Sign in to follow this  
Followers 0
roxy7

Action on detections

4 posts in this topic

Hello,

I'm about to download the free MBytes, but just to be sure, if i get any maleware detections and i know them to be false positives OR would like to get them checked out before i do anything what should i do (which button)?

Just want clarification on what the buttons do after a scan, eg if i quarantine, or if i click a certain button will it completely erase the file(s)?

Thanks for any help.

(i ask the above because i know that my avira av has detected false positives)

Share this post


Link to post
Share on other sites

Greetings :)

If you wish to have your results verified before removing any threats, then you may simply uncheck the box next to any detections which are shown in your scan results screen (this ensures that they will not be removed), then click the Remove Selected button. None of the items will be removed, but a scan log will be generated which will open immediately after clicking Remove Selected. You can then post your log here so that we can take a look and help you to determine if the items are safe to remove or not.

Also, if you ever come across a detection that you are certain is a false positive then please refer to this post: Read before reporting a false positive!

and post the info here: False Positives and one of our researchers will investigate the issue and respond as to whether or not this is a false positive, and if it is, they will get it corrected.

Share this post


Link to post
Share on other sites

Thanks alot exile360,

Got some more dumb questions. :blush:

So what happens if i leave all the items checked (or unchecked) and click the ''save logfile'' button?

Does this simply do nothing with the files but allow them for analysis?

Are there ever any complications with restoring files in quarantine to their original location?

Also are there any trusted sites you can recommend for checking out quarantined files so i wouldnt have to bother you guys?

ATB

Share this post


Link to post
Share on other sites

So what happens if i leave all the items checked (or unchecked) and click the ''save logfile'' button?

Does this simply do nothing with the files but allow them for analysis?

That would work the same as what I described above, so either option works :).

Are there ever any complications with restoring files in quarantine to their original location?

Generally, no. However, if you were to come across a false positive which was for example, a critical system file (thankfully something that rarely happens) then the system might be rendered unbootable. So getting to where you'd be able to restore the file(s) from quarantine could be quite difficult, though do keep in mind that we have many safeguards in place to prevent flagging critical system files as malware so this should not occur.

Also are there any trusted sites you can recommend for checking out quarantined files so i wouldnt have to bother you guys?

Sure, you can always upload a detected file to VirusTotal. It will scan the file with multiple antivirus engines to check for infection, though do keep in mind that one of the biggest things we pride ourselves on is the fact that we're frequently able to detect new and unknown threats before most antivirus vendors do, and I've seen many cases where all 42 antivirus products used for VirusTotal failed to detect a file, but it was still not a false positive on the part of Malwarebytes Anti-Malware. They (the antiviruses) simply weren't capable of detecting the threat yet.

Now, all that being said, I believe (having used Malwarebytes Anti-Malware myself for several years now as well as recommending it to friends and family members) that it is generally safe to quarantine, and a false positive is usually quite easy to identify. For example, if you're a Malwarebytes user and one day out of the blue, Malwarebytes starts flagging a file that has been on your computer for years as an infection, then that would likely be a false positive. But if an object that is detected is something new or some file you've never seen/heard of before (especially if your system is displaying any symptoms of infection), then it likely is not a false positive.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.