Malawarebytes pro - False positive on Netgear Genie?

  john bunyan 15:20 14 Aug 2014

I have recently (Thanks for tip Jock 1e) installed the lifetime Malawarebytes pro, real time protection, and have the free Avast a/v without its web protection as I found that this disabled I Cloud.

I have a Netgear 4000 router and that has a "Netgear Genie" application that is handy if the router drops out etc.

This morning, Malawarebytes pro stopped 10 or so "Trojan.Crypt. ED". The scan showed it had disabled a host of things to do with Netgear Genie. I (too) quickly got rid of them from the vault, and found the Netgear genie icon was not working. A system resore to yesterday did not work. Finally fixed it by reinstalling Netgear Genie.

Is there a way of reporting this to Malawarebytes?

  rdave13 16:07 14 Aug 2014

If you scan again and this time quarantine them then go to History tab, quarantine you can create a log file of the scan under application logs that saves to notepad. Once done you can restore the files. Think I've got it right.

You can then submit a ticket here, now I've not done this but you will have all the relevant info from your saved log file for your question.

As you know the files are OK you can create an exception rule next time you scan.

As an example I created a log for Crypto Protector to see what was what.

Malwarebytes Anti-Malware

Scan Date: 06/08/2014 Scan Time: 16:06:01 Logfile: Malwarebytes cryptoblock.txt Administrator: Yes

Version: Malware Database: v2014.08.06.05 Rootkit Database: v2014.08.04.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Enabled

OS: Windows 8.1 CPU: x64 File System: NTFS User: peter

Scan Type: Threat Scan Result: Completed Objects Scanned: 371431 Time Elapsed: 14 min, 3 sec

Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Warn PUM: Enabled

Processes: 0 (No malicious items detected)

Modules: 0 (No malicious items detected)

Registry Keys: 0 (No malicious items detected)

Registry Values: 0 (No malicious items detected)

Registry Data: 2 Broken.OpenCommand, HKCR\piffile\shell\open\command, "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe" "Good: ("Bad: ("C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe" *"%1" %),,[ffffffffffffffffffffffffffffffff]" %)" %, %4, %5 Broken.OpenCommand, HKCR\scrfile\shell\open\command, "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe" "Good: ("Bad: ("C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.exe" "%1" /S %),,[ffffffffffffffffffffffffffffffff]" /S)" /S %, %4, %5

Folders: 0 (No malicious items detected)

Files: 0 (No malicious items detected)

Physical Sectors: 0 (No malicious items detected)


Lord knows what it all means but I was happy enough to create an exception rule for the program.

1]: [click here

  john bunyan 16:22 14 Aug 2014


In the end I reinstalled netgear genie, and all is well. A False Positive indeed, as I have now found by joining the Malawarebytes forum.

Malawrebytes Forum

  rdave13 16:28 14 Aug 2014

john bunyan glad you're sorted. Sometimes the quarantine list doesn't actually show the full path of what it quarantines but creating a log file shows everything. I personally think that Malwarebytes pro is one of the best around, if not the best.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Huawei Mate 20 Pro review: In-depth hands-on

See concept art from groundbreaking video games including The Last of Us, Journey and No Man's Sky

iPhone XR release date, price & specs

Les meilleurs VPN pour Kodi (2018)