Jump to content

False positive - is there a log file?


Recommended Posts

I should have looked there first, thank you.


Here are the zip files:




Is there a way to add a registry entry to the exclusion list?


This is the entry that was falsely quarentined:  HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\mfsyncsv


It belongs to a program called MirrorFolder which has been around for a long time. I've been using it since early XP days.

Malwarebytes Anti-Ransomware.zip

Link to post
Share on other sites

No edit capability that I can see. Looks like one zip file shows twice in my previous post.


Anyway, I wantexd to add the registry value that was quarentined:

HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\mfsyncsv    DisplayName    REG_SZ    MirrorFolder Auto-synchronization Service    Description    REG_SZ    Performs automatic synchronization for MirrorFolder.    Type    REG_DWORD    0x10    Start    REG_DWORD    0x2    ErrorControl    REG_DWORD    0x1    ImagePath    REG_EXPAND_SZ    C:\windows\system32\mfsyncsv.exe    ObjectName    REG_SZ    LocalSystem
Link to post
Share on other sites

Wouldn't that be...

Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\mfsyncsv]"DisplayName"="MirrorFolder Auto-synchronization Service""Description"="Performs automatic synchronization for MirrorFolder.""Type"=dword:00000010"Start"=dword:00000002"ErrorControl"=dword:00000001"ImagePath"=hex(7):43,00,3a,00,5c,00,77,00,69,00,6e,00,64,00,6f,00,77,00,73,00,\  5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,6d,00,66,00,73,\  00,79,00,6e,00,63,00,73,00,76,00,2e,00,65,00,78,00,65,00,00,00,00,00"ObjectName"="LocalSystem"
Tried it on my own machine and it worked. Well, adding the key that is.
Link to post
Share on other sites

Please take the time to read our update post on Malwarebytes Anti-Ransomware and the False Positives issues. This post also goes into detail about what to expect for BETA 3 update which will fix a lot of the reported issues. Thanks!


Dealing with FPs and preparing for beta3:

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.