This detection is for potentially unwanted modifications (PUMs) in the Windows registry where specific file types and processes are excluded for scanning by Windows Defender and Microsoft Security Essentials. Such changes may have been set by malware to avoid detection.
Suspect registry values are created under the following keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\
Exclusions\Processes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\
Exclusions\Extensions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Antimalware\
Exclusions\Processes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Antimalware\
Exclusions\Extensions
Malwarebytes can change the value data to 0
so the exclusions will be inactive, without user interaction.
Also, we advise users to do a full system scan as PUM.Optional.MSExclusion could have been added to the system by malware or a PUP.
When a Potentially Unwanted Modification (PUM) is detected on your computer, Malwarebytes for Windows does not know whether it was authorized. Optimization software, malware, and Potentially Unwanted Programs (PUPs) are known to make these types of changes, hence they are regarded as potentially unwanted by design. To have Malwarebytes for Windows ignore a PUM, you must add the PUM to the Allow list. Here’s how to do it.
Select your language