miekiemoes

Yes, they were false positives :)

Hi, Do you have "Use expert system algorithms to identify malicious files" enabled? It is located in Settings > Security> Scan option. This is normally disabled by default, as this is a more aggressive machinelearning engine where False Positives might happen occasionally. In either way, this will get fixed. Thanks for reporting!

Hi, Thanks for the feedback on this. I'll share this with the team.

Hi, This is detected by our MachineLearning engine, which helps to protect even better against 0day threats. Unfortunately, as this is a heuristic engine, it's possible False Positives happen. Also see here for more explanation: https://forums.malwarebytes.com/topic/238670-machinelearninganomalous-detections-and-explanation/ Thanks for reporting these, as this helps to finetune the engine, so these won't be detected in the future anymore. This should be fixed by now. Please give it some time (max 10 minutes) in order to have it populate, so detection won't happen anymore.

Hi, This has been fixed already, as this is a machinelearning engine, so it always retrains on detected samples and automatically fixes if a False Positive.

Hi, Please zip and attach the detected samples together with the detection log, so we can have a look. Thanks!

Hi, I can't reproduce detection. Can you rescan again? Also, are you sure this was a Malwarebytes detection? Because the detection name "Trojan:Win32/Wacatac.B!ml" rather sounds like a Microsoft detection.

Hi, This has been whitelisted already.

Hi, This is indeed a false positive by our additional machinelearning engine we have implemented. This will get fixed. Thanks for reporting!

The post has it for all versions :)

Hi, The mbam.exe/developer instructions are for a real old version of malwarebytes, which don't appy anymore. Assuming you have Malwarebytes 4, please do the following: Open the Scanner Box. Click on the Detection History Box. Mouse over the Scan Report of correct log with the detection listed to highlight it. Click the Download/export button give it a name for example: fpreport.txt Save it to the desktop or somewhere on your computer you can find it. Attach the scan log with your post. Additionally, please also attach the detected file with your post. Make sure it is in ZIP or RAR format.

Hi, Do you have "Use expert system algorithms to identify malicious files" enabled? It is located in Settings > Security> Scan option. This is normally disabled by default, as this is a more aggressive machinelearning engine where False Positives might happen occasionally. In either way, this will get whitelisted

Hi, I have whitelisted this above file as well.

Hi, This has also been whitelisted in a meanwhile.

Hi, This is indeed a false positive by our additional machinelearning engine we have implemented. This will get fixed. Thanks for reporting!