Jump to content

Search the Community

Showing results for tags 'false positive'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






  1. Dear Concerned, I'm writing to request you to remove the false positive of identifying ToTok as malware and add ToTok to the whitelist. ToTok is just a messaging and calling app which provides the stated services and does nothing malicious that would be regarded as malware. A thorough examination of ToTok on Virustotal has showed that ToTok is secure to use, for no virus has been detected by many anti-virus service providers. However, Malwarebytes has done the false detection before and removed it (screenshot attached), but the false detection happens again! This false positive result is seriously hurting our company and putting all our users’ trust at risk! We urge you to remove the false positive and add ToTok to the whitelist to cease the damage to us as soon as possible. If the case is not handled promptly, our legal team will do what we have to do to protect our lawful interests. As the false positive is reported by our user, we're unable to provide the log. We can provide a screenshot of false positive provided by our user and the APK file of our app for you to examine. Please find them in the attachment. Thank you. Best regards, Irene from Team ToTok apk file of ToTok.zip
  2. I am doing a one click install of a visual studio 2015 program and it is kicking me out. Help!!
  3. (I saw the instructions for Malwarebytes versions, 1, 2, and 3, but not 4.) Malwarebytes Premium Trial 4.1.0 free detected two files I thought were okay. In case they had become infected, I tried Virus Total on the files. There were detections (mod_ISA20_YLT.exe 4, fr08_final.zip 2), but they weren't detected by the Malwarebytes/Malwarebytes hpHosts engine. I tried Virus Total on the download URL of mod_ISA20_YLT.exe, but there were no detections. I downloaded mod_ISA20_YLT.exe from webpage https://www.scripture4all.org/download/download_ISA2.php (link URL https://www.scripture4all.org/download/dlf2.php?f=ISA20/mod_ISA20_YLT.exe) and did a comparison with fc--no differences. I ran the freshly downloaded file through Virus Total again and got similar/same results. I think the Malwarebytes detection on my PC was a false positive. (I also downloaded another file today because I clicked on the wrong link. It showed up in the 3:13PM (1513) scan report, MOD_ISA20_CLV.EXE, so it could be a false positive too.) I found https://files.scene.org/view/demos/groups/farb-rausch/fr08_final.zip with the link URL https://files.scene.org/get/demos/groups/farbrausch/fr08_final.zip . Again the file comparison of the new and old files returned no differences. I think the Malwarebytes Premium Trial 4.1.0 free detection was a false positive for this file too. VirusTotal on the URL to download this file had one detection, but again not by the Malwarebytes hpHosts engine. I put the date and time in the filenames. 202005180212-Malwarebytes-report.txt 202005191009-Malwarebytes-quickscanresults.txt 202005191513-Malwarebytes.txt 202005191011-Malwarebytes-manual-scan-results.txt
  4. The attached file is falsely identified as Malware.Generic.1403450558Malware MalwareBytes Log.txt WIP3.rar
  5. Dear Sir or Madam, I have noticed that Malwarebytes detects our software products (described bellow) as malware. As a software developer I can strongly and sincerely vouch that the files bellow don't contain any malware. I have worked on these products, and know with 100% certainty that they don't contain malware. Please either whitelist our products or tell us, in detail, why they are considered malware. We would gladly cooperate with you in order to fix this problem which is damaging to us and to our users (and, by extension, to your users, also). DriverMax installation kit from https://www.drivermax.com/soft/dmx/drivermax.exe DriverMax.exe - part of DriverMax mentioned above, false positive detection as PUP.Optional.DriverMax This is incorrect because: a. The user agreed to install DriverMax and it wasn’t deployed on the PC without his/hers knowledge b. You can deactivate it or stop using it at any time you like - and this is not something malware would allow anyone to do c. DriverMax is also listed in the Add / Remove Programs applet of the PC, allowing anyone to remove it from there as well d. The user is informed about the way DriverMax works An application should be considered "malware" only if it is installed on a user’s PC without their knowledge or with an improper description of it’s real actions. DriverMax has been available for a very long time. We have been the first to offer peer to peer driver updates, and massive development time and effort has went into it. Kind regards,Ane Mari Tache
  6. Dear Support, Our IP : we are using this IP very long time. There is No Trojans. Today we got mail from one of our customers says Malwarebytes identify this IP as Malicious Site. Please remove the IP from your IP Block List ASAP. Thanks for your Help. Patrick
  7. Just reporting a false positive block of https://www.harveynorman.com.au/ Thanks, Krusty
  8. Not sure if this is a false positive or not, it comes back with 9/68 from Virus Total, Malwarebytes identified it as Malware.Generic.4161686282. CLUBSANDISK.zip
  9. Our client with the domain algosolutions.com is currently being blocked/flagged by MalwareBytes. The previous site had malware before we took over the project and have completely rebuilt the site with a new platform on a new properly maintained server. Please remove it from your block list.
  10. Hi I work for a small developer and one of our executables is being identified by a Malwarebytes scan as containing a MachineLearning/Anomalous.95% infection. The executable is part of the installation routine for our software. Is there anyway to identify if this is a genuine infection of a false positive? Thanks Alan
  11. Hi, I am member of the team responsible for running https://www.peopleperhour.com and our users are telling us that our CloudFront domain ( dw3i9sxi97owk.cloudfront.net ) is being blocked by malwarebytes premium. This domain fronts a AWS S3 bucket where we upload "user generated content" such as profile avatar images and user portfolio items. Although we use a virus scanner, it is possible that a malicious user has uploaded malware to our CloudFront domain - we will be sure to remove anything suspicious immediately if you are aware of anything? It is in our interests this domain is clean and we certainly want to protect our users. The overwhelming majority of files will be safe so blocking the whole domain isn't necessary and makes our website ugly to malwarebytes users. we had a similar problem in the past. ref. https://forums.malwarebytes.com/topic/247879-dw3i9sxi97owkcloudfrontnet-is-a-false-positive As we were mentioned in the previous case we had, most of the files reported are only marked as malware by 1 engine, "Yandex Safebrowsing" and seem to be false positive any other file that is reported from more malware engines are already removed from our internal AV system. ref. https://www.virustotal.com/gui/domain/dw3i9sxi97owk.cloudfront.net/relations Please let me know if there is something more to do to become unblocked by your system. Regards, Stavros F.
  12. Hi support team! Hope you are doing well. I was hoping that you could remove the block on www.Baltimore.EcoMap.tech and www.EcoMap.tech. A possible client recently reported that they could not access our site due to the block (see screenshot) While I understand .tech is not a common top-level domain, we are definitely not using it for malicious purposes and it is preventing clients from accessing our site. Likewise, we create subdomains (like Baltimore.EcoMap.Tech) for all of our client sites. Will I have to submit a new False-Positive report for each subdomain, or will removing the block on the root domain do the trick? Please let me know if there are any supporting materials that I need to submit in order to have the block removed. Thank you!
  13. Please resolve False Positive Detection by desktop Malwarebytes. -Blocked Malware Details- File: 1 Adware.DLAssistant, C:\Program Files (x86)\CyberLink\Power2Go13\DiscManager.exe, Quarantined, 7519, 763135, 1.0.21148, , ame, File submitted to VirusTotal.com and they found zero hits. https://www.virustotal.com/gui/file/e9286bfd66cc38881ca615bcf89c1cd0aa7991f3542c7f41cb5ff8e3b8294b3e/detectionCyberLink Export of TXT file attached. Worked around by placing file in allow list. Malwarebyte blocked program.txt
  14. I had an old file saved from a game I wanted to create. It happens that I just installed Malwarebytes, analyzed my pendrive and detected that the .exe of the game is a threat. A virus/malware could be camouflaged there, or it's just a false positive. Since I have seen several that the same problem has happened to them. /Translator DeepL Virus Total: https://www.virustotal.com/gui/file/8b1c3bb3ed6f15e813a2a86eeea2823fcd56f9757e9dea31ddd9fc52e52cc171/detection
  15. Our site is fairly basic with a link for remote support that uses a product called remote utilities. I am assuming that the link to our remote support toll on remoteutilites.com is causing the false positive. Is there a way for us to get off the bad site list. It is causing us issues supporting our clients that either are using or want to use malwarebytes. Thanks for your help. Brad Miller
  16. Hi, The site from which Clover program can be download from http://en.ejie.me/download.html is being blocked. When trying to install this program downloaded via a different computer it gets deleted and a message is being displayed that the computer is safe now. Please investigate and confirm to whether this is a false positive or not. Symantec Endpoint protection does not classify this program as being harmful. Thanks! Negrelli
  17. I believe that "biosagentplus_616.exe IS A FALSE POSITIVE ... from the website https://biosagentplus.com/scan/download/netscape
  18. Hi, Malwarebytes has incorrectly blacklisted my work website hxxp://www.rosenberg-art.com. Can you please unblock as soon as possible, since I need to access my domain. There was a problem on the website last week, which was fixed some days ago. Screenshot attached. Thanks, Susan Rosenberg Malware Bytes Screenshot March 2020.docx
  19. Malwarebytes decided to flag my PDF writer as generic malware. How doi I get it to not flag it and not quarantine it? How should I continue to use the Cute PDF writer???
  20. Some of our customers who use Malwarebytes are receiving "Website Blocked" pop-ups when they try to visit our website, www.venturaline.com. We have checked our website on many website security services and have seen no problems. Google Transparency reports "No unsafe content found", Google Search Console reports "Security - No issues detected", Brightcloud reports "Web Reputation - Trustworthy (96 of 100)", etc. Please remove our website from showing false positives. Thank you, Ron Chattler, Ventura Promotional Products, Inc.
  21. Namita

    False Positive

    Appears Browser Guard (in this instance on Firefox) is having a False Positive on website: aaroh.info VirusTotal shows all clean: https://www.virustotal.com/gui/url/3b61664e837b385c5666601251c6d30bbb7b2b25ab274579db40df16a7d75f0d/detection As said here (https://forums.malwarebytes.com/topic/253405-extension-blocking-tld/?do=findComment&comment=1343777) : It's totally unacceptable and everyone would agree to this users statement (https://forums.malwarebytes.com/topic/252629-why-is-my-website-blocked/?do=findComment&comment=1339923): Fix this policy or it will create serious trouble for you guys soon.
  22. My website, sammonnet.com is been flagged up as a Trojan and blocked by malwarebytes. The log is as follows " Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 15/02/2020 Protection Event Time: 10:01 Log File: 23757748-4fda-11ea-9063-28d244adff74.json -Software Information- Version: Components Version: 1.0.823 Update Package Version: 1.0.19246 Licence: Trial -System Information- OS: Windows 10 (Build 18362.592) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Trojan Domain: sammonnet.com IP Address: 2606:4700:3033::6818:678e Port: 443 Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end) " Please stop my website being reported as it is not malicious. Kind regards, Jake (Lead Dev at SammonNET) jake@sammonnet.com
  23. Hi. Since very recently Visual Studio Code started throwing this error whenever I try to launch the integrated terminal: The terminal process command 'C:\Windows\system32\cmd.exe' failed to launch (exit code: {2}) For those unfamiliar, it basically opens command prompt inside of VSCode under the current project directory. I have been using this feature without a problem for years. I am using Windows 7 64 bit, and if I go to the system tray, right click on Malwarebytes and turn Ransomware protection off, it starts working again immediately, don't even need to restart VSCode. I tried to check my detection history to see if there was some log available -> Open Malwarebytes -> Detection History -> History but nothing there related to the issue. Also I just update to the latest version of Malwarebytes: - Malwarebytes version: - Update package version: 1.0.18540 - Component package version: 1.0.810
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.