Potentially Unwanted Modifications detections in Malwarebytes Endpoint Protection

Document created by jgolomb Employee on Dec 26, 2018Last modified by jyamada on Jan 23, 2019
Version 2Show Document
  • View in full screen mode

Potentially unwanted modifications are registry settings which may be either:

  • The result of adware and browser hijackers changing Windows Explorer, Browser or other settings
  • Settings your company has made by Group Policy Object (GPO)

A comprehensive list of PUMs with their descriptions is here: https://blog.malwarebytes.com/detection/pum/  


Note: Our exclusions can be wild-carded for multiple user's security identifiers e.g. HCU\*\Software.

A list of common exclusions is here - Group Policy registry keys detected as PUMs in Endpoint Protection 


Microsoft publish a full list of GPO registry settings, which is downloadable as a spreadsheet.


These spreadsheets list the policy settings for computer and user configurations that are included in the Administrative template files delivered with the Windows operating systems specified. You can configure these policy settings when you edit Group Policy Objects: Download Group Policy Settings Reference for Windows and Windows Server from Official Microsoft Download Center