Jump to content

Search the Community

Showing results for tags 'fp'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






  1. Here is one example https://quora.vern.cc/ The person owns vern[dot]cc is who has hosted many instances for open source private front-ends. These instances are blocked falsely because of suspicious top level domain. Please allowlist them. Regard.
  2. There is currently an issue with Browser Guard for Chrome, where legitimate domains relating to Zendesk are being blocked. Domains that appear to be affected are: static.zdassets.com .zendesk.com This was reported to our team by a customer, and we are able to reproduce. Screenshot attached.
  3. I was looking at a piece of software called ProcDot. I was planning to run it on a virtual machine, but I scanned all the files with ESET and Malwarebytes (it was the ESET Online Scanner but I am not sure what it quarantined and I had some issues finding the logs) before I ran it I tried updating, rescanning, and also resetting Malwarebytes to default settings, but it still detected it. Maybe it is an issue on my side (maybe I failed to correctly reset the settings), so I attached the MBST log. VirusTotal: https://www.virustotal.com/gui/file/9c36c66abfeb51bc65d4a52fd8d84cc7281686bcde4bbc54c0f3b143a709b1d7/detection Website: hxxpx[://]www[.]procdot[.]com/downloadprocdotbinaries.htm Please tell me if there is anything else I need to do/provide, or if this is a legitimate detection. tcpflow.zip procdot_detection.txt mbst-grab-results.zip
  4. A potential customer sent me this photo of browser guard blocking my shopify store. Hxxps://kasefilterscanada.com He can reproduce it all day long however when I install the chrome plug-in I cannot. I noticed he’s also running the fat client on his desktop behind the browser window. please remove this FP as its now cost me 1x $2000 sale that I’m already aware of.
  5. Hello. This is a website, that due to it's TLD, get's detected. If it could get inspected & whitelisted, that would be great. IP: Domain: hxxp://flonja.tech/ and hxxp://www.flonja.tech/ Proof: Your help is appreciated. Have a nice day.
  6. https://sourceforge.net/projects/nsis/files/NSIS 3/3.07/nsis-3.07-setup.exe/download
  7. usman

    False positive

    Hello, Malware Bytes Browser Guard is blocking our website https://royalbathrooms.co.uk/ Here is the latest VirusTotal scan showing clean from all the engines https://www.virustotal.com/gui/url/96ade4d1c8d46613c5c47b864bb494b6a9e79eb5c3b29fd60066a610d67eb8c9/detection Please remove the site from your blacklist as soon as possible as it is affecting our business. Kind regards
  8. AMD GPU partner vendor Sapphire's homepage is blocked by MBG: https://www.sapphiretech.com/ Verified with both Firefox and Iron (Chromium); site was not blocked by Web Protection with MBG disabled.
  9. hxxps://cnbank.secureonlinebanking.com/canandaiguanationalbank/uux.aspx is our active online banking website which has been reported by virustotal as being listed by hpHosts as a Phishing site. This is not the case. Please correct as soon as possible as this action is causing us direct and significant damages.
  10. Hi there, The website has been cleaned already and is requesting for another review.
  11. I just did a threat scan on my computer and I wanted to make sure if this scan was accurate. I had done a full scan last night and didn't get any results, nothing flashed earlier on my real-time protection, and I haven't gone to any unsecured/ non-HTTPS sites (I've been to Zillow, Indeed, and Great Schools.org; literally the only websites I can think of where this trojan may have come from), so I'm not sure if this is a legitimate threat or not.The threat is labeled as Trojan.Emotet.Generic , found under the C:\WINDOWS\SYSWOW64\PID.DLL and found in the HKLM\SOFTWARE folders. I've attached the log file and screenshot of the report below. May I please get some help on this? Thank you! Results 2.txt
  12. A very old program for calibrating monitors that showed up as FP in this forum in 2008: https://forums.malwarebytes.com/topic/5968-roguesecureexpertcleaner/. Obtained yesterday from Samsung site (and passed VirusTotal inspection) at https://www.samsung.com/us/consumer/learningresources/monitor/naturalcolorexpert/pop_download.html. Please advise. Thanks! rogue.txt NCPro_2.0.0.0.zip
  13. Hi, Just got a FP from the Free Download Manager website: moz-extension://6e242d83-7bcf-4155-ad1a-5236df1fbb8f/redirects/blockedMalware.html?url=http%3A//www.freedownloadmanager.org/board/index.php%3Fsid%3D4ca0ba6498520aba8cdc13fa9722a012&host=www.freedownloadmanager.org&category=malware freedownloadmanager.org is the legitimate website of the FDM software.
  14. moz-extension://6e242d83-7bcf-4155-ad1a-5236df1fbb8f/redirects/blockedMalware.html?url=http%3A//www.abelssoft.de/&host=www.abelssoft.de&category=malware
  15. I was considering purchasing a laptop, and had it in my cart - when I remvoed it from my cart, the page tried to automatically take me back to a list of items I had been viewing (in compare mode) previously, and then the extension blocked the page: moz-extension://6e242d83-7bcf-4155-ad1a-5236df1fbb8f/redirects/blockedMalware.html?url=https%3A//shop-us1.asus.com/AW000706/lists&host=shop-us1.asus.com&category=scam
  16. Hello Malwarebytes team, We have scanned and cleaned the website societyofpediatricpsychology.org from malware and phishing, please check it and remove it from your blacklist. Thank you Sucuri Team
  17. Hi, We have received reports from our customers that our site is blocked by Malwarebytes even though we are a legitimate business and have been editing essays since the late nineties. Domain: essayedge.com IP: Can you please remove us from your block list? Thank you.
  18. Hello Malwarebytes team, We have scanned and cleaned the website industrialmaintenanceplatforms.com from malware and spam content, please review it and remove it from your blacklist. Thank you Sucuri Team
  19. I keep getting this almost every second: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 1/27/17 Protection Event Time: 9:44 AM Logfile: Java Exploit.txt Administrator: Yes -Software Information- Version: Components Version: 1.0.50 Update Package Version: 1.0.1111 License: Premium -System Information- OS: Windows 10 CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, [0], [-1],0.0.0 -Exploit Data- Affected Application: Java Protection Layer: Application Behavior Protection Protection Technique: Java malicious inbound socket detected File Name: URL: (end) I am pretty certain this is related to the UniFi controller that I have running on my computer. Need to track it down and get more info then what the report and log in Malwarebytes is providing, to make sure that is the correct program. Also, how come there is no ability to grant an exception when the pop-up comes up?
  20. Hey got a popup recently for the following: direction="Outbound" domain="s3-eu-west-1.amazonaws.com" ip="" malwaretype="Domain" port="49745" Is this a false pos?
  21. Site is a false positive. Please remove from blacklist. Reference: https://www. virustotal. com/en/url/4445b828d49b5d116ee0a01b6a904bd0e29b0b6460bc3359b95f8f3899f6870d/analysis/1475612844/
  22. Hi, I use boinc on my desktop PC which I got via boinc.berkeley.edu. To my surprise boinc.exe has been considered ransomware .boinc.zip logs.zip Malwarebytes Anti-Ransomware.zip
  23. FPs on DVDStyler and Gpg4win: http://www.dvdstyler.org/en/& https://www.gpg4win.org/ Nothing appeared to be added to the quarantine list in the GUI, but notifications came up saying that ransomware was detected in the tray area. Since nothing was quarantined, I have no EXE for Gpg4win since that one happened a while ago and I don't remember what EXE it was, but I will attach the DVDStyler EXE that was flagged in the notification, since that happened today. The DVDStyler FP happened while building a DVD to be burned. I don't remember what I was doing when the Gpg4win FP occurred. Both installer packages were detected by 0 AVs on Virustotal before installing them, and they were downloaded from the sites listed above. Attached are the requested .zips from the FP reporting thread. Malwarebytes Anti-Ransomware.zip MBAMService.zip DVDStyler.zip
  24. Hello, I believe my HOSTS file detection to be a false positive, Virus total scans clean no other detections. My HOSTS file was downloaded from http://hosts-file.net/download/hosts.zip Would you please be kind enough to check and report back. Thank you. Kind regards. MBAM_HOSTS.txt
  25. I ran the updated version of mbam and came up with a detection of possible malware located in the C: drive Windows files. it read Malware.Generic, C:\Windows\Installer\b6ea22c.msi, Quarantined, [04fcb34dc43ca957a4f36be558a8c33d] but now explorer is crashing a lot since it has been quarantined and so I am curious if this is a known piece of malware or a fp? mal2.txt
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.