Jump to content

Question on False Positive

Phone Man

Recommended Posts

Hello Phone Man:


How are you handling all the False Positives that have been reported.

One of the ways is, the Consumer/beta tester may manually enter an executable's pathname in the MBARW Beta GUI/Dashboard's Exclusion list.  Any other responses are best made by the MBARW developer team or Malwarebytes staffers.

Thank you for your interest in the MBARW Beta testing program.

Link to post
Share on other sites

Hi Phone Man--

Both.  :)   We use a combination of techniques to ensure the possibility of a false positive is as low as possible.

The first thing we do is look at the file in question to see why our technology triggered on it.  In this way we can look for ways to avoid the same thing happening in the future.

Certain known and verified Windows system files are essentially whitelisted, but the goal with other EXEs is to minimize the chance of detection by continually updating and tweaking our detection algorithm.  We're able to dynamically update this technology without requiring a full new installer release, though new installers also typically include updates to the detection routine to both improve ransomware detections and avoid FPs.


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.