miekiemoes

In some cases, it might take a bit longer for it to populate, as this is a fix in the cloud, where some ISP providers have cached previous results already. This only applies for when it was detected before already. In order to bypass this easily, so it re-forces to get the fresh (non cached one), quit Malwarebytes, navigate to the C:\ProgramData\Malwarebytes\MBAMService folder and locate the file HubbleCache in there. Then delete that file. When you start Malwarebytes again, it will redownload the hubblecache again where it won't be detected anymore.

Hi, This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Also see here for more explanation: https://forums.malwarebytes.com/topic/238670-machinelearninganomalous-detections-and-explanation/ Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore. This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore.

Hi, The protection version is the database versions that hold new signatures, so that's indeed the more important one. So this shouldn't be detected anymore in 1.0.8113 and above, so the remediation message might still come from when an older database was still loaded into memory. In case you selected to remediate already, you should be able to restore the file again from quarantine. A reboot might be required though. The one that was under detections was probably still from when an older database version was in use. So no action is required there.

Hi, Thanks for reporting. This will be fixed in next database update.

If you have it installed, then there should be a way to also uninstall it. So look through your add/remove programs if you see anything listed that is called Luminati or Hola and uninstall it from there. Alternatively, you can contact them via here, so they can guide you how to delete it: https://luminati.io/#contact

Hi, Thanks for reporting. We will analyze and whitelist if needed.

That's better. This should now be fixed and not detected anymore.

Hi, I can't reproduce detection on any of the files that you attached. Can you check/verify again what exact file is detected and attach that one only? Thanks!!

Hi, I assume this is a MachineLearning detection? If so, then please wait for the next database update (which should go out in a bit), where we have added it to our whitelisting. Thanks!

Hi, If you are using the database version v2018.12.04.01 (above screenshot), then it should no longer be detected anymore. Can you verify this please? Is it still detected? Because it shouldn't. If still detected, please zip and attach the malwarebytes log, where this detection is displayed, so we can doublecheck.

Yes, it's the Protection Update Version column in your case.

Well, first of all, make sure you have latest database update. It was fixed in databases: MBAM1x/2x v2018.12.01.03 was published at 12/1/2018 8:23:08 AM (UTC) MB3 1.0.8113 was published at 12/1/2018 8:36:29 AM (UTC) So any database after that should be good and the False Positive won't re-appear

Hi, This was a false positive indeed and has been fixed a couple of days ago already, so yes, please, restore from quarantine

Thanks. After verifying, I see this was added to our trusted programs earlier today already, so it should no longer be detected anymore. Thanks for reporting!! Sidenote, here you can find more info about our machinelearning detection:

Thanks. We will review and remove detection if needed.