Jump to content

Malware Protection Live false positive


mpltony

Recommended Posts

Greetings,

 

Several days ago, Malwarebytes began detecting my company's product, Malware Protection Live, as a rogue malware product.   Our product has millions of downloads and has removed millions of malware infections, and we're more than happy to discuss and review this with your team.   Would you please review these files and the detection?   Every major vendor we have worked with has cleared our product, including folks who have reviewed how our product interacts with the operating system and which threats it has removed.

 

Thank you,

Tony

export.zip

Link to post
Share on other sites

  • Staff

The product we installed has this only for a gui. And you cannot close it. You basically cannot get past this screen.

 

Also this seems its mostly a Bundled install with other adware and most people are not even aware how it got on their machine.

 

Plenty of results of people complaining about it.

 

https://www.google.com/search?q=malware+protection+live&ie=utf-8&oe=utf-8

 

https://forums.malwarebytes.org/index.php?/topic/172763-malware-protection-live/

 

We were getting messages about blocked extensions on chrome, and this was on a totally clean install of chrome also.

 

 

malwareprotectionlive-cannot-close.JPG

Link to post
Share on other sites

Thanks for the prompt reply, Rich, I appreciate it.

 

The GUI can be closed/exited through the taskbar, and we are working on enhancing the GUI to provide for more user-accessible options (GUI-based quarantine management, on-demand scanning, etc.)   We've read through the various concerns on Google, and we're working on addressing them in our next major release -- as well as Firefox and Chrome extension scanning and quarantining.  The software only does what it says it does, and this can be validated through process monitor or other reverse engineering.

 

If there are other concerns about the product's legitimacy or operation I'd be more than happy to discuss them via phone or chat.

 

Please let me know!

Thanks, and looking forward to hearing from you,

Tony

Link to post
Share on other sites

Sorry for the number of replies -- I don't see an edit button offhand or I'd have condensed this all in one post.

 

The reason the GUI is minimal is because MPL registers for file system change notifications -- when files are added or changed, we pass them through our engine for scanning.    This is probably the largest UX issue we're facing right now and we're aiming to resolve it by end of year.

Link to post
Share on other sites

  • Staff

Ok Reinstalled this and looked at the whole situation.

 

We are leaving it as PUP. Optional software as it is now. Reasons being.

 

1. Its part of bundled installs.

        https://www.virustotal.com/en/file/0e6efab81f44020a05d84a5fb1059518b0a293d948653f955865ddc585e39a28/analysis/

 

2. Too many users complaining about it and its not clear at all what the software will detect or protect the user and how. No logs from detection.

 

3. Gui is not easily closable. A novice computer user would have a very tough time with this.

 

4. Many complaints and removal guides about the software.

 

 

We would be happy to look at it again when these points change.

 

Thanks.

Link to post
Share on other sites

Ok Reinstalled this and looked at the whole situation.

 

We are leaving it as PUP. Optional software as it is now. Reasons being.

 

1. Its part of bundled installs.

        https://www.virustotal.com/en/file/0e6efab81f44020a05d84a5fb1059518b0a293d948653f955865ddc585e39a28/analysis/

 

2. Too many users complaining about it and its not clear at all what the software will detect or protect the user and how. No logs from detection.

 

3. Gui is not easily closable. A novice computer user would have a very tough time with this.

 

4. Many complaints and removal guides about the software.

 

 

We would be happy to look at it again when these points change.

 

Thanks.

Thanks for the objective feedback, Rich -- we'll work on these and follow up!

 

Best regards,

Tony

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.