Jump to content

False Positive


DarenH
 Share

Recommended Posts

I have used NitroPro PDF for many years on my pc. Last year a popup came up on my pc and said that it blocked a Ransomware software and pointed to the Nitropropdf.exe file. I ended up disabling malwarebytes and doing a repair on the software list on my pc. It fixed it. Now today it did it again. Why is malwarebytes doing this?  I use this software every day.

 

Thank you

Link to post
Share on other sites

6 minutes ago, DarenH said:

Where would I find the log file?  

To get the log from Malwarebytes do the following:
 

  • Single click on the target sight above scanner window.
  • In the new window select Report
  • Double click on the Scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have two options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Export toTxt - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
     
  • Please use " Copy to Clipboard " then paste the contents here in your next reply

Please double-click on one of the block entries shown in the image you posted to view the report, then click the Export link on the bottom left of the report and select Copy to clipboard, then paste the contents here in your next reply so that we may take a look and advise you based on what it shows.

Thanks

Edited by Porthos
Link to post
Share on other sites

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 7/30/21
Scan Time: 6:01 AM
Log File: 52dea8fc-f136-11eb-80ad-14b31f0b2af3.json

-Software Information-
Version: 4.4.3.125
Components Version: 1.0.1387
Update Package Version: 1.0.43716
License: Premium

-System Information-
OS: Windows 10 (Build 10586.1176)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 297180
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: -56 min, -56 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

Sorry I selected the incorrect report.  

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 7/30/21
Protection Event Time: 6:27 AM
Log File: 0fa245ec-cad3-11e5-8569-14b31f0b2af3.json

-Software Information-
Version: 4.4.3.125
Components Version: 1.0.1387
Update Package Version: 1.0.43716
License: Premium

-System Information-
OS: Windows 10 (Build 10586.1176)
CPU: x64
File System: NTFS
User: System

-Ransomware Details-
Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

File: 1
Malware.Ransom.Agent.Generic, C:\Program Files\Nitro\Pro\12\NitroPDF.exe, Blocked, 0, 392685, 0.0.0, 2f263b845a7d4a54bf608dcb7c306bba, 48180d60ded28307e9558530cf2ff8e2492b0d856d47f694339ebc983bf47c52


(end)

  • Thanks 1
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.