Malawarebytes pro - False positive on Netgear Genie?

  john bunyan 15:20 14 Aug 2014
Locked
Answered

I have recently (Thanks for tip Jock 1e) installed the lifetime Malawarebytes pro, real time protection, and have the free Avast a/v without its web protection as I found that this disabled I Cloud.

I have a Netgear 4000 router and that has a "Netgear Genie" application that is handy if the router drops out etc.

This morning, Malawarebytes pro stopped 10 or so "Trojan.Crypt. ED". The scan showed it had disabled a host of things to do with Netgear Genie. I (too) quickly got rid of them from the vault, and found the Netgear genie icon was not working. A system resore to yesterday did not work. Finally fixed it by reinstalling Netgear Genie.

Is there a way of reporting this to Malawarebytes?

  rdave13 16:07 14 Aug 2014

If you scan again and this time quarantine them then go to History tab, quarantine you can create a log file of the scan under application logs that saves to notepad. Once done you can restore the files. Think I've got it right.

You can then submit a ticket here, now I've not done this but you will have all the relevant info from your saved log file for your question.

As you know the files are OK you can create an exception rule next time you scan.

As an example I created a log for Crypto Protector to see what was what.

Malwarebytes Anti-Malware www.malwarebytes.org

Scan Date: 06/08/2014 Scan Time: 16:06:01 Logfile: Malwarebytes cryptoblock.txt Administrator: Yes

Version: 2.00.2.1012 Malware Database: v2014.08.06.05 Rootkit Database: v2014.08.04.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Enabled

OS: Windows 8.1 CPU: x64 File System: NTFS User: peter

Scan Type: Threat Scan Result: Completed Objects Scanned: 371431 Time Elapsed: 14 min, 3 sec

Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Warn PUM: Enabled

Processes: 0 (No malicious items detected)

Modules: 0 (No malicious items detected)

Registry Keys: 0 (No malicious items detected)

Registry Values: 0 (No malicious items detected)

Registry Data: 2 Broken.OpenCommand, HKCR\piffile\shell\open\command, "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe" "Good: ("Bad: ("C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe" *"%1" %),,[ffffffffffffffffffffffffffffffff]" %)" %, %4, %5 Broken.OpenCommand, HKCR\scrfile\shell\open\command, "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe" "Good: ("Bad: ("C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe" "%1" /S %),,[ffffffffffffffffffffffffffffffff]" /S)" /S %, %4, %5

Folders: 0 (No malicious items detected)

Files: 0 (No malicious items detected)

Physical Sectors: 0 (No malicious items detected)

(end)

Lord knows what it all means but I was happy enough to create an exception rule for the program.

1]: [click here

  john bunyan 16:22 14 Aug 2014
Answer

rdave13

In the end I reinstalled netgear genie, and all is well. A False Positive indeed, as I have now found by joining the Malawarebytes forum.

Malawrebytes Forum

  rdave13 16:28 14 Aug 2014

john bunyan glad you're sorted. Sometimes the quarantine list doesn't actually show the full path of what it quarantines but creating a log file shows everything. I personally think that Malwarebytes pro is one of the best around, if not the best.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Xiaomi Mi Mix 2 review

See mcbess's iconic style animated for Mercedes-Benz

iPhone X news: Release date, price, new features & specs

Black Friday 2017 : date, sites participants & bonnes affaires