Jump to content

Exclude By extension


Recommended Posts

There many things that are not targeted anyway. What else do you want to exclude.

MBAM will not target; JS, JSE,  PY, .HTML, VBS, VBE, WSF, .CLASS, SWF, SQL, BAT, CMD, PDF, PHP, etc.
It also does not target documents such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, RTF, etc.
It also does not target media files;  MP3, WMV, JPG, GIF, etc.

Link to post
Share on other sites

35 minutes ago, Porthos said:

It also does not target media files;  MP3, WMV, JPG, GIF, etc.

 

11 minutes ago, MalAlexS said:

How about .FLAC, .MID, .WAV ?

Those are media files.

11 minutes ago, MalAlexS said:

I still have a specific question, how can I exclude extensions?

You can not. Staff will have to add to this if I am mistaken.

Edited by Porthos
Link to post
Share on other sites

Thanks

The other extension I want to remove is .RX2.

I've googled but can't find any article or documentation which specially states which extensions are excluded, does anybody know?
Also what's the best way to log this functionality as feature request?

Cheers...

Link to post
Share on other sites

I would assume its in the manuel

Malwarebytes Anti-Malware
Users Guide
Version 2.2.1

You can read the manual below to understand all functions of the new version....

Online Users Guide => HERE <=

Download PDF from => HERE <= (or just right click and choose save as)


NOTE: There is an FAQ section with valuable information located here:
Common Questions, Issues, and their Solutions

Link to post
Share on other sites

Well I have already looked. I'm afraid the question still stands, where is the article or documentation which specially states which extensions are excluded?  :) Please don't answer if you don't know.

Thanks anyway.

Edited by MalAlexS
Link to post
Share on other sites

1 hour ago, MalAlexS said:

I'm afraid the question still stands, where is the article or documentation which specially states which extensions are excluded?

There is NOT one. This post is always offered by Experts / Staff  to explain this

https://forums.malwarebytes.org/topic/183486-fileszip-js-and-vbe/?do=findComment&comment=1041586

6 minutes ago, Firefox said:

People are only trying to help answer your questions, no need to be rude about it... ;)

Same here.

Link to post
Share on other sites

I wrote that.  What would be more definitive ?

For the most part, MBAM ignores the file extension.  It looks at the file's content.  Thus MBAM will detect a malicious executable even if it is renamed  to DAVE.TXT.

Where MBAM pays attention to the extension is where you have a .EXE file renamed to something like .PDF or if one has a file with a double-extension such as .PDF.EXE

[ double-extension exploits "Hide extensions of known file types" ]

Edited by David H. Lipman
Link to post
Share on other sites

And to add this is a very important specific question for me I know others might think I being picky but that is the answer I am looking for. They should also note I have been friendly, grateful, thankful and polite throughout the thread so far. 

Edited by MalAlexS
Link to post
Share on other sites

8 hours ago, David H. Lipman said:

There is no "definitive list of excluded extensions" based upon the fact the software is geared toward file content and not by filename.

 

By that logic then all files are analysed otherwise it wouldn't know what the content is,  which would mean there are no filename extension exclusions.

I think I'll create a ticket at this point. Cheers.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.