Jump to content

Search the Community

Showing results for tags 'False Positive'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 120 results

  1. Hi, I am member of the team responsible for running https://www.peopleperhour.com and our users are telling us that our CloudFront domain ( dw3i9sxi97owk.cloudfront.net ) is being blocked by malwarebytes premium. This domain fronts a AWS S3 bucket where we upload "user generated content" such as profile avatar images and user portfolio items. Although we use a virus scanner, it is possible that a malicious user has uploaded malware to our CloudFront domain - we will be sure to remove anything suspicious immediately if you are aware of anything? It is in our interests this domain is clean and we certainly want to protect our users. The overwhelming majority of files will be safe so blocking the whole domain isn't necessary and makes our website ugly to malwarebytes users. we had a similar problem in the past. ref. https://forums.malwarebytes.com/topic/247879-dw3i9sxi97owkcloudfrontnet-is-a-false-positive As we were mentioned in the previous case we had, most of the files reported are only marked as malware by 1 engine, "Yandex Safebrowsing" and seem to be false positive any other file that is reported from more malware engines are already removed from our internal AV system. ref. https://www.virustotal.com/gui/domain/dw3i9sxi97owk.cloudfront.net/relations Please let me know if there is something more to do to become unblocked by your system. Regards, Stavros F.
  2. Hi support team! Hope you are doing well. I was hoping that you could remove the block on www.Baltimore.EcoMap.tech and www.EcoMap.tech. A possible client recently reported that they could not access our site due to the block (see screenshot) While I understand .tech is not a common top-level domain, we are definitely not using it for malicious purposes and it is preventing clients from accessing our site. Likewise, we create subdomains (like Baltimore.EcoMap.Tech) for all of our client sites. Will I have to submit a new False-Positive report for each subdomain, or will removing the block on the root domain do the trick? Please let me know if there are any supporting materials that I need to submit in order to have the block removed. Thank you!
  3. Please resolve False Positive Detection by desktop Malwarebytes. -Blocked Malware Details- File: 1 Adware.DLAssistant, C:\Program Files (x86)\CyberLink\Power2Go13\DiscManager.exe, Quarantined, 7519, 763135, 1.0.21148, , ame, File submitted to VirusTotal.com and they found zero hits. https://www.virustotal.com/gui/file/e9286bfd66cc38881ca615bcf89c1cd0aa7991f3542c7f41cb5ff8e3b8294b3e/detectionCyberLink Export of TXT file attached. Worked around by placing file in allow list. Malwarebyte blocked program.txt
  4. I had an old file saved from a game I wanted to create. It happens that I just installed Malwarebytes, analyzed my pendrive and detected that the .exe of the game is a threat. A virus/malware could be camouflaged there, or it's just a false positive. Since I have seen several that the same problem has happened to them. /Translator DeepL Virus Total: https://www.virustotal.com/gui/file/8b1c3bb3ed6f15e813a2a86eeea2823fcd56f9757e9dea31ddd9fc52e52cc171/detection
  5. Our site is fairly basic with a link for remote support that uses a product called remote utilities. I am assuming that the link to our remote support toll on remoteutilites.com is causing the false positive. Is there a way for us to get off the bad site list. It is causing us issues supporting our clients that either are using or want to use malwarebytes. Thanks for your help. Brad Miller
  6. Hi, The site from which Clover program can be download from http://en.ejie.me/download.html is being blocked. When trying to install this program downloaded via a different computer it gets deleted and a message is being displayed that the computer is safe now. Please investigate and confirm to whether this is a false positive or not. Symantec Endpoint protection does not classify this program as being harmful. Thanks! Negrelli
  7. Before submitting a possible FP, please be sure that you have - 1. Checked the list of blocked gTLDs (Generic top-level domains (gTLDs) are one of the categories of top-level domains (TLDs) maintained by the Internet Assigned Numbers Authority (IANA) for use in the Domain Name System of the Internet. These gTLDs are blocked because the ratio of bad to good domains may be higher than average, indicating that the registry could do a better job of enforcing policies and shunning abusers.) Currently we are blocking the following gTLDs - .accountant .reisen 2. Used the search function on the forum Please be sure that the domain/IP that you want to submit is not already submitted by another member. 3. Gathered protection logs/screenshots and attach them with your message How to get protection logs in Malwarebytes 4 - ------------------------------------------------------------------------------------------------------------------------------------------------- If the gTLD/domain/IP is blocked and you still want to access it, you can add it to the Malwarebytes exclusions list - Malwarebytes 4 https://support.malwarebytes.com/docs/DOC-3543 Malwarebytes 3 https://www.malwarebytes.com/support/guides/mbam/Settings3.html#exclusions ------------------------------------------------------------------------------------------------------------------------------------------------- If you still want to submit the FP, please create a new thread and provide the domain/IP with your protection logs (please open 'MBAM', go to 'History' and attach the log where the detection is recorded). For more information about the protection logs, please see this link. Thanks to everyone who follows these instructions!
  8. Malwarebytes decided to flag my PDF writer as generic malware. How doi I get it to not flag it and not quarantine it? How should I continue to use the Cute PDF writer???
  9. I believe that "biosagentplus_616.exe IS A FALSE POSITIVE ... from the website https://biosagentplus.com/scan/download/netscape
  10. Hi, Malwarebytes has incorrectly blacklisted my work website hxxp://www.rosenberg-art.com. Can you please unblock as soon as possible, since I need to access my domain. There was a problem on the website last week, which was fixed some days ago. Screenshot attached. Thanks, Susan Rosenberg Malware Bytes Screenshot March 2020.docx
  11. I downloaded and am playing a game called "Hades" that is installed via the Epic Games launcher. Malwarebytes shutdown my game in the middle of play and flagged it as ransomware. Doing a bit of googling, I found out there's actually some ransomware with the same name. Attached the log. hades_game_malwarebytes.txt
  12. Some of our customers who use Malwarebytes are receiving "Website Blocked" pop-ups when they try to visit our website, www.venturaline.com. We have checked our website on many website security services and have seen no problems. Google Transparency reports "No unsafe content found", Google Search Console reports "Security - No issues detected", Brightcloud reports "Web Reputation - Trustworthy (96 of 100)", etc. Please remove our website from showing false positives. Thank you, Ron Chattler, Ventura Promotional Products, Inc.
  13. Namita

    False Positive

    Appears Browser Guard (in this instance on Firefox) is having a False Positive on website: aaroh.info VirusTotal shows all clean: https://www.virustotal.com/gui/url/3b61664e837b385c5666601251c6d30bbb7b2b25ab274579db40df16a7d75f0d/detection As said here (https://forums.malwarebytes.com/topic/253405-extension-blocking-tld/?do=findComment&comment=1343777) : It's totally unacceptable and everyone would agree to this users statement (https://forums.malwarebytes.com/topic/252629-why-is-my-website-blocked/?do=findComment&comment=1339923): Fix this policy or it will create serious trouble for you guys soon.
  14. My website, sammonnet.com is been flagged up as a Trojan and blocked by malwarebytes. The log is as follows " Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 15/02/2020 Protection Event Time: 10:01 Log File: 23757748-4fda-11ea-9063-28d244adff74.json -Software Information- Version: 4.0.4.49 Components Version: 1.0.823 Update Package Version: 1.0.19246 Licence: Trial -System Information- OS: Windows 10 (Build 18362.592) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Trojan Domain: sammonnet.com IP Address: 2606:4700:3033::6818:678e Port: 443 Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end) " Please stop my website being reported as it is not malicious. Kind regards, Jake (Lead Dev at SammonNET) jake@sammonnet.com
  15. Zoho Assist.7z Please analyse the submitted samples.
  16. Hi. Since very recently Visual Studio Code started throwing this error whenever I try to launch the integrated terminal: The terminal process command 'C:\Windows\system32\cmd.exe' failed to launch (exit code: {2}) For those unfamiliar, it basically opens command prompt inside of VSCode under the current project directory. I have been using this feature without a problem for years. I am using Windows 7 64 bit, and if I go to the system tray, right click on Malwarebytes and turn Ransomware protection off, it starts working again immediately, don't even need to restart VSCode. I tried to check my detection history to see if there was some log available -> Open Malwarebytes -> Detection History -> History but nothing there related to the issue. Also I just update to the latest version of Malwarebytes: - Malwarebytes version: 4.0.4.49 - Update package version: 1.0.18540 - Component package version: 1.0.810
  17. I'm on this page as I have been receiving mixed messages on a diagnosis which I have on a computer which I have been using. I had recieved this diagnosis Monday of last week that my computer has had a computer virus on it which had meant that it was running slower than usual. This is despite me having installed the Premium version of Malwarebytes back in December of last year. I wish to verify these claims. I have already sent in a log of the computer it was on, but, now that I have read through your help on the subject, I have to say that I am still confused as to what 'bit' I fall in 32 or 64 as my computer is a windows ten Laptop. It may be the case that I have already done this through your malwarebytes support tool, and if so, it would aid me greatly if I could get the results of this scan as it would be a reassurance that the programme is working as it should do because, this diagnosis of a virus has really knocked my confidence in Malwarebytes. Look forward to hearing from what you have to say on this subject. Please don't keep me waiting- I've been having this issue for just over one week now.
  18. Hi, I think Malwarebytes detected a false positive. Can you review it? Thanks Regards upx.7z
  19. Hi, I am having a problem with a program written by myself. Quarantines the executable each time I run it without adding it to exclusions. Source code can be supplied. Thanks for your help. MyPurchases.rar
  20. clintont

    Julia

    Julia is not malware/ransomware/anything bad. source: https://julialang.org/ https://en.wikipedia.org/wiki/Julia_(programming_language) Log: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/27/19 Protection Event Time: 2:26 PM Log File: f1fb065a-1164-11ea-996f-380025ace9a4.json -Software Information- Version: 4.0.4.49 Components Version: 1.0.764 Update Package Version: 1.0.15482 License: Premium -System Information- OS: Windows 10 (Build 18362.476) CPU: x64 File System: NTFS User: System -Ransomware Details- File: 3 Malware.Ransom.Agent.Generic, C:\USERS\CLINTON\APPDATA\LOCAL\Julia-1.3.0\julia.lnk, Quarantined, 0, 392685, Malware.Ransom.Agent.Generic, C:\USERS\CLINTON\Desktop\julia.lnk, Quarantined, 0, 392685, Malware.Ransom.Agent.Generic, C:\Users\Clinton\AppData\Local\Julia-1.3.0\bin\julia.exe, Quarantined, 0, 392685, 0.0.0 (end)
  21. Hi We've recently found that our site is being blocked from some corporate firewalls. IP Address: 45.65.61.146 Web address: www.kissngo.com.au A few colleagues have reported to us that they can't access our website from their corporate networks, so we'd like to ensure that this is fixed so that going forward all our customers can access our service. We've checked with our hosting service (WP Hosting) and our SSL certificate provider (GoDaddy), who have confirmed that the site is clean and we don't have any malware. Based on this, we have been advised that we need to send a request to key firewall providers. Please would you review our site and if it is blacklisted or blocked - please would you unblock and delist it so that it is now accessible to all. If, however you do pick up any discrepancies, please can you let us know soonest. Thanks Min
  22. One of your subscribers has kindly let me know that MalwareBytes is blocking my website energynumbers.info. I've checked the server, and the source code of the supposed problem page as it is served, hxxp://energynumbers.info/capacity-factors-at-danish-offshore-wind-farms , and there's nothing suspicious or unexpected there.
  23. Just yesterday I spoke with an employee on Reddit about a weird issue I was having where Malwarebytes detected RockstarService.exe as a Generic.Malware/Suspicious file. I scanned it with VirusTotal and it had 0/77 detections, the employee I spoke to asked me to send him the sample and he fixed the issue, I updated it and I did a scan in case it didn't work, thankfully it worked and it didn't Interrupt me from opening the Rockstar Games Launcher. Today I did my daily scan just to find that now the scan detects it instead of the Real Time Detection, I tried to update Malwarebytes yet again and I'm on the newest version already. Can someone please help me fix this issue?
  24. I've had some customers who's Malware Bytes detects my latest update as a virus. Please exclude. FalsePositive.zip is password protected = "infected" is the password. PAUpdate.zip is download by my client software in order to update their version. No password FalsePositive.zip PAUpdate.zip
  25. Greetings, Just today, MBAM started shutting down Winamp until I added an exception for it: Here is the log file for the event: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 5/7/17 Protection Event Time: 8:55 PM Logfile: Administrator: Yes -Software Information- Version: 3.0.6.1469 Components Version: 1.0.103 Update Package Version: 1.0.1890 License: Premium -System Information- OS: Windows 10 CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, [0], [-1],0.0.0 -Exploit Data- Affected Application: Winamp Player Protection Layer: Malicious Memory Protection Protection Technique: Exploit code executing from Heap memory blocked File Name: URL: (end) I have also attached the log files from C:\ProgramData\Malwarebytes\MBAMService\logs\ and FRST64. Cheers, Zzyzx mbam-winamp-false-positive.7z
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.