PUM.Optional.MisplacedCertificate

Short bio

PUM.Optional.MisplacedCertificate is Malwarebytes detection name for a potentially unwanted modification that puts the Malwarebytes certificate in the Disallowed category. This disables users from using signed Malwarebytes programs.

System modifications

The following registry key was added:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\SystemCertificates\disallowed\

Certificates\C1437F2BC6F11F4806EAD857982457BF7828CE15

Remediation

Malwarebytes can modify this registry value data back to its Windows default setting without user interaction.

Also, we advise users to do a full system scan as PUM.Optional.MisplacedCertificate could have been added to the system by malware or PUP.

Add an exclusion

To have Malwarebytes for Windows ignore a PUM, you must add the PUM as an exclusion.

  1. Open Malwarebytes for Windows.
  2. Click Settings, then click the Protection tab.
  3. Scroll down to the bottom.
  4. Turn off Automatically quarantine detected malware.Turning this setting off prevents Malwarebytes for Windows from quarantining the PUM automatically.
  5. Go to the Dashboard, then click Scan Now.
  6. When the Threat Scan Results appear, uncheck the box next to the detected PUM you want to keep.
  7. Click Next.
  8. On the Remaining Items window, click Ignore Always to add the exclude the detected PUM(s).
  9. Turn on Automatically quarantine detected malware.To find this setting, click Settings > Protection.

When a PUM is excluded, Malwarebytes for Windows does not detect the PUM during scans or Real-Time Protection.

Cybersecurity info you can’t do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Select your language