COOLak

Starting from a couple of days ago I started getting this detection for the file Razer_RzNumpadApp_v2.02.00.exe, which is a component of a legitimate software from Razer to use with its devices. Everything is attached. Razer_RzNumpadApp_v2.02.00.zip mbam_report.txt

Thank you, I never noticed that I could click Next after unchecking everything. I feel embarassed now. Problem solved.

Hi guys. I would really love to have the option to whitelist files straight from this window. From time to time, Malwarebytes keeps "detecting" some cracked software that I have, and it's way too tiring to open Allow List and whitelist these elements one by one every time. I'm really tired of this. Malwarebytes performs a scheduled scan every 24 hours, and every time I have to scroll through this list to see if there's nothing new and then just close it, and then repeat it every 24 hours (because I don't want to go manually whitelist them one by one, this is torture). Can we make it possible to whitelist all elements at once from the Threat Scan results window please?

Please check this one. I must say it was obtained from an unofficial source, but I still feel that it's a false-positive. msimg32.zip msimg32.txt

The file logdiff-bin.exe suddenly being detected as malware. I believe it's part of LogDiff tool from SourceForge that lets you compare ProcMon logs. logdiff.txt logdiff-bin.zip

False-positives are common on all anti-virus products, especially some cheap ones that detected it according to Virus Total.

Since the new update of Download Master (which is my favorite download manager) came out, it keeps detecting as malware via AI. dmaster.zip dmaster.txt

Now this is something. My Steam Half-Life installer got detected as malware along with some icon. Both files are attached in the archive along with the log file. Half-Life.zip 29A816.txt

I just got this detection during my regular scheduled scan. This appears to be the uninstaller for the Microsoft Office's UBit Menu, as well as the corresponding registry key. unins000.zip ubit.txt

Sorry, here's the report log tunatic-report.txt

An old program for music identification: http://www.wildbits.com/tunatic/ Suddenly detected as RiskWare.Agent for no obvious reason. tunatic.zip

I understand, thank you. But I made this request for analytical purposes only. It's always good to exclude false positives, to improve overall detection accuracy.

It's not a stand-alone executable. It's a package that the installer drops into Windows Temp folder, and it only works as part of that installer. I just uploaded the complete installer, hope it helps. 925310744_iZotopeNectarPlusv3.3.0CE.rar

I'm not promoting piracy here, but I definitely don't support falsely marking something as a trojan just to scare people away from using pirated software. I'm not sure if that's exactly what Microsoft is doing here, but I'm also wondering if Malwarebytes actually did analyze the file... Let's discuss things without involving personal opinions on piracy or anything else.

Sorry for the trouble, but there's some additional news about this concern. I also submitted this file to Microsoft for analysis (because their antivirus also detected it as Trojan:Win32/Masson.A!rfn), and upon analysis they confirmed that it was a valid detection. A screenshot of our communication is attached. I hope you guys didn't just take my word for it and actually analyzed the file before removing it from your threat definitions? Even though I tested its behavior in a sandbox, I'm not a malware expert, and I have no idea what hidden surprises it might have. This is a part of a cracked software installer, that's why I want to make sure it's really safe.

Thank you, that helped. Case closed.

Just to clarify, it also occurs as part of real-time detection. An additional log file is attached. But the regular manual scan detection is also still in place anyway. mlwb-rt.txt

It hasn't beed fixed as of now. Tried re-launching Malwarebytes, still the same detectiono occuring.

This one is a package that an installer drops into Windows temp folder. Manual testing in a sandbox environment showed no harmful activity. Attached are a Malwarebytes Premium log file and the detected file. mlwb.txt iZotope Nectar Plus v3.3.0 CE.rar

Sorry for the delay. I don't know what's going on at this point, but the issue has disappeared the next day after I reported it. So far it hasn't reappeared. But nevertheless, I've sent you the logs.

I've just encountered the same issue with another website: https://ru.drvhub.net/ Without Malwarebytes Website Protection, it shows its real certificate. But with protection being enabled, it shows an outdated VMWare certificate and doesn't load. Also sometimes there are similar issues with many other websites. I thought that my ISP is at fault, because enabling VPN in the browser fixes the issue, but disabling Malwarebytes alone also fixes it.

Currently the issue isn't present. Please leave the topic open for some time, maybe 1-2 weeks. I'll update it if I see it again.

Done.

I didn't finish one of my sentences here. "On the next screenshot (named Screenshot 4) it shows the real PayPal certificate that is displayed when Malwarebytes Internet Protection is off". That's what I meant.

I am willing to send my log files from the above mentioned utility only via private message to the concerned staff. Thank you.