Jump to content

False Positives - Other Software Programs


Recommended Posts

Many programs are producing false positives, so if you happen to get one, don't think it is necessarily something wrong with Malwarebytes. Most malware programs have the ability to scan incoming cookies, javascript, and streams to determine if they are a threat even though they may not have been specifically reported due to so many being built by companies, Google for example, just to annoy me by tracking my every move, including adding their tracking cookies when I'm not even on their site but one of their partner sites or one using simply Google Ads. I have real issues with corporate snooping while I accept that based on the idea that we have to register when we are born, provide fingerprints or toe prints at birth, attach all contact information to our driver's license and social security card, and also put all pertinent info on credit cards, bank accounts, personal loans, mortgage apps, and the Department of Homeland Security can tap any phone just for fun, that freedom from surveillance does not extend to hiding info from the government should they ask. Corporate snooping is a whole other matter altogether espcially doing so with no intention of telling you they are. Google is my number one annoyance.

Malware defense is one way to stop corporate tracking. So, by request from Grilner on another forum, I was asked to paste a post that I put in his forum on your forum in order for you to just look at it. No need to contact me lest you feel the need, but I allow direct emails, so be my guest. Here is the post:

Anti-Adware Programs false detection of malicious websites:

I am using a freeware version of Ad-Aware. Some may not like it, some may use it. Generally, now most anti-virus programs also detect malware and adware when the software is running, however, I always liked the idea that Spybot would run a process that would reject changes to my registry if something tried to alter it without my knowledge. Ad-Aware does the same thing, but at the time did not.

I have Ad-Aware detecting sites it says are malicious. If I drop the page not allowing to access the page, I can come in the next day and when I shutdown my browser, I dump all cookies not retaining much but bookmarks and history. I'm currently running Firefox 3.6.8 which doesn't work with many addons despite the idea that it has been reviewed by Mozilla.

I don't generally like beta software. I've had it install and not be removable without a lot of pain in the butt work, including messing with registry keys which I don't like to mess with unless I know which key I'm looking for via instructions somewhere, then I have no problem connecting to the exact same webpage. I have even had an addon that would detect when I was being redirected, and I could choose whether or not to allow it, and NoScript which works to a degree but often prevents sites from working even when you allow "all" the scripts. This is easily explainable in that a site could try to access a planted cookie, run a redirect, or trigger some javascript program it can use the programming in the cookie to get info it needs. Awful extreme mess to go through, but some people have nothing better to do.

Despite all that, Ad-Aware will reject a site one day, and I only update the thing maybe once every 2 or 3 days, so on occasion, nothing has changed, but it doesn't identify the site as malicious. I see no redirect, nor any script blocked unless it's Google, Google Analytics, etc... where corporate busy bodies annoy me.

I've ended up dumping NoScript and the redirect detector, between the two I couldn't get most sites to work despite allowing this and allowing that, so now it could refer me to a site that is malicious and Ad-Aware could detect such a risk, but so far nothing. However, sites I distinctly go to twice even if it's before my cookies are dumped will hit once and not hit again (ie - in the same browsing session). AVG is supposed to reject access to malicious sites and often when I access forums to get simple info, such as this one, it does not say they are malicious but Ad-Aware does. I get so annoyed I shut down Ad-Aware Live. I like the idea that Ad-Aware can detect sites, deny changes to the registry, and after updates, scan the machine, but I'm not convinced that it can always decipher between a page that is malicious and one that is not. Usually these detections go off of a list which is loaded during an update, but there must be the ability to decipher via attempts to access the computer via what would normally be considered malicious that can be detected by Ad-Aware - javascript alterations for example, but I have yet to see anything try to install a virus or adware that would make an attempt at changing any registry keys. Often times too, Ad-Aware only blocks a section of a page, such as something coming from a site on its list, but the rest of the page works, however, most of the time it blocks entire access to the forum. On more than one occasion, links have been deceptive and you never quite know where you'll end up, generally redirected to an ad, and amazingly, Ad-Aware has no idea what happened nor detect anything. Perhaps much of what Ad-Aware is picking up would only mess with IE. I don't know, but I don't use IE; because, it leaves the whole computer open. It is deeply integrated with Windows.

Spybot used to always lock up the computer with it's registry change detector called tea something, but I could still get it to work most of the time, and it didn't break down enough to bother me. Since, henceforth, Ad-Aware surged ahead in popularity. Now most people no doubt consider the software unnecessary since anti-virus software normally will do the same thing. Ad-Aware is even sold in the same version as you can download for around $20 in Walmart without any extras. I wonder, is Spybot as good since it doesn't seem to be as popular, and does it continually annoy you by blocking simple forums without blocking their ads by referral? Ad-Aware (and Firefox and AVG) seem to allow any pop-up or pop-under to show up without triggering anything. I could find an addon to stop that I suppose. Are Spybot or Ad-Aware even necessary? Generally, if something is going to install where it shouldn't do so AVG stops it. Then I scan and make sure it couldn't. I believe that what I am seeing are exactly what this forum here suggests. False positives. I've already seen a couple of registry entries left behind that via my registry cleaner clearly identified that while they are not directing to any particular location they are generally always left there after you uninstall a program and don't hurt anything. Thusly, the registry cleaner at least admits it has identified something normal, but why identify it at all? It's normal, so why annoy me with it? Another false positive.

I get false positives from not just anti-virus software as you have claimed even McAfee does, but also anti-spyware/adware software, malicious viral (etc) sites, and even from registry cleaning software. Maybe this particular forum title should be: False Positives. Without specifying that you are only interested in anti-virus software. It would open up a whole new wing of discussion. A new forum topic might be in order, but in my opinion, this one will do just fine. Another new one could be: Windows Security Holes. Most of the time it's people like us that end up reporting them to Microsoft who doesn't do much until the next fix release. Might help to know how the attack is carried out in order to avoid it until they fix it.

End of Post - I could post this everywhere, but was specifically asked to put it here. Grilner is an admin on another forum, but most forums do not like links to other forums reciprocated, so if an admin on this forum wants the link, just shoot me a message, and I'll be happy to oblige. I doubt this was really helpful for many, but some may feel it is in some ways a predicament for a lot of us. I'm very impressed with Malwarebytes, and feel pretty stupid not to have known about it sooner since it is very popular with the pros. :)

Link to post
Share on other sites

Many programs are producing false positives,

Spybot used to always lock up the computer with it's registry change detector called tea something,

IE; because, it leaves the whole computer open. It is deeply integrated with Windows.

I don't generally like beta software.

In a brief response to some items as I have listed them above -

I do not find a lot of FP's as these are basically non important items from Ad-Awares full scan only - Not usually their Quick scan (all that is required) -

I find the Spybot S&D Tea Timer is not a required item unless this is the only anti-malware program you use on a regular basis -

SUPERAntiSpyware free will remove tracking cookies if you wish to remove them on a regular basis - Malwarebytes do not address this issue -

I.E. is Windows , not just a part of it - Mr Gates provided this program when there were almost no other options -

The (Google) advertising on any browser , is designed to pay for having a program that lets you access the world via internet -

I use Hostsman and other similar programs to stop accidental access to most undesired advertising material on most sites -

A Temp file cleaner like CCleaner slim (set up correctly) will remove left over "intrusive" Temp files , if this is what you require -

As a good free Antivirus I now find M/soft has finally put out M.S.E. that activly blocks real threats to my system -

Also beta software is always listed as experimental - The programs are usually upgraded once you (hopefully) report back to the company involved -

Finally if you do not like the items that you list then your computer is a very good Word Processor (Type-writer) that links to a printer - :)

Note: None of this is meant to downgrade any part of your statement but is merely my version of why and how I use and treat the internet -

Thank you for putting up with another view - :)

EDIT -

I am not an expert in many of these matters , but simply a user who has been trapped and now seems to have a decent setup to save me from many pitfalls -

Also this item should most likely have been placed in General Chat area as it has virtually no reference to Malwarebytes issues -

Link to post
Share on other sites

  • 2 weeks later...
Hey I have security essentials but stopzilla identified two files as "Rogue" Is this a false positive? Or where these files infected? Will security essentials work with out them? It seems to be working without them....

I suggest you upload them to virustotal.com and see if they are flagged as malicious by many vendors.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.