I keep getting notifications of Syncthing-related processes being blocked in Malwarebytes. All events are logged as RTP detections. The event details vary: most are for Trojans, but some are for malware, riskware, and “compromised”. Every action has been “blocked website.” I set up Syncthing a few weeks ago, and up until yesterday all detections were for the same location/IP address. Adding the IP address to the Allowed list in Malwarebytes seemed to fix the issue, but now I’m getting the same set of alerts for a second, different location/IP address.
Assuming this is a false positive, how can I get this to stop? Adding the Syncthing.exe executable didn’t fix the problem when I attempted this a couple of weeks ago.
I’m also not sure why the event details (Trojan, malware, riskware, compromised) vary when “Action” and “Event” are consistent in the logs.