Jump to content

Search the Community

Showing results for tags 'falsepositive'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 12 results

  1. Hello, This is to inform you that I'm in receipt of an FSA abuse report initiated by hphosts against my blog site hosted by WordPress (www.antivirus[.]ink -> https://antivirusink.wordpress[.]com) the hphosts DOES NOT provide the specifics of the abuse except the FSA tag. (pls. see below) Since hphosts claims to use malwarebytes engine to flag hosts for abuse and malicious activity I kindly urge malwarebytes to provide me with the specific details of the abuse as per FSA classification which should fall into one of the following categories: 1. Using misleading means to peddle their products (e.g. claiming the product is free when in actuality, it's just a free scan) 2. Not keeping their affiliates under control (i.e. those affiliates spamming, using BlackHat SEO, or otherwise misleading users) 3. The site is residing on a known malicious IP block Please be reminded that the site does not sell any products (1), does not have and is not signed with any affiliates (2) and is hosted on wordpress.com (3) The site is a security information blog content ONLY and is aimed to raise public's awareness of emerging security threats, phishing attacks and in the wild malware activity. I'm eagerly awaiting your response so I can proceed with the appropriate legal actions further. Kindly, AC
  2. I recently ran Malwarebytes for the first time in a while and the following was detected: Registry Key: 10 RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SUPERANTISPYWARE.EXE, No Action By User, [6454], [249843],1.0.8051 RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SUPERANTISPYWARE.EXE, No Action By User, [6454], [249843],1.0.8051 RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ITUNES.EXE, No Action By User, [6454], [249279],1.0.8051 RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RUNSAS.EXE, No Action By User, [6454], [249733],1.0.8051 RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ITUNES.EXE, No Action By User, [6454], [249279],1.0.8051 RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\RUNSAS.EXE, No Action By User, [6454], [249733],1.0.8051 RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ITUNES.EXE, No Action By User, [6451], [249279],1.0.8057 RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ITUNES.EXE, No Action By User, [6451], [249279],1.0.8057 RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ITUNES.EXE|DEBUGGER, No Action By User, [6451], [249279],1.0.8057 RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ITUNES.EXE|DEBUGGER, No Action By User, [6451], [249279],1.0.8057 Are these detections false positives? I have recently installed AVG Tune Up and suspect that some of them maybe false positives. AVG and Antispyware did not detect anything. Scans.docx
  3. I have developed 1 program. Checked with virustotal no error. Malwarebytes www.malwarebytes.com -Protokolldetails- Datum des Schutzereignisses: 29.08.18 Uhrzeit des Schutzereignisses: 06:21 Protokolldatei: 11d39624-ab43-11e8-9429-000000000000.json -Softwaredaten- Version: 3.5.1.2522 Komponentenversion: 1.0.421 Version des Aktualisierungspakets: 1.0.6545 Lizenz: Premium -Systemdaten- Betriebssystem: Windows 10 (Build 17134.228) CPU: x64 Dateisystem: NTFS Benutzer: System -Einzelheiten zu blockierter Schadsoftware- Datei: 1 MachineLearning/Anomalous.94%, D:\testsb\buildtest14.exe, In Quarantäne, [0], [392687],1.0.6545 (end) BUILDTEST14.zip
  4. Hello, I report a false positive, my website url is blocked by Malwarebytes Anti-Malware URL Blocked : rxcloud.fr.nf Best Regards, RoxasDev
  5. Hi, I've been using MalwareBytes Free on my computer for a number of years, never had a problem and only use it for the bare basics - only 'safe' websites (Wikipedia, Facebook) and don't use it a great deal anyway. Did a scan this morning and it detected "MachineLearning/100%anomalous detection" - interestingly I had run a scan earlier without the internet connected, but after I connected the internet and ran the scan again it found it. I've since quarantined and deleted the file, ran another scan and all seems well - I'd just like to know what it was and whether it was a real problem or a false positive. I did a large Windows update (1803) last night and wonder if that's related? I have looked over this forum and seen that this detection has come up a number of times for people developing their own software, however I am not a software developer and had nothing on my computer that an average user wouldn't have. I understand that MalwareBytes is using new detection systems to stop malware, and so hopefully this is a teething problem rather than a real concern. I'm pretty savvy about computer safety, but still I'd rather be certain that everything is OK. I'm attaching the exported report here. There are no other visible signs of infection (slowing down, redirects etc). Thank you! MB Report.txt
  6. Hello, We have fully cleaned and replaced the hacked version of this site Ccfriendsofwildlife.org. During this process we fully cleaned any hacked files on the system included the site's themes and plugins. We have also ensured the database is clean and removed all the injected content from the servers and checked and removed any malicious processes. We have checked the site using the "site: google search" and bad links we have also used fetch and render in google to ensure there is no bad content. All suspect javascript loaded and it's content has also been inspected. We have also performed a "curl" against the front page with a google bot user and again there is no spammy content returned or injected content. On top of this and most importantly we have placed the website behind an enterprise grade web application firewall to ensure this site has a high level of protection against any future attacks. Could you please ASAP remove any hack label and security warnings for this site.
  7. Hi, a program that has been on our server for years came back as Spyware.Lokibot. It has never scanned as Spyware before, so I am curious as to why it would suddenly start scanning as such. On the hourly scan, it came back two hours in a row, then didn't appear anymore. It is these two files Name Type Category Status Path Spyware.LokiBot File Malware Quarantined C:\PROGRAM FILES (X86)\SPICEWORKS\NMAP-5.61-SPICEWORKS-SETUP.EXE Spyware.LokiBot File Malware Quarantined C:\PROGRAM FILES\WINPCAP\RPCAPD.EXE and the programs installed are Nmap 5.61-Spiceworks 05/19/2016 Spiceworks Desktop 7.5.00087 05/19/2016 Spiceworks, Inc. WinPcap 4.1.2-Spiceworks 4.1.0.2001 05/19/2016 CACE Technologies Please let me know if this was a false positive, or possibly caused by an update to Spiceworks (not sure if it updated automatically or anything).
  8. Please remove my website www.acasadibarbara.it, we had a problem in February but now is clean Thanks DAVID
  9. I have the same file information however I am using the cloud point software. I added snips from the scan that was completed.
  10. Hi, i have a problem with my application and Malware Bytes 3.4 I've developed an application and its exe file is detected as MachineLearning/Anomalous.94% (obviusly it's not a malware ) Is there a way to avoid this detection? Thanks
  11. Tried to look this up, but couldn't really find anything. I am not really experienced in this stuff. Sorry if this is a stupid question. I have MBAM 3 and after scanning my C drive with rootkit option on, it detected 2 threats, called Unknown.Rootkit.Driver and the location is C:\\Windows\System32\drivers\vwifibus.sys and vwififtl.sys. So these are apparently drivers, and I don't know how they affect my computer. I just quarantined the 2 in the meantime before I figured out anything. I want to note that vwifibus.sys came up a second time in a new scan just now. Quarantined it again. I just want to know if these are just false positives and if I should restore them, or do something else. Not sure if this is related at all to my recent problems of slow and inconsistent internet connections. Thanks for any info
  12. Hi, you are blocking this CloudFlare IP that has two of my sites, as well as oodles of sites of other people. You ought to contact CloudFlare and work it out. For the time being I'm telling my visitors who you are blocking to STOP using your product. There is absolutely nothing dangerous about my site (hochmanconsultants.com). If you disagree, please post a code snip to prove me wrong.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.