Jump to content

Search the Community

Showing results for tags 'False Positive'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Part of our secure agent is being quarantained by your antivirus. after investigation we concluded that this is in fact a false positive. please contact us so we can send the file and other details. this information is confidential and cannot be posted on a forum due to contractual obligations.
  2. Hi I've been informed by several people that both of my websites have been flagged as unsafe in the last day or so. The sites are https://isladogs.co.uk https://mendipdatasystems.co.uk Both secure sites have a valid SSL certificate and there should be no reason for either site to be flagged. Please fix this ASAP Thank you in advance Colin Riddington Mendip Data Systems Microsoft MVP 2022 Co-chair - Access Europe User Group
  3. MalwareBytes 4.5.11.202 flagged a false positive on Tanium's Windows client installer as an AI-flagged risk. This file is almost always named "SetupClient.exe" on Windows, and this particular file version was 7.2.314.3584. This installer (any version) has a tendency to be found with old versions as it can self-update after install. This is a next-gen system management tool, often compared with SCCM, Bigfix, and CrowdStrike, though it does not perform antivirus functions. Interfering with it could be inconvenient to catastrophic, depending upon the scenario. Please let me know if you need any supporting details, preferably via direct message. Tanium SetupClient.exe false positive.txt
  4. Hello. I was running a manual scan earlier today and there was a detection for D:/Program Files (x86)/Antstream Ltd/Antstream/AntstreamArcade.exe Antstream is a software that allows me to play a lot of old arcade games. I have run this program in the past without issue. But after attempting to run it today, Malwarebytes blocked it as potential malware. A manual scan gave me the same result. I am almost certain this is a false positive, but I could use a second opinion. If it is a false positive, is there any way to remedy this?
  5. Xauma95

    Posible FP

    My BG blocks me every time i try to go to https://www.icloud.com/find/ Is this a FP or it is a malware page? This are Virus total results https://www.virustotal.com/gui/url/dd84087535df547b78f8d4567d9d27083ef834baeb22f0b3fc46c8a8918b2dab Thanks in advance.
  6. Malwarebytes Browser Guard for Firefox v2.3.20 is currently blocking hxxps://www[.]wordplays.com (a site for solving crossword puzzle clues) "due to riskware". Have visited this site previously without a problem but I'm not sure if this is a false positive or a legitimate detection. In future, should I be reporting possible false positives for Malwarebytes Browser Guard in this board or over in https://forums.malwarebytes.com/forum/123-website-blocking/? I didn't see anything logged in my Malwarebytes Premium v4.5.6 detection history for this particular website block. ----------- 64-bit Win 10 Pro v21H2 build 19044.1586 * Microsoft Defender v4.18.2202.4-1.1.19000.8 * Malwarebytes Premium v4.5.6.180-1.0.1634 * Firefox v98.0.2 * Malwarebytes Browser Guard for Firefox v2.3.20 Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620
  7. Hi, since my original post has been locked, I'll have to try again. I know about https://forums.malwarebytes.com/topic/130207-pupoptional-listings-and-disputes/ but I didn't get any feedback from pup AT malwarebytes DOT com
  8. Playing Path of Exile the last couple days. Upon loading into a new area or "map", I get either a Trojan or Malware event notification with a "Blocked Website" action. I've attached both logs and the executable that it's indicating. Nothing reported on my scan. It's only when loading into particular areas. Other area/map loads have no issues. Running application through Steam. Blocked action is consistent upon trying to enter the Tier 3 "Beach" map. PathOfExileSteam.zip poe mal.txt poe troj.txt
  9. None of these files were previously detected, and I have reason to believe that they are false positives. I'm not certain what the registry key is for or if it is genuinely malicious. Scan results attached detections.txt
  10. Greetings, Just found this on random. Don't know if it's a bug or intended. Basically I've modified one of my EXE files for a game in order to get the proper title on Playnite (with tools like Resource Tuner 2.20 or Resource Hacker 5.1.8 where you can edit the ProductName metadata). On that particular one, Malwarebytes doesn't like the change and starts to show up like that : And this is the scan on Virtus Total : https://www.virustotal.com/gui/file/96779fcc37c3f211889548215c3679b138fb88697aa24e6188c0627ea977d977?nocache=1 However, I've put the game inside a folder called "False Positive" and suddenly Malwarebytes stops noticing it. My "Allow List" is completely empty : I've also tested this on another computer with brand new installation of Malwarebytes and as soon as the EXE is inside a folder called "False Positive" - it wont detect anything. Is that supposed to happens ? What will prevent someone from creating the same naming for a folder ("False Positive") and put all kind of malicious things there, since MB will ignore them ?
  11. (First my whining...) OK I've been trying to send or report a file that triggers a "MachineLearning/Anomalous.93%". I registered on the Forum, and haven't been able to figure out the magic to send the information. So I assume attaching the file here is sufficient. (Background) The file it's reporting is a self-created/ compiled EXE file, compiled from VB6. It's in essence the same file that has been used for a dozen year, just edited with a few different variable numbers (i.e. change a 1.5 to 1.6 etc). The old files compile and report as OK, even if re-compiled today. The same VB6 source code files RENAMED, and compiled, report the MachineLearning stuff. I *suspect* this is a false positive, but I am reluctant top send this to a co-worker for obvious reasons: is this some sort of virus etc. The attached ZIP file contains 2 EXE files. The '2022' File seems OK in MalwareBytes. The 2022b file reports the MachineLearning error, although the "2022b" was created from the same source code, after having a few values edited. I am thoroughly confused. Is this 2022b file indeed infected with something? _testcompile.zip
  12. I have written a program in C# on my own machine, and it is being used on some of our other machines, and My malware bytes keeps flagging it as the title of this post. there is nothing malicious with my code is there any way I can prevent this? Files for malwarebytes.7z
  13. We update file version and now same thing. This small program is anticheat service for minecraft created by us for KGB minecraft (kgb-minecraft.info) community and service we provide to our players. If neede i can share source code if that will help you to un-flag this file as harmless just tell me where to send it and its not a problem. This small program on startup gather some minimal client info and check for updates on our servers. After it (if needed) update it checks if user is using unalowed minecraft java versions when connected to our servers with any minecraft game, then it inform us with his connecting info if everything is ok. Coding solution for this app we used AutoIt that is used mostly for QA and test automation even in AV companies so i hardly think that this is is not a good selection as codding tool for this case. Any help in resolving this problem as "false positive" or adding it to your Whitelisting is greatly appreciated. pass for file is "infected" KGBac.zip
  14. Hi, I have created a new website called, https://limbiks.com to help students generate flashcards. It is a new website that I have owned for a while and recently started promoting, but some people have refused to go to it becuase it is blocked by MalwareBytes. This site is not malicious at all and the message says it is being blocked because it has relatively light traffic. This is because it is a new website that I have been building that I have not started promoting until recently. Please unblock!
  15. I am creating a WPF application and I noticed malwarebytes has detected a dll file in my application as malicious. Please let me know why this is happening and if there is something I need to do to fix this, or if Malwarebytes is falsely detecting an issue. Malwarebytes Detection and Log.zip
  16. I ran a Malwarebytes scan on my PC to fix a potential issue, with my CPU often running at its' maximum clock speed recently even while idle. To check if perhaps the cause could be a CPU-based cryptominer. But all Malwarebytes found were two false positives of a harmless program on my computer. That program is Q-Zandronum, a source port for the original Doom games from the early 90s. The program itself is completely harmless and open source, so you can check directly to see that it doesn't do anything malicious. But it seems that Malwarebytes' heuristics mislabeled it as malware, of course the real time protection also automatically quarantines the program when I attempt to run it. Interestingly, it seems to only see the 32-Bit build of Q-Zandronum as malware. Edit: Forgot to mention, but I also turned on "Use artificial intelligent to detect threats" in the scan options, which I presume is the reason for this false positive. Here is the included log from the full scan I had ran. And here is the log from when Malwarebytes quarantined the 32-Bit executable after I attempted to run it: I have also attached the exact build of Q-Zandronum that is labelled as a false positive below. q-zandronum_executable_32-bit.zip
  17. Hi Folks, I run a private FoundryVTT instance hosted on Azure. I set up a cheap domain registration to provide SSL. It's been working great for the last few months but recently my users reported that malwarebytes is reporting it as "Website blocked due to phishing" http://gmrobin.cloudns.ph:30000/ 104.47.145.36 Looking at the malwarebytes log it's flagging as RTP. I'm guessing it's some issue with a mismatch between cert registration and where it's hosted in NL on the azure europe west region. Attached the report. Please fix this for me. gmrobin.cloudns.ph.txt
  18. Hi, I hope you are well and healthy. I am the author of TED Notepad, https://jsimlo.sk/notepad/ Some of my public releases of TED Notepad are being flagged as problematic (MachineLearning/Anomalous). Could you please have a look? Links to affected files in VirusTotal are: https://www.virustotal.com/gui/file/11bfcb04b79a5c748b25550fcde276f9f178ae7b220431878c33b461b8f0d18c?nocache=1 https://www.virustotal.com/gui/file/3b21eeec90f70293594cc6d25d57be940683c7a46b31727ae2832abeb21522ce?nocache=1 https://www.virustotal.com/gui/file/8188534843c8df06767478fab712aedaef4486080136f4af87204b29137bf30d?nocache=1 https://www.virustotal.com/gui/file/7787cb4e0a12bfa8edf1d9c531fcd339005f6672ac7a81be26353d4b465a6f6a?nocache=1 I have also attached the files in a zip file. All of those files are available on the official download site at https://jsimlo.sk/notepad/download.php?older These versions are older versions, however they are still supported, and still being used by the public. Please, feel free to let me know, if you need any further information. Thank you, Juraj Simlovic Malwarebytes false positive.zip
  19. Hey there! Malwarebytes detected a malicious file on VirusTotal. I am requesting the review of the site, alongside the removal of the flag from VirusTotal and from your database. Thank you! Kind regards
  20. Hello, sorry for the bother once again. Well, essentially I was trying to visit this blog: g1dbteamblogs.blogspot.com. Now, until a couple of months ago never really had issues accessing it, but today when tried to visit it was blocked by Browser Guard due to potential Malware activity. My first thought was that after recent updates, the Browser started detecting something that the blog site always may have had, but no other users seem to have problems with the blog in the forum where the link for the blog was shared (be it weird activity with their Antivirus or mentioning malware or anything). I thought it was better to ask directly if the site is safe and this is a false positive or indeed there's something to be aware of in it. As always, thanks in advance!
  21. A few days ago, Malwarebytes (Windows - up to date) blocked access to a bank's web site. Today, it 's blocking a pensions' company website. I would greatly appreciate knowing if there really is a problem. I received an email from the pension companycompany with an embedded link. Clicking on the link produced:
  22. Hi there, A few users are reporting your software is flagging our website (https://rockstarintel.com/) as having a trojan which isn't true, please fix thank you very much! https://rockstarintel.com/ https://www.virustotal.com/gui/url/7e0a8d3f60e16731c6fba6127054031664e95c084e5cd8d72a22edc500b824db https://transparencyreport.google.com/safe-browsing/search?url=https:%2F%2Frockstarintel.com%2F&hl=en_GB
  23. Forum would not allow new topic under the "False Positive" section. Browser Guard is reporting the Citi Bank web site 'online.citi.com' as a phishing site. A phone call to the bank (0800 005500) has confirmed that they are not aware of any issues. Would appreciate your comment. CitiBank01.pdf
  24. The website www.valveworksusa.com is being reports as a false positive, please correct. The IP address associated with the website is: 159.89.190.209 Endpoints _ Malwarebytes OneView.pdf
  25. Hi, I believe this is a false positive https://www.virustotal.com/gui/file/a76ec20a6ffd5c1f6c671db022d3378efefb76efef703972e07447cf748fe3db/detection FSDCInstaller (7).7z FSDCInstaller (7).7z
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.