Jump to content

Search the Community

Showing results for tags 'false positive'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






  1. Hi, how can I reach Malwarebytes to let them know my website https://ibsolutions.biz is blocked by their software? The website is a branding agency presentation site, soon to have ecommerce features. Built in Wordpress. I received the notification from one of my clients. Strangely, on my PC I do not have this behaviour. Thanks!
  2. Hi, A Swiss Program from the company Polylog, as for name Frontview, is using a DLL (wpe_intf.dll) which is detected as Malware. Heuristic.1003 by Malwarebyte : Copyright (c) POLYLOG S.A. Description Interface FrontView File Version Microsoft already removed the detection from Defender. Thanks in advance for your help and support. Michel wpe_intf.zip
  3. Hiya! This is my first time posting and I wanted to report a false positive. The website "Control Collaborative Virtual Machines! (computernewb.com)" is a small site dedicated to hosting virtual machines in a browser. While you are able to download malware within the VMs, it is all contained in the sandbox-like environment. Please find attached the image I took of Browser Guard flagging this site for trojan activity.
  4. This program is a very old Hex Editor that has been around for years. This morning Malwarebytes reported it as having "Ransom.Dharma" after many many previous scans completing without a detection. Please find attached the log file and the two files in a zip file. XVI32.zip
  5. Hello, We have launched our new site and it is being flagged as having a virus though we have scanned it and it is clean. https://www.virustotal.com/gui/url/5411199066a7b6dc74a23baced01eb069c3c00bd2a2f7c6e7e4a0f18aedfcd36/detection https://www.virustotal.com/gui/url/98e752b4a410236203cfee5efb5caa552044c1a5b330c2a5bd8b2f0ded72a351/detection Please remove our site from your blocked lists. Thank You
  6. ykcginfo

    False positive

    Good morning, I would like to report a false positive. This is a giveaway website. I am the owner of it, if you require more information I can gladly provide you with the information. www.ykcg.info
  7. I downloaded and am playing a game called "Hades" that is installed via the Epic Games launcher. Malwarebytes shutdown my game in the middle of play and flagged it as ransomware. Doing a bit of googling, I found out there's actually some ransomware with the same name. Attached the log. hades_game_malwarebytes.txt
  8. Hello and apologies if I have posted this in the incorrect place. I recently installed PyInstaller for Python and afterwards did a scan of my PC and the results showed two threats labeled as Trojans. I have attached the scan results (just removed my name from them, no other modifications). I have quarantined them for now but wanted to make sure they weren't false positives. I uploaded the two files onto VirusTotal and here are the results: pyinstaller-4.0-py3-none-any https://www.virustotal.com/gui/file/d08ba7024bf330aafc9c405966368c9755d69f00b0ac3dc9f7203407acb2b9f4/detection
  9. You guys are blocking my website "due to phishing" but without any reason why. I just built a site under the subdomain to show a client and now I'm being flagged. Please remove it or direct me to a support phone number to talk with somebody. I'm posting here because I wasn't given an option to post under the "False Positive" subtopic in this forum. Thank you!
  10. dws.txt https://www.virustotal.com/gui/file/fadf20bfb0f0660342bafbb00cb1a71e7b03048f9127cf5597603adebc9cf179/detection
  11. In UK on-line banking (3 different banks), requesting a PDF download of a statement is seen by Browser Guard as a scam - I had to remove scam protection on the banks' web sites in order to download the statement. So this is not an urgent problem; it just goes against the grain to say scams are OK.
  12. Yesterday Windows Defender found a dodgy file in a local steam workshop folder which came up as a trojan. It deleted the file and I decided to delete all of my workshop folders and went through my subscribed items to remove any suspicious ones so it wouldn't redownload them. after that I did a full scan on both my new and old system drives with MB since the same workshop files had been on my old one as well. Both scans detected 0 threats which is good (I haven't tried a scan with WD yet). Today I went to open a site (spawnterror.com) and MB gave me a notification about a suspicious outbound co
  13. MB Premium 4.1.2 RTP has blocked a website that a longstanding addin uses for update checks and downloading any update. It has never blocked before but within the last week quarantined the update *.exe file separately. Being cautious I do not want to just allow this and put it on the exclude list. Domain is openid.worketc.com and IP is MB has not reported this detection before. The ip relates to Amazon AWS servers I believe. The logs are attached of both the automatic RTP detection and manual entry of the IP in Chrome. Both blocked. Norton is not reporting it as a malicious
  14. The Minecraft launcher and shortcut files are classified as malware by malwarebytes. I am suspicious that this is a false positive as the file has not been updated, and has not been detected in the past. See logs below: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 8/19/20 Scan Time: 9:30 PM Log File: 66bfd7f6-e20f-11ea-a916-6c2b5977f5e7.json -Software Information- Version: Components Version: 1.0.1003 Update Package Version: 1.0.28715 License: Premium -System Information- OS: Windows 10 (Build 18362.959) CPU: x
  15. For some reason, this file is now being detected as Malware though it has never been before. Could you please take a look at the attached and validate for us that this is a false positive? Thanks Data..zip
  16. OpenSource Python_IDM_2020.6.27 Internet Download Manager (PyIDM.exe) has been flagged as ransomware! https://github.com/pyIDM/PyIDM
  17. I was playing on a minecraft server hosted by someone I know and trust when MBAM closed the game and said javaw.exe was a ransomware. clear false positive False positive.txt
  18. ShaSal

    Trojan blocked.

    Website being blocked https://ecgcorp.net/ We did 3 scan but did not find anything? https://www.virustotal.com/gui/url/fc6a2b7ab05ef991c731314993a5c1ec5ed28c1b17efd1cab9f998662e892ca3/detection https://transparencyreport.google.com/safe-browsing/search?url=ecgcorp.net&hl=en https://sitecheck.sucuri.net/results/https/www.ecgcorp.net
  19. Hello Malwarebytes team Sorry I'm not good at English My website is: https://daominhha.com/ My customer reported that they were blocked by Malwarebytes from accessing my site. I would like to confirm that my website is completely clean and has not read or deceived anyone. My passengers can testify to this. I successfully appealed on kaspersky, Phishtank, Avast, ... So this is definitely a misunderstanding I hope the Malwarebytes team reviews and brings my website back to normal as this is seriously affecting our reputation. Sincerely thank !
  20. Hello. It appears that malwarebytes browser guard detects turbolab.it (only when you visit its forum) due to "reputation" It is an italian site with a forum about computers (Windows 10 / Android /Linux), it doesn't host any file. I'm not the site owner, I'm just a member ( a voluntary moderator to be exact). Can you please check then delist it? Thank you in advance. Cheers see also https://sitecheck.sucuri.net/results/https/turbolab.it https://unmask.sucuri.net/security-report/?page=https%3A//turbolab.it/ https://www.url
  21. A user reported this issue to us. These files in the log are identified as malware but are in fact harmless. The code is published for anyone to review on Github. I don't have the ability to generate log files myself. -Log Details-Protection Event Date: 7/30/20Protection Event Time: 1:33 PMLog File: 85a5e960-d258-11ea-89d1-00051bab1e7d.json-Software Information-Version: Version: 1.0.979Update Package Version: 1.0.27687License: Premium-System Information-OS: Windows 10 (Build 18362.959)CPU: x64File System: NTFSUser: System-Exploit Details-File: 0(No malicious items det
  22. Hi My business website is blocked inacorrect. Website address www.rangtech.com. attached is the screenshot for your reference. It is being blocked by eero secure who are using Malwarebytes at back-end. Request you remove this as soon as possible.
  23. Hello, Several of my websites were reported as being blocked by your software. The domains are as follows. https://www.n8solutions.host https://am.n8solutions.biz https://www.n8solutions.us https://www.n8solutions.net https://www.n8solutions.com I’m asking for you to please whitelist these domain names as soon as possible. I may lose a potential client because your software is blocking a legitimate website!
  24. Hello, I am developing a website in MySQL, php, javascript ... so I am running a database on a local host. Malwarebytes suddenly detected the WampServer as malware. So, I uninstalled it. I tried to reinstall it from the local PC exe and tried to download it again from the wampserver website (https://www.wampserver.com/) and Malwarebytes always accuses malware. The wampserver had no updates. Is it a false positive? After 3 days, support did not respond. Report.txt
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.