.

 

Actually, I did suggest posting (in the "MRL" section) here: :wink:

 

 

If, as seems more likely, the detections are legit, you might want to seek a bit of free, expert help in the malware removal section here

 

I guess I ought to have directed the OP to the "Am I Infected" section first?

 

Sorry about that,

 

MM



#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:44 AM

Posted 21 November 2015 - 10:15 AM

One more article worth reading which I forgot to include in the list above...Never Download a Driver-Updating Utility; They’re Worse Than Useless
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 buddy215

buddy215

  • Moderator
  • 13,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:12:44 AM

Posted 21 November 2015 - 10:31 AM

Another thought...won't cost you a thing to dispute that charge...I'm sure there have been many other victims that have disputed it after seeing

all the damage that was done by using the program and the crapola they installed.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 robert427

robert427
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:44 PM

Posted 21 November 2015 - 11:00 AM

Since I posted my issue, I have contacted Driver Update and spoke to a tech; he told me that this is a high priority and they are working to get this resolved with Malwarebytes as quickly as humanly possible. Being that my chat was first with a representative and then a tech gave greater credence to the legitimacy of the company; also, being that the company  is an approved third party seller by Microsoft; I'm more inclined to believe them.

 

I sincerely appreciate everyone's comments and for taking the time to respond to my concerns.

 

If my judgment turns out to be wrong, I will post the results on the forum.

 

Thanks again,

Robert



#10 MoxieMomma

MoxieMomma

  • Members
  • 471 posts
  • OFFLINE
  •  
  • Local time:11:44 PM

Posted 21 November 2015 - 11:16 AM

Hi:

 

Well, it's certainly up to you.

I wouldn't want any of that junk on my computers.

And, as @buddy215 advised, there may well be more than "just" PUPs.

 

You might want to reconsider, including reading some of the excellent resources @qm7 provided.

 

But, again, it's up to you. :)

 

Cheers,

 

P.S. For the record, a PUP "dispute" at MBAM can take weeks or longer, as it is a complex process.

It would be much faster to seek a bit of expert help here in the MRL forum or a similar computer disinfection venue.

It will only cost you a bit of your time.

 



#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:44 AM

Posted 21 November 2015 - 11:26 AM

.... being that the company is an approved third party seller by Microsoft...

Where is that information written? I can find no such association between Driver Update and Microsoft.

I am familiar with Microsoft Partner - Registered, Certified and Certified Gold. Being a Microsoft Partner does not actually mean Microsoft approves the use of their software.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 robert427

robert427
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:44 PM

Posted 21 November 2015 - 03:15 PM

It states right on the website that they are a Gold Microsoft Partner.

 

Here's the link: http://www.driverupdate.net/articles/download_theme/windows-7-driver-downloads.php?p2=%5ESW2%5Exdm056&gclid=CObRrIiposkCFQqpaQod7LgA2A

 

By the way, I want to thank you for your input it's been most helpful; this is a great site with a lot of very nice people,

.... being that the company is an approved third party seller by Microsoft...

Where is that information written? I can find no such association between Driver Update and Microsoft.

I am familiar with Microsoft Partner - Registered, Certified and Certified Gold. Being a Microsoft Partner does not actually mean Microsoft approves the use of their software.

 



#13 robert427

robert427
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:44 PM

Posted 21 November 2015 - 03:27 PM

Update:

 

After reinstalling Driver Update I took a closer look at the product; it states that the last time the software was updated was January of 2010.

 

Based on this new information I wrote them an email requesting a refund.

 

I was told by the tech that I spoke to that fixing this issue with Malwarebytes was a high priority; I'm finding that hard to believe. 

 

I want to thank everyone who has responded to my problem; you guys are really great - I couldn't be happier that I found this site.



#14 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:44 AM

Posted 21 November 2015 - 06:09 PM

As I said being a Microsoft Partner does not actually mean Microsoft approves the use of their software. As such the logo can be misleading to some extent. Read the fine print at the bottom of the SlimWare Utilities web page....

....Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Any other third party products, brands or trademarks listed above are the sole property of their respective owner. No affiliation or endorsement is intended or implied.

Folks come to Bleeping Computer for advice, recommendations and other assistance. We provide that based on our knowledge, experience and expertise so they can make an informed decision. In this case my goal was to help you (and others reading this topic) understand what it means to be a Microsoft Partner.

Anyway, you're welcome on behalf of the Bleeping Computer community.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users