Jump to content

Search the Community

Showing results for tags 'false positive'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






  1. The Minecraft launcher and shortcut files are classified as malware by malwarebytes. I am suspicious that this is a false positive as the file has not been updated, and has not been detected in the past. See logs below: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 8/19/20 Scan Time: 9:30 PM Log File: 66bfd7f6-e20f-11ea-a916-6c2b5977f5e7.json -Software Information- Version: Components Version: 1.0.1003 Update Package Version: 1.0.28715 License: Premium -System Information- OS: Windows 10 (Build 18362.959) CPU: x64 File System: NTFS User: DESKTOP-DDCQ9ST\maxt8 -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 364934 Threats Detected: 3 Threats Quarantined: 0 Time Elapsed: 6 min, 37 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 3 Malware.AI.4289595226, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\Minecraft Launcher.lnk, No Action By User, 1000000, 0, , , , , A26E109E175AE246660A946EB03C179B, 603F2B35D6A97520727CAAD0EB390C7DE6A122A430F9B36B1A69010D117BEBCD Malware.AI.4289595226, C:\USERS\PUBLIC\Desktop\Minecraft Launcher.lnk, No Action By User, 1000000, 0, , , , , A26E109E175AE246660A946EB03C179B, 603F2B35D6A97520727CAAD0EB390C7DE6A122A430F9B36B1A69010D117BEBCD Malware.AI.4289595226, C:\PROGRAM FILES (X86)\MINECRAFT LAUNCHER\MINECRAFTLAUNCHER.EXE, No Action By User, 1000000, 0, 1.0.28715, 6FDC65347CCD00E2FFAE075A, dds, 00858853, 49DEDAE3837705AB9AE041B00914DBA5, D9CDCF6FAE6BD3DDC5C8A61B4453A75F5516B71E518EE3E410FA8DF591940E70 Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  2. For some reason, this file is now being detected as Malware though it has never been before. Could you please take a look at the attached and validate for us that this is a false positive? Thanks Data..zip
  3. OpenSource Python_IDM_2020.6.27 Internet Download Manager (PyIDM.exe) has been flagged as ransomware! https://github.com/pyIDM/PyIDM
  4. I was playing on a minecraft server hosted by someone I know and trust when MBAM closed the game and said javaw.exe was a ransomware. clear false positive False positive.txt
  5. ShaSal

    Trojan blocked.

    Website being blocked https://ecgcorp.net/ We did 3 scan but did not find anything? https://www.virustotal.com/gui/url/fc6a2b7ab05ef991c731314993a5c1ec5ed28c1b17efd1cab9f998662e892ca3/detection https://transparencyreport.google.com/safe-browsing/search?url=ecgcorp.net&hl=en https://sitecheck.sucuri.net/results/https/www.ecgcorp.net
  6. Hello Malwarebytes team Sorry I'm not good at English My website is: https://daominhha.com/ My customer reported that they were blocked by Malwarebytes from accessing my site. I would like to confirm that my website is completely clean and has not read or deceived anyone. My passengers can testify to this. I successfully appealed on kaspersky, Phishtank, Avast, ... So this is definitely a misunderstanding I hope the Malwarebytes team reviews and brings my website back to normal as this is seriously affecting our reputation. Sincerely thank !
  7. Hello. It appears that malwarebytes browser guard detects turbolab.it (only when you visit its forum) due to "reputation" It is an italian site with a forum about computers (Windows 10 / Android /Linux), it doesn't host any file. I'm not the site owner, I'm just a member ( a voluntary moderator to be exact). Can you please check then delist it? Thank you in advance. Cheers see also https://sitecheck.sucuri.net/results/https/turbolab.it https://unmask.sucuri.net/security-report/?page=https%3A//turbolab.it/ https://www.urlvoid.com/scan/turbolab.it/
  8. A user reported this issue to us. These files in the log are identified as malware but are in fact harmless. The code is published for anyone to review on Github. I don't have the ability to generate log files myself. -Log Details-Protection Event Date: 7/30/20Protection Event Time: 1:33 PMLog File: 85a5e960-d258-11ea-89d1-00051bab1e7d.json-Software Information-Version: Version: 1.0.979Update Package Version: 1.0.27687License: Premium-System Information-OS: Windows 10 (Build 18362.959)CPU: x64File System: NTFSUser: System-Exploit Details-File: 0(No malicious items detected)Exploit: 1Malware.Exploit.Agent.Generic, , Blocked, 0, 392684, 0.0.0-Exploit Data-Affected Application: Microsoft Office ExcelProtection Layer: Malicious Memory ProtectionProtection Technique: Exploit code executing from Heap memory blockedFile Name:URL: https://github.com/finboxi/finboxio/xlam/releases/download/v1.7.0/finbox.install.xlam(end)
  9. Hi My business website is blocked inacorrect. Website address www.rangtech.com. attached is the screenshot for your reference. It is being blocked by eero secure who are using Malwarebytes at back-end. Request you remove this as soon as possible.
  10. Hello, I am developing a website in MySQL, php, javascript ... so I am running a database on a local host. Malwarebytes suddenly detected the WampServer as malware. So, I uninstalled it. I tried to reinstall it from the local PC exe and tried to download it again from the wampserver website (https://www.wampserver.com/) and Malwarebytes always accuses malware. The wampserver had no updates. Is it a false positive? After 3 days, support did not respond. Report.txt
  11. Hello, Several of my websites were reported as being blocked by your software. The domains are as follows. https://www.n8solutions.host https://am.n8solutions.biz https://www.n8solutions.us https://www.n8solutions.net https://www.n8solutions.com I’m asking for you to please whitelist these domain names as soon as possible. I may lose a potential client because your software is blocking a legitimate website!
  12. Hi there, I work at Render (https://render.com), and we're a modern cloud provider. We provide our users with subdomains like my-site.onrender.com. We've recently had a few phishing sites hosted on Render that have all been shut down now, but Malwarebytes is still blocking all onrender.com subdomains. onrender.com is on the public suffix list maintained by Mozilla: https://publicsuffix.org/ This has caused a major outage for our platform and users who have customers using Malwarebytes. Please unblock onrender.com and render.com immediately. I"m happy to provide more details if needed.
  13. Hello, This website is being blocked and has no trojans/viruses/issues at all, can you please review: https://lapolicegear.com/ Thank you!
  14. Hello, One of our clients notified us of our executable cintooconnect.exe being wrongly flagged as a malware. He is using the version Malwarebytes Premium 4.1.0. This is particularly inconvenient as you can imagine. Could you please update your database and remove this false positive ? Best regards, Cintoo https://cintoo.com
  15. Please review and remove from your blacklist https://www.dropbox.com/s/jw5sbxk2uizbn50/107828716_10213058318971102_1053541541273182266_o.jpg?dl=0 http://transformationacademy.com
  16. The website htxxs://www.wallstreetreporter.com/ Leads to a trusted site that one of my clients needs access to for their investors. It is an urgent issue for them. Thank you
  17. Hi, I'm using 1Clipboard (http://1clipboard.io/) for many years now and not ever before it was stated as Malware. I did a full scan once a month and now the software says it's Mallware based on the file SQUIRREL.EXE that could be found in my case the locations \AppData\local\1clipboard\app-0.1.7 or \AppData\local\1clipboard\app-0.1.8. But also the file UPDATE.EXE is marked as Mallware and residing in \AppData\local\1clipboard\ and even the .lnk file on my Desktop is mentioned Malware. Be cause it's found to be Malware by AI i think it's maybe a false positive, please assist me on telling me if I'm wrong or not?!
  18. I am using this programm for years now and it's recently detected as malware. I fully trust this programm so I report it as false positive. I think it is an updater for the programm itself. -Kynatush lunar client.txt LUNAR CLIENT V2.1.2.EXE.zip
  19. MWB is reporting that FSViewer.exe is malware. This is the program file for FastStone Image Viewer, which I have used for several years without incident, and I have not updated it recently. I believe this may be a false positive, but will leave it in quarantine until I hear from you that it's OK.
  20. This site passes all other site scanners including googles site checker. However malwarebytes blocks it as having a trojan. Domain name themidnightwriter.org Thank you for looking into this.
  21. Malwarebytes recently reported a false positive for ransomware on the Bookmark library management system for schools, used by over 2,000 schools in Australia. It even did this on my home PC. The false positive is for all exe files. I am the system developer. I wrote and compiled these myself. They have been recompiled just this morning. The false positive is likely related to PureLocker, which uses the same cross-platform programming language, PureBasic. These false positives were a huge problem last year when the ransomware appeared but have mostly been whitelisted by anti-virus companies. I just submitted a zip file containing the 32-bit exe's to Virus total. https://www.virustotal.com/gui/file/7a08003103600c6b3493225cf15238371c4f9176674764f64efe3d7a81ff2d97/detection 16 out of 64, a clear false positive result. I have also recompiled the main exe's as 64-bit programs. https://www.virustotal.com/gui/file/8f0270cf9e8afdbbd2e48e27a91b223c187797fa8416c5cf958fe09f3ed0d1b8/detection 3 out of 65 this time. Can these files please be whitelisted? Bookmark.zip
  22. Hello, Following complaints that we receive from our customers, we would like to report a false positive on our download link (cdn.filehorsevpn.com). Please find attached screenshots of the block and the log. Kindly review it and remove the false detection. Thank you MB logs fhvpn (1).txt
  23. Malwarebytes detected hmpalert.exe as malware listed as trojan.dridex. Service has been running on servers, and desktops for months as part of Sophos Intercept X Advanced. Verified detected file has same version, hash, signature. Saw older tickets where same service triggered false positives in 2016. Support said it was resolved but does not appear to be.
  24. False positive, has been checked manually with Microsoft as well, no malicious code in program. Please check it. HackTrapLogCollector.7z
  25. This website was made by YouTuber Enderman who actually tests malware, lmao I know for a FACT that this website isn't dangerous since it's from a YouTuber that I watch and nothing happens whenever I whitelist it.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.