False positive with malwarebytes?


#1

I searched and couldn’t find any similar issues on the forum. I have been using escargot since it came to be and had never had any issues until now. A week ago out of nowhere my malwarebytes detected (through real time detection) msnmsgr.exe and its start-up registry key as a ransomware (“ransom agent generic”)

I only have one contact that i chat with through MSN who is definitely trustable and would never send any virus/attacks through the client. And we weren’t even sending any files at all while it happened, so it doesn’t seem like it was related to that. The version I was using is 8.5 if that matters. Any ideas?


#2

But msn is not a virus


#3

Add the folder of MSN to exception. MSN is not a virus so sometimes the Malwarebytes makes fake alarms.
You can use the MSN.


#4

Malwarebytes is known for a lot of false positives. Just add an exception to anything you know is safe and don’t worry about it.


#5

Well i realize msn is not a virus, i just thought it was very odd that all of sudden it would give this warning, after using it since launch without any issues side by side with Malwarebytes. Especially considering it detected it as a ransomware.

I wanted to hear from the more technical users about what might have caused it. Is it possible someone could be exploiting some old flaw in MSN to send ransomware through the network? If it was a false positive relating to the .exe i would assume a lot more people would have had it by now, since malwarebytes is so popular


#6

It may have been detected as ransomware by some MSN actions (modifying chat history files and changing downloaded images in your document folder). Just add the exclusions list and you’re done :wink:


#7

Yeah, that probably makes more sense… I’ll reinstall and see if it happens again, then add an exception if it does. Thanks.