Malwarebytes has been flagging ExifTool as generic ransomware. I tried setting an exclusion for ExifTool, but MB seems to be ignoring the exclusion. I submitted a support request to Malwarebytes, but so far I have only received a "Thanks for contacting us" email, which said, "IMPORTANT: We are currently experiencing delays in email responses due to high volume."
Quote"IMPORTANT: We are currently experiencing delays in email responses due to high volume."
That's a standard phrase you get from most companies these days....
I finally heard back from Malwarebytes, and they claim the problem has now been fixed. I haven't had a chance to try it yet.
Sounds good. I guess these companies get thousands of reports every day and just need time to wade through.
Since I have shipped six versions of IMatch in the past two weeks, all naturally with changes binaries, the problem may have gone away anyway. Or re-appear ;)
FYI, I just had this same flag pop up this evening, 7/20/2020. First time I've ever seen it.
I test every release of IMatch on VirusTotal.com and I run four different virus checkers on my own computers.
I had no doubt about that. When it happened, I thought something got infected post installation, so just to be sure, I let Malwarebytes quarantine and delete the offending file. Had to reinstall Imatch, but nothing was lost.
As long as the digital certificate of the installer is valid (Windows will warn you otherwise) you have an unmodified copy of the installer. The installer and all DLLs and executables are signed.