Jump to content

False Positive From Malwarebytes


hanna
 Share

Recommended Posts

4 minutes ago, hanna said:

I report only due to the Virus Total results.

The engine format and configuration in VirusTotal is different than the consumer and corporate products’ default configuration. In VirusTotal Malwarebytes uses a command-line engine with different configuration and detection techniques/heuristics which might detect more than the commercial product. There are also false-positive suppression mechanisms in the commercial product which are not present in the command-line engine in VirusTotal.

This will eventually fix itself in Virustotal as well, as Malwarebytes has no control over this.

 

A staff member will come along and confirm.

Edited by Porthos
Link to post
Share on other sites

Malwarebytes claims the file contains MachineLearning/Anomalous.100%, even though the file is totally clean. That's not possible! Download is not possible via various browsers. The file is blocked only because Malwarebytes is not working properly. Please correct that. I can't wait for it to correct itself.

Link to post
Share on other sites

Unfortunately, the error is still not fixed in the detection. Google blocked RegCool.exe, had to rename the same file to SetupRegCool.exe, now suddenly it doesn't contain any virus anymore. So much for virus detection by Google Chrome and Firefox.
Unfortunately, Malwarebytes still recognizes the program as a virus, as well as another program, TweakPower. Please correct that. Here are the 2 problem cases.

https://www.virustotal.com/gui/file/b210a5c7ba3567867cee50413f24d1db536f06b211f2f47d5917133b80767b69
https://kurtzimmermann.com/files/TweakPower.exe

https://www.virustotal.com/gui/file/de8238527abc81d0a72e288a334a430fd476435a0910a23582945fc3555ef028?nocache=1
https://kurtzimmermann.com/files/SetupRegCool.exe

 

Edited by AdvancedSetup
Disabled live hyperlink
Link to post
Share on other sites

3 hours ago, hanna said:

Unfortunately, Malwarebytes still recognizes the program as a virus, as well as another program, TweakPower. Please correct that. Here are the 2 problem cases.

Not detected again with the installed version.

On 5/18/2022 at 1:30 PM, Porthos said:

The engine format and configuration in VirusTotal is different than the consumer and corporate products’ default configuration. In VirusTotal Malwarebytes uses a command-line engine with different configuration and detection techniques/heuristics which might detect more than the commercial product. There are also false-positive suppression mechanisms in the commercial product which are not present in the command-line engine in VirusTotal.

This will eventually fix itself in Virustotal as well, as Malwarebytes has no control over this.

 

A staff member will come along and confirm.

 

Link to post
Share on other sites

  • Root Admin

Please post the Scan and Protection logs from Malwarebytes so that we can review them.

 

You can find Scan and Protection logs within the Malwarebytes 4 program in the following location

 

image.png

 

RTP stands for Real-Time Protection and is where automatic protection operations would normally be logged

 

image.png

 

If you click on the View option you should get something similar to the following with other options available.

 

image.png

 

 

 

Thank you

 

Link to post
Share on other sites

I can't post the Malwarebytes scan and protection logs for you to review. I'm just referring to VirusTotal's Malwarebytes OnlineSan. TweakPower is no longer recognized. Thanks very much. Unfortunately, RegCool continues. Please fix this.

https://kurtzimmermann.com/files/SetupRegCool.exe

https://www.virustotal.com/gui/file/de8238527abc81d0a72e288a334a430fd476435a0910a23582945fc3555ef028?nocache=1

Link to post
Share on other sites

15 minutes ago, hanna said:

Unfortunately, RegCool continues. Please fix this.

RegCool  is not detected by the consumer or commercial versions of Malwarebytes.

The engine format and configuration in VirusTotal is different than the consumer and corporate products’ default configuration. In VirusTotal Malwarebytes uses a command-line engine with different configuration and detection techniques/heuristics which might detect more than the commercial product. There are also false-positive suppression mechanisms in the commercial product which are not present in the command-line engine in VirusTotal.

This will eventually fix itself in Virustotal as well, as Malwarebytes has no control over this. Virus Total is having trouble reaching Malwarebytes cloud.

Link to post
Share on other sites

I know that of course. However, there are people who first look at a test on Virustotal before downloading the program or Microsoft and Google also work together with Virustotal, so I would really appreciate it if you were able to remove the false positive. I don't want to be accused of distributing a virus just because you have bugs in the program.
https://docs.microsoft.com/en-us/connectors/virustotal/

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.