Jump to content

TheAssurer

Members
  • Posts

    3
  • Joined

  • Last visited

Posts posted by TheAssurer

  1. 36 minutes ago, Porthos said:

    There is no reason to do a full scan.

    Malwarebytes does not target script files during a scan.. That means MB will not target; JS, HTML, VBS, .CLASS, SWF, BAT, CMD, PDF, PHP, etc.

     

    It also does not target documents such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, etc.

     

    It also does not target media files;  MP3, WMV, JPG, GIF, etc.

     

    Malwarebytes will block files like these on execution only with the anti-exploit module of the paid program.

     

    Malwarebytes is not designed to function like normal AV scanners and uses a new kind of scan engine that relies mostly on heuristics detection techniques rather than traditional threat signatures.  Malwarebytes is also designed to look in all the locations where malware is known to install itself/hide, so a full or custom scan shouldn't be necessary, especially on any sort of frequent basis (like daily), especially since the default Threat Scan/Quick Scan checks all loading points/startup locations, the registry, all running processes and threads in memory, along with all system folders, program folders and data folders as well as any installed browsers, caches and temp locations.  This also means that if a threat were active from a non-standard location, because Malwarebytes checks all threads and processes in memory, it should still be detected.  The only threat it *might* miss would be a dormant/inactive threat that is not actively running/installed on a secondary drive, however if the threat were executed then Malwarebytes should detect it.  Additionally, whenever a new location is discovered to be used by malware the Malwarebytes Research team adds that location dynamically to the outgoing database updates so the locations that are checked by the default Threat/Quick Scan in Malwarebytes can be changed on the fly by Research without requiring any engine or program version updates/upgrades.

     

     

    That is a non-answer, because it attacks the reason for why I am doing full scans.  I choose to do weekly full scans because I maintain archived software repositories, that sometimes do not test positive, until some point in the future.  I want to know where Windows Update keeps files used to restore (roll back) previous versions, so that MB does not waste time, when performing full scans.

  2. I have just began getting this error.  The false positive is in the install file AND the installed "uninstall" file.  The error occurs in all current version of gVIM, back to gVIM 8.0 before the detection stops.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.