Jump to content

Search the Community

Showing results for tags 'false positive'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Hi, Our software, TMP.exe, which has been around for years is suddenly appearing as trojan.backdoor. (Earliest version was deployed Oct 2008!) Appreciate it if you could have a look asap. Richard Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.05.16.04 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 9.0.8112.16421 rgrayling :: RG_VISTA2 [administrator] 16/05/2012 15:44:31 mbam-log-2012-05-16 (15-54-40).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 293661 Time elapsed: 9 minute(s), 31 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 1 HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> No action taken. [3262745908546fc73c4890ac04009070] Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Program Files (x86)\TMP\TMP.exe (Trojan.Backdoor) -> No action taken. [7d171fae322ab97d1efa7e7107fcec14] (end) mbam-log-2012-05-16 (15-54-40).zip
  2. After troubleshooting my website to figure out why it wasn't loading on some peoples' computers, I discovered that Malwarebytes was blocking it. The site is paradoxian.com and the IP address is 174.132.104.66. My web hosting company's guess was that due to the front page of the site being a blank index page, Malwarebytes was reading it as a false positive. If this could be fixed I'd appreciate it, as I plan to use this site for my portfolio and don't want it blocked on some computers. Thank you. The log: 2012/04/27 10:29:13 -0400 SUPPORTB-PC supportb MESSAGE Starting protection 2012/04/27 10:29:15 -0400 SUPPORTB-PC supportb MESSAGE Protection started successfully 2012/04/27 10:29:18 -0400 SUPPORTB-PC supportb MESSAGE Starting IP protection 2012/04/27 10:29:20 -0400 SUPPORTB-PC supportb MESSAGE IP Protection started successfully 2012/04/27 10:30:23 -0400 SUPPORTB-PC supportb IP-BLOCK 174.132.104.66 (Type: outgoing, Port: 49172, Process: firefox.exe)
  3. Dear Sir, Madam, We get a false positive on our website 188.40.69.142 or moodle.edudelta.nl. Any idea why this is? See atttachment.
  4. Hello, I am the Postmaster for Platinum Synergy Group Inc. We are a web development company, and we also create and manage marketing, business and transactional emails for our clients. Currently, a block of our mailserver ips is giving a false-positive on Malwarebytes. These servers are used to send transactional, business materials (such as corporate newsletters) and marketing emails (to confirm-opt-in subscribers only) on behalf of our clients. 83.222.124.70 dedicatedmail35.com 83.222.124.71 dedicatedmail36.com 83.222.124.72 dedicatedmail37.com 83.222.124.73 dedicatedmail38.com 83.222.124.74 dedicatedmail39.com 83.222.124.75 dedicatedmail40.com 83.222.124.76 dedicatedmail41.com 83.222.124.79 dedicatedmail44.com Please let me know how to have these servers removed and how they may have been listed in the first place so we can avoid it in the future. If you require any additional information, please let me know. Thank you!
  5. Hello. Our users found that our domain s5o.ru is being blocked by MalwareBytes Anti-Malware. Unfortunately, previous owners of domain s5o.ru were spammers/malwarers so domain was blacklisted in some security lists. We registered it at 14.12.2011 from scratch. Please check black lists, all reports were before this date. (for example, surbl.org listed s5o.ru in mid of 2011, and it's delisted now). Now s5o.ru is short domain for CDN and static files of Sports.ru project. Sports.ru is one of the largest and most respectable Russian site about sports. Organisation has LIR state in RIPE. We will not place any malware on this domain. How can we remove domain and it's subdomains from your block list? Yours, Eugene CTO Sports.ru
  6. Hello, We have a sure false posotive block on many ips from our block at: 82.80.245.0/24 The most important is blocked at: 82.80.245.151 also blocked: 82.80.245.244, 82.80.245.1, 82.80.245.156 Please clear the C class, its routed to us. It's strongly monitored against any illegal or malware activities, and it apears to be clean. Thank you.
  7. MBAM PRO v. 1.60.1.1000 (database v2012.02.02.08) quarantined a file on 02-Feb-2012 at C:\ProgramData\games.exe that I believe is a false positive. The zipped file, as well as a log file from a Quick Scan run in developers mode, is attached. This file is a Macromedia Flash application and has been on my hard drive since 09-Mar-2011. I installed both WinRAR 4.00 and HP QuickPlay 3.7.7508 on that same date, so I suspect it was part of the HP QuickPlay installation. A previous on-demand Quick Scan two days ago (31-Jan-2012) with database v. v2012.01.31.09 did not flag games.exe as a potential threat. I also have Norton Internet Security 2011 v. 18.7.0.13 running in real-time protection mode and NIS Quick Scans have not flagged this file as a threat. My MBAM PRO real-time protection is currently disabled but I have a MBAM Quick Scan scheduled to run daily. mbam-log-2012-02-02 (18-25-07).txt Games.zip
  8. Website: http://SquarzPies.com IP: 74.208.28.106 One of our customers emailed me indicating their using your antivirus software and get the following message when trying to access our website: "Malwarebytes Anti-Malware successfully blocked access to a potentially malicious website." Can you help us uncover why our site is being blocked by your software?
  9. http://www.filehost.ro/3032696/kkrieger_beta_zip this is a 2004 revolutionary game, only 96kb, not a virus.
  10. Brand new install of Windows 7 Professional 64-bit. Latest version of Mbam with updated definitions. C:\Windows\System junction node created pointing to C:\Windows\SysWow64 for installation of older programs like Microsoft Office 2000. Mbam sees trojan exploits in c:\windows\system\explorer.exe c:\windows\system\rundll32.exe c:\windows\system\svchost.exe c:\windows\system\userinit.exe c:\windows\system\mstsc.exe c:\windows\system\msiexec.exe c:\windows\system\dllhost.exe and c:\windows\system\ctfmon.exe. Allowing Mbam to quarantine these files results in Windows failures such as Personalization throwing errors. Replacing files using sfc /scannow repairs missing files from know good copy. After reboot and another scan, Mbam once again detects the mentioned files as being trojans and exploits. These files are obviously really in the SysWoW64 folder and so the junction point is throwing Mbam off somehow.
  11. My HostGator server at 174.132.146.92 and all the sites hosted are being blocked by Malwarebytes. I had Hostgator and myself do scans and there is no malicous infections or anything. Can you please help me get the IP address OK'd and cleared from Malwarebytes blocking it? Do you need any other info from me?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.