miekiemoes

Hi, This looks like false positives indeed and will get fixed. Thanks for reporting!

Hi, Thanks for reporting. This will get fixed. If you are actively working on this program (as in - developing), I suggest you add an exclusion for the working directory, as changes might trigger a behavior ransomware detection again. Once final, ready to be released, then you can submit again to us if it's still being detected.

As for FotoXplorer, before releasing it, yes please submit to us (you can post it in a private message to me if you don't want to post it public), so we can verify if detected and fix it. And no, normally you don't need to clear a cache or anything, so you can remove your exclusions. However, on the other hand, while you are developing, it's still a good idea to create an exclusion for the folder where your files are in. Then when you're about to release, you can verify if the new one is getting detected again and submit it to us as well. Thanks!

Hi, This is a false positive indeed and will get fixed. Thanks for reporting!

Hi, My mistake, it wasn't perspective.exe we have fixed earlier today, I confused with another program. In either way, this shouldn't be detected anymore either.

Hi, Thanks for reporting. Can you verify if this is still detected? This since I can't reproduce detection here anymore. I remember we have fixed this earlier today already. Thanks!

Hi, It was blocked because of this: https://adguard.com/en/blog/big-star-labs-spyware/ Big violation with the privacy policy. For firefox, it seems like they haven't change much regarding this at all. For Chrome, they did some changes to it. Although, we will review the Chrome extension and re-add detection if still needed.

Hi, No, normally the hubblecache doesn't need to get deleted. Just for the few cases, when there was an FP and the machinelearning detection still appears after a few days.

Hi, I can't reproduce detection on the file. Is this the exact same file as you attached? If so, then it might be because it keeps it cached. Quit malwarebytes from the systemtray. Then navigate to the following folder: C:\ProgramData\Malwarebytes\MBAMService In there, locate the file HubbleCache and delete it. Restart Malwarebytes again. A new Hubblecache will then be created again, so it will properly pick it up and remember to not detect this anymore.

I'm sending you a PM with this instead

Hi, This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Also see here for more explanation: https://forums.malwarebytes.com/topic/238670-machinelearninganomalous-detections-and-explanation/ Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore. This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore.

Hi, This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Also see here for more explanation: https://forums.malwarebytes.com/topic/238670-machinelearninganomalous-detections-and-explanation/ Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore. This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore.

Hi, We have verified that the registered version doesn't have the additional bundles, so detection for the registered version has been removed.

Hi, We only detect installer, which IS bundled with the additional offers. If you can send me an installer that doesn't have the additional bundle offers, then I'll be happy to look at it.

Hi, Yes, that might undo the "fix", it all depends what changes are being made. You can always send me a private message via this forum in order to discuss this further.