Jump to content
lgdelai

Malware Bites is showing a false positive in my domain.

Recommended Posts

Malware Bites is showing a false positive in my domain.

Even without any files on the hosting malwarebites accuses virus.

I requested a scan on the hosting and nothing was found, also checked with various online tools like cucuri and nothing was found.

I would like to know what is going on, I requested support and did not give me a return. I was asked to scan my pc, but the problem is not on my machine, the problem occurs that a specific domain is being accused of being infected without being.

I know I can add the site to the delusions to be able to access normally, the problem is not this, the problem is that the bytes malware is blocking the domain for no reason, they do not even give an explanation of why this is an amateurism irresponsible to customers.

What do I have to do to get a decent return from support?

The domain is "pontobelo.es.gov.br".

Sem título 2.jpg

Sem título 3.jpg

Sem título.jpg

Share this post


Link to post
Share on other sites

***This is an automated reply***

Hi,

Thanks for posting in the Malwarebytes for Windows Help forum.

 

If you are having technical issues with our Windows product, please do the following: 

Spoiler

If you haven’t already done so, please run the Malwarebytes Support Tool and then attach the logs in your next reply:

NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

  1. Download Malwarebytes Support Tool
  2. Once the file is downloaded, open your Downloads folder/location of the downloaded file
  3. Double-click mb-support-X.X.X.XXXX.exe to run the program
    • You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
  4. Place a checkmark next to Accept License Agreement and click Next
  5. You will be presented with a page stating, "Get Started!"
  6. Click the Advanced tab on the left column

    mbst_get_started.jpg
     
  7. Click the Gather Logs button

    mbst_advanced_gather_logs.jpg
     
  8. A progress bar will appear and the program will proceed with getting logs from your computer

    mbst_getting_logs.jpg
     
  9. Upon completion, a file named mbst-grab-results.zip will be found on your Desktop. Click OK

    mbst_log_saved_desktop.jpg
     
  10. Please attach the file in your next reply. Before submitting your reply, be sure to enable "Notify me of replies" like so:

     notify me.jpeg  

Click "Reveal Hidden Contents" below for details on how to attach a file:
 

Spoiler

To save attachments, please click the link as shown below. You can click and drag the files to this bar or you can click the choose files, then browse to where your files are located, select them and click the Open button.

mb_attach.jpg.220985d559e943927cbe3c078b
 

One of our experts will be able to assist you shortly.

 

If you are having licensing issues, please do the following: 

Spoiler

For any of these issues:

  • Renewals
  • Refunds (including double billing)
  • Cancellations
  • Update Billing Info
  • Multiple Transactions
  • Consumer Purchases
  • Transaction Receipt

Please contact our support team at https://support.malwarebytes.com/community/consumer/pages/contact-us to get help

If you need help looking up your license details, please head here: https://support.malwarebytes.com/docs/DOC-1264 

 

Thanks in advance for your patience.

-The Malwarebytes Forum Team

 

Share this post


Link to post
Share on other sites

Hello,

Which database version are you using? I recall we had a false positive with a es.gov.br domain recently but it should have been fixed. I'm also unable to reproduce the detection while on update package version 1.0.17595. Try updating the database and let us know if there is still a problem. If there is, please attach the Malwarebytes log showing the information, not a screenshot.

Regards

Share this post


Link to post
Share on other sites

Hello, Thissisu, First of all, thank for the reply.

 

This domain was on a hostgator "shared M" hosting. There was no virus there.

So I bought a "reseller" hosting, created an exclusive cpanel for this domain, and the false positives started.

I still have other .es.gov.br domains on old hosting "M" and do not report anything.

I also have other domains in this new hosting resale "Not .es.gov.br" and they are ok.

I tried to redo the whole process, I created cpanel again, and this time I didn't upload any files, I tried to access and the error persists. that is, it has nothing to do with site files, because even without uploading the error persists.

It seems that the error is related to domain "pontobelo.es.gov.br" only in this new reseller hosting, because it only started to present after I request the appointment for my new reseller dns. ns1.delai.org and ns2.delai.org

* I tested on another computer with malwarebytes and also accuses virus. 

* Tested connected on 4g network and also accuses virus.* I updated malwarebites and the warning persists.
The version of Malwarebytes is: 4.0.4.49
Definition package version: 1.0.17597
Component Package Version: 1.0.793



See the report:

 

Quote

 

Malwarebytes
www.malwarebytes.com

-Detalhes do Relatório-
Data do evento de proteção: 11/01/2020
Hora do evento de proteção: 21:59
Arquivo de relatório: c0ef2394-34d6-11ea-b34c-9828a608975d.json

-Informações do Software-
Versão: 4.0.4.49
Versão de componentes: 1.0.793
Versão do pacote de definições: 1.0.17597
Licença: Premium

-Informações do Sistema-
Sistema operacional: Windows 10 (Build 18362.535)
CPU: x64
Sistema de arquivos: NTFS
Usuário: System

-Detalhes do Site da Web Bloqueado-
Site da web malicioso: 1
, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Bloqueado, -1, -1, 0.0.0

-Dados do site da Web-
Categoria: Malware
Domínio: pontobelo.es.gov.br
Endereço IP: 192.185.214.232
Porta: 443
Tipo: Saída
Arquivo: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(end)

 

 

Share this post


Link to post
Share on other sites

Hello.

I have asked Hostgator to reinstall ssl and the error is gone, it seems to have something to do with it.

Thank you all for your help.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.