Jump to content

False Positive


The_Codesee
 Share

Recommended Posts

Hi,

I have discovered that MBAE is blocking a legitimate program by HP (a false positive).

I've uploaded the program to VirusTotal: https://virustotal.com/en/file/497350b9d762e9e6934b877a7ad68759a0d6d186b4ff6c582a151201490752c8/analysis/1481361317/

And attached is the data from MBAE from the ProgramData folder.

Thank you.

Malwarebytes Anti-Exploit.zip

Link to post
Share on other sites

  • Staff

Hello and welcome to the forum.

MBAE does not discern whether the payload by an exploit or social engineering attack is good or bad.

In this case the application is attempting to execute by having Chrome execute wscript.exe to run a script. This type of application behavior opens up a huge can of worms and security hole. I am amazed that HP is creating such insecure applications.

You should be able to open MBAE, go to the Log tab, select the block and then click "Exclude".

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.