Jump to content
The_Codesee

False Positive

Recommended Posts

Hi,

I have discovered that MBAE is blocking a legitimate program by HP (a false positive).

I've uploaded the program to VirusTotal: https://virustotal.com/en/file/497350b9d762e9e6934b877a7ad68759a0d6d186b4ff6c582a151201490752c8/analysis/1481361317/

And attached is the data from MBAE from the ProgramData folder.

Thank you.

Malwarebytes Anti-Exploit.zip

Share this post


Link to post
Share on other sites

Hello and welcome to the forum.

MBAE does not discern whether the payload by an exploit or social engineering attack is good or bad.

In this case the application is attempting to execute by having Chrome execute wscript.exe to run a script. This type of application behavior opens up a huge can of worms and security hole. I am amazed that HP is creating such insecure applications.

You should be able to open MBAE, go to the Log tab, select the block and then click "Exclude".

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.