Jump to content

Recommended Posts

I ran a scan with Malwarebytes and noticed it detected one file that it classified as MachineLearning/Anomalous.100%. It was able to quarantine it, but I was just curious what this type of detection means, since I have never seen it or heard of it before. Any insight would be greatly appreciated. Thanks.

Share this post


Link to post
Share on other sites

Greetings and welcome :)

That detection came from the new anomalous detection component which was recently added to Malwarebytes.  It uses advanced algorithms and cloud capabilities rather than traditional signatures in order to detect new and unknown 0-day threats.  You can find the setting that controls it under Settings>Protection.  It is called Use signature-less anomaly detection for increased protection and is located under Scan Options.

It's a powerful piece of new technology that one of our Developers came up with to combat previously unseen malware to increase the protection and detection rates in Malwarebytes.

If  you have any further questions or issues please don't hesitate to let us know.

Thanks

Share this post


Link to post
Share on other sites

Does this type of detection require any additional tools to remove, or any recommended security setting changes, such as changing passwords I use on the computer?

Share this post


Link to post
Share on other sites

Nope, not at all.  In fact, if the file detected was something you had recently downloaded then there is nothing you need to do because it probably didn't even have a chance to run on your system.

If you wish, you can post the scan log from Malwarebytes where it showed this detection and we can take a look at what was found.

Share this post


Link to post
Share on other sites

I must add that this protection triggered multiple false positives for me today so it's more panic inducing than actually helpful at the moment.

It detected a C# application written by myself (96%), a game executable (japanese developers don't have a custom to sign their code - 97%) and several other third party programs which all show as 100% clean on virustotal and have never been detected as such until now.

Edited by Malebox

Share this post


Link to post
Share on other sites

If you find a false positive, please refer to the information posted here and create a new topic with the requested information by clicking here and a member of the Research team will investigate the issue and get it corrected if the detection is an FP.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.