Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 20087 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

FALSE POSITIVE DETECTION

vikimaxx

Hello,

Our program has been flagged as a PUP by Sophos virus guard. Upon false positive analysis we were informed that Sophos categorized it as a PUP/PUA due to the fact that it is bundled and also claims that it captures user history and browser data.

First of all , we would like to say that we do not capture user data except for SERP information. Also our EULA doesn't hint at anything related to it.

Secondly, this application comes as bundled as well but it will be installed with user's acknowledgement and acceptance. Programs like Yandex that is bundled and free are not flagged as PUP/PUA by Sophos.

We require proof from Sophos why only ours is flagged as PUP/PUA, also we require proof for the categorization of PUP/PUA in the first place. 

:57357


This thread was automatically locked due to age.
Parents
  • 0

    I don't know what your application is and what it does, but you need to realise what "potentially" means.  Anyone who has this feature enabled in Sophos products will also have it configured to either alert only, or allow programs that they want to use.  Bear in mind the classification also says 'potentially unwanted', not 'potentially malicious'.  As an example, Steam may be a great program used by a lot of people (myself included, at home), but I still don't want it on my network.

    Edited to add: Okay, I've just Googled your product, and while it may have some legitimate use, the fact that the first page of results is full of removal instructions isn't very convincing :smileyindifferent:   However, the point still stands that I would not want this program on my network, so while I appreciate that other people will, in this case 'potentially unwanted' still applies.

    :57426
Reply
  • 0

    I don't know what your application is and what it does, but you need to realise what "potentially" means.  Anyone who has this feature enabled in Sophos products will also have it configured to either alert only, or allow programs that they want to use.  Bear in mind the classification also says 'potentially unwanted', not 'potentially malicious'.  As an example, Steam may be a great program used by a lot of people (myself included, at home), but I still don't want it on my network.

    Edited to add: Okay, I've just Googled your product, and while it may have some legitimate use, the fact that the first page of results is full of removal instructions isn't very convincing :smileyindifferent:   However, the point still stands that I would not want this program on my network, so while I appreciate that other people will, in this case 'potentially unwanted' still applies.

    :57426
Children
No Data