Jump to content

Search the Community

Showing results for tags 'false positive'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






  1. I currently just finished writing a chatting program that uses windows sockets. Only after I just finished it gets detected. I am pretty sure that there is nothing malicious about it. I also did check and reverted to older versions of it but they all get detected now. I read up on these and it does nothing mentioned Link Here is a virus total scan and it seems that it's juss malwarebytes and some other ant-virus that pics it up Virus Total pSimpleChat.rar
  2. Since 2/20/17, scans have been detecting signs of PUP.Optional.Yontoo.ChrPRST which I believe to be a false positive. The scan I performed 24 hours prior did not show this detection and nothing of consequence was installed during that period that I can recall. When I quarantine the affected items, my Windows profile is significantly affected; therefore, I restored all quarantined items for the time being. I would appreciate it if someone can confirm this suspected false positive and make the appropriate adjustments to the signature files. Thanks. MBAM Yontoo FP.zip
  3. i'm building this website for my client. WP webstie hosted by WPengine with SSL/HTTPS and Cloudfare. (same configure like my other websites) my client uses Malwarebytes and notified me the site is blocked by Malwarebytes (IP,port 60107, types Outbound, cloudfare IP) i need to disabled the cloudfare temporarily in order to bypass this problem. please unblock my site asap. thanks for help
  4. Clients of ours receiving false positive about our website. Please unblock. Website operates from multiple IPs all within our address space.
  5. Hello MalwareBytes Support - I would like to report a false positive detection for our websites - www.akick.com, www.akick.in, www.akick.co.uk, www.akick.co.nz and www.akick.co which do not have any malicious code or activity. I've included the relevant information in the bulleted list below. IP address: See Attached Screenshot for your reference Blocked websites - www.akick.com, www.akick.in, www.akick.co.uk, www.akick.co.nz, www.akick.co Please let me know if you need any further information from our side to remove the false positive detection.
  6. Hello MalwareBytes Support - I would like to report a false positive detection for one of our websites - mycleanpc.com which does not have any malicious code or activity. I've included the relevant information in the bulleted list below. IP address: Excerpt of the protection log: See Attached Screenshot Hostname/URL: hxxps://www.mycleanpc.com (Please note: I replaced https with hxxps as instructed) Please let me know if you need any further information from our side to remove the false positive. Thanks, Jordan
  7. Reporting a false positive for the website https://teknik.io/ IP Address: Protection Log: https://paste.teknik.io/Raw/QJvA5 Hostname: mail.teknik.io
  8. Hi, First why i had not been notifed that new version is available and if i can upgrade simply download new version?? Second detected empty folders as malware....(screen) Third - when i want open program from taskbar then must wait cca 15 - 20 seconds while open main gui..
  9. Hi, I work for a link shortening service called Geniuslink (https://www.geni.us) which provides our clients with the ability to create shortened links that automatically send their customers to the best destination to purchase their products or view their content. Our site is only used to shorten and add custom rules to links, and we strictly monitor the links that are built to ensure that no one is using the service to create spam links. After a few customers reported that we were being flagged as a malicious site, we submitted a post requesting that our site be removed from the Malwarebytes blacklist. We talked with Zynthesist, as well as a member of the support team via (corporate-support@malwarebytes.org), and were told that our domain would be added to the whitelist. However, another one of our clients reached out to us today saying that they: We really don't want our customers to think that there's anything to be concerned about while using our service, so is there anyway to verify that we have been successfully removed from the blacklist? Thank you for you assistance, we'd appreciate getting this taken care of as soon as possible.
  10. Hello, we manage a VPS with Hostgator datacenter and unfortunately our IP are being blocked. Not only we can't access any site hosted in the VPS we also can't access the FTP too, as it shows in the screenshot with the blocking popup message. We can't afford to have the IP blocked because we provide hosting services to our clients. Please review the block. Thank you in advance.
  11. Good day, I have noticed that there is a false positive on one of my sites, url http://game-servers.top, IP: I have uploaded the screenshot of the notification as well, I have multiple sites hosted on the IP that do not give an issue, so I assume its the domain that is triggering the false positive. Once I try to go to the site, its bocked completely. Adding an exception for the domain makes the site work again.
  12. I have had several complaints that our program RegServe has been flagged by MalwareBytes. I do not personally have MalwareBytes installed to run a scan but I did run the program through Virus Total and it has been flagged there. What can I do to have this miss classification removed? The program can be installed here:http://www.xionix.com/products/regserve/download.php Thank you, Jennifer Christensen Xionix
  13. Hello, we (www.magix.com/us/company/magix-portals/) are hosting tens of thousands of websites using the single IP for our partner Xara (www.xara-online.com/us/). We are now getting reports of innocent websites being blocked. We take reports seriously and remove content but unfortunately some of our users seemed to have triggered a block. Websites are accessible either using a custom domain or a subdomain of xara.hosting. After some tests it seems, only *.xara.hosting is blocked. Using a custom domain still works. Some examples: gwpriester.xara.hosting/buttons/index.htm (Malwarebytes more.png) testfirma.xara.hosting (malwareBytes_testFirma.jpg) kbvuhk.xara.hosting (malwareBytes_kbvuhk.jpg) xaraxone.xara.hosting/pro365/website-design.html nacooke.xara.hosting/meltonoakhamww/ not blocked: www.taksiplot.com Could you please increase the blocking domain level and block specific subdomains of xara.hosting instead of the whole domain. Thank you. If you have any further questions send me an email, please. -David Schmidt Magix Software GmbH Berlin, Germany
  14. Hello. We are an app developer that have an Android app on Google Play. Recently our users are letting us know that malwarebytes has been flagging our app for PUP.Hacktool.Meta.ic The last update of the app was in October, but the warnings only started to appear within the past couple of days. Could you please work with us on either whitelisting the app or determining what the issues is and how it can be corrected? The app in question is https://play.google.com/store/apps/details?id=com.icenta.sudoku.ui
  15. There was issue with earlier this week that I resolved. There was a 'mixed content' problem http/https and that problem is now resolved because the entire site is now served with https. Can you please re-scan and whitelist the list so that users of the site (who are Malwarebytes users) can access the content again? Thanks
  16. Muy buenos días a todos/as. Soy el administrador del website e-commerce de la empresa Rerda S.A. de Argentina (Mendoza) www.rerda.com Hace un mes aproximadamente fue hackeado. Pero hace un par de semanas fue eliminado ese sitio web viejo y reemplazado por uno nuevo que lo estamos desarrollando. Ahora está limpio, sano, más seguro. Personalmente solicité uno a uno a las empresas de antivirus que eliminen el Falso Positivo de sus bases de datos. Solo falta esta, aparece en esta lista negra de "Malwarebytes hpHosts". Hice unas solicitudes pero hasta ahora sin éxito. Les pido a todos, que eliminen ese Falso Positivo. Muchas gracias
  17. Malwarebytes would not allow me to access the website www.icete.etdi.org
  18. Hi. please remove this IP from your blocked list. TY. FYI from Virustotal URL: http://www.hatchkit.com.au/ Detection ratio: 0 / 68 Analysis date: 2017-01-14 00:39:19 UTC ( 0 minutes ago ) other sites affected are www.cadro.com.au www.transpost.com.au Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 1/14/17 Protection Event Time: 8:09 AM Logfile: Administrator: Yes -Software Information- Version: Components Version: Update Package Version: License: Trial -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Domain: www.hatchkit.com.au IP Address: Port: [63498] Type: Outbound File: C:\Program Files (x86)\Internet Explorer\iexplore.exe (end)
  19. please remove the block for http://forum.tntvillage.scambioetico.org/. I tried to add this url to the exclusion, but it's still blocked. I tried to open the source page and add all the website I've found in the HTML but that site is stil blocked. thanks.
  20. I use Clover for Windows, and recently (past 2 days), MBAM has been blocking connections to ejie.me, the website that hosts Clover and also that Clover talks to (for updates, I suppose, even though it hasn't been updated in quite some time). I've checked via scanner.pcrisk.com (I do not know its reliability) and it appears clean still.
  21. The package for WebSocket4Net (component of Microsoft Visual Studio 2017 RC Refresh) is falsely detected as PUP.Optional.CrossRider. See attached log and sample. WebSocket4Net(0.9).Binaries.zip mbam-scan.txt
  22. Hello, Today, I got two unexpected PUP warnings while I used MBAM 1.2.5 for Mac to scan my hard drive. Warning #1 refers to a Mac app called 7zX. I use 7zX since early 2013 and believe it to be completely harmless. According to VirusTotal, both the executable and the whole installation image are probably harmless. The warning I saw today in MBAM did not come up before October 2016. The first time it came up for me was with MBAM 1.2.5 for Mac and a v151 signature file. I just went back to 1.2.4 (but still with v151 signatures) to double-check; it gave me the same warning. Warning #2 refers, interestingly, to the configuration file (property list) of the 7zX app. There is sufficient evidence for both PUP warnings to be likely false positives. What would be the best course of action for me to prevent either warning from coming up in the future? Thanks and kind regards, Claudia log.txt 7zX.app.zip Library_Preferences_com_sixtyfive_7zX_plist.zip
  23. Hey! We've removed the cc swiper from multifitblades[.]com Please remove the website from blacklist, thanks!
  24. The domain http://ec1investments.co.uk/ is being marked as Malicious but I'm unsure why as all other scans have come back as safe - can you please have a look? Kindest regards, Pete
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.