miekiemoes

Hi, This is indeed a false positive by our additional machinelearning engine we have implemented. This will get fixed. Thanks for reporting!

Hi, Hacks and Cracks are always a risk, as they often lower security and might be embedded with malware. That's why a lot of antivirus detect these, just to alert people. It doesn't really mean this is malware though, but at least, it's riskware.

This is really impossible on a logfile, because, as I said in above, our Machinelearning engine only supports detection of PE Files. But given you can't provide this "log-file", there's no way I can check it out either/reproduce this. Please let the cloud company know about this and have them contact us if they are seeing the same, but I really doubt they do, because we would have heard about this for a while already. Thanks!

Hi, Are you sure this is a log and not a binary/PE file? Because the machinelearning engine that is detecting this only supports detecting PE files. Please note that it doesn't mean, because it has a .log extension, that it can't be a PE file, as you can rename any file to something different.

I mean the detection log file where the detection is displayed. This so we have a better idea as what it is detected, (what RuleID) (so we can figure out why it was detected), so we also know what detection rule we need to review.

Hi, I really need more info. Do you mean we detect the sync-refresh.log file? Can you zip and attach the detection log? (please no screenshot, but the log where this detection is displayed) Thanks!

Hi, Verified these were false positives and will get fixed in next database update.

Hi, We will look into this and fix where needed. Thanks for reporting!

The one from the owners site is bundled as well. The one that appeared to be "clean" (at least, not bundled in my case) was the one via majorgeeks, but please use the download-link I provided here instead of the "Download Now" button one, as that one is also bundled. So this should give a "clean" version:

Looks like you have an ad-supported/bundled version downloaded, which is why we detect (so this is not a false positive, but a valid detection) If you would check this on Virustotal, you'll see this will also be detected there by most Antivirus

Most of the links at their site to download are ad-supported, redirects or bundled installers, hence why these are blocked by Malwarebytes. It's either being blocked by the Malwarebytes browser extension or Malwarebytes program itself Always be careful where you click to download from these sites. Eg, for majorgeeks, better to use this link to download: On the Imgburn official site, use it from the imgburn mirror itself:

@Hexeta Given you posted in an older thread (where MB3 still applied), you might want to refer to this article to add exclusions, as you are most probably on MalwareBytes v4 now. https://support.malwarebytes.com/hc/en-us/articles/360038479234 Nevertheless, please let me know if you are still getting a detection and if so, please zip and attach the exact file that is detected.

Hi, This is indeed a false positive by our additional machinelearning engine we have implemented. This will get fixed. Thanks for reporting!

Hi, Can you zip and attach the UNINSTALL AVIDEMUX VC++ 64BITS.EXE file please? Thanks!

Hi, This should no longer be detected anymore. I can't reproduce detection on my end either. In case it's still detected on your end, it's probably because of a caching issue. In order to fix that, Quit malwarebytes from the systemtray. Then navigate to the following folder: C:\ProgramData\Malwarebytes\MBAMService In there, locate the file HubbleCache and delete it. Restart Malwarebytes again. A new Hubblecache will then be created again, so it will properly pick it up and remember to not detect this anymore.