Jump to content

Scanning individual folders @ files in Windows 7 SP 1


Recommended Posts

Let's try this first.... (Malwarebytes clean removal tool will backup your license information and then re-enter the license to the new install)

  1. Please follow the steps in this pinned topic to uninstall your current version of MBAM and reinstall the latest build - Malwarebytes mb-clean tool (NOTE: After uninstalling with the mb-claen tool you will be asked to reboot. Once you reboot it will ask you if you want to re-install Malwarebytes, you can select YES (it will download the latest version) or you can download the latest version manually (currently v3.2.2.2018 CU 1.0.188) to re-install from HERE)
  2. If that does not correct the issue, then please read the following and attach to your next reply the requested logs - Diagnostic Logs (after you run all the tools requested, all the logs will be combined into one log file named: mb-check-results.zip located on your Desktop (which will include the FRST logs inside the zip file))
  3. NOTE: More info about the latest Malwarebytes 3.2.2 HERE; MB 3 User Guide ONLINE; MB 3 User Guide PDF; MB 3 FAQ: Malwarebytes 3.0 - Frequently Asked Questions


Please let us know how it goes.


Thank You,

Firefox

Link to post
Share on other sites

13 minutes ago, aggynet said:

The scan time of a simple word document takes s long as a general oveall scan

Though it should not take very long. Scanning a Word doc is a waste of time.

Malwarebytes does not target script files. That means MB will not target; JS, HTML, VBS, .CLASS, SWF, BAT, CMD, PDF, PHP, etc.

It also does not target documents such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, etc.

It also does not target media files;  MP3, WMV, JPG, GIF, etc.

But if that file is executed MB is designed to stop the payload from getting to your computer.

I personally use the Virus Total uploader. With VirusTotal uploader this task could not be easier, just right-click on the file you wish to upload and select the VirusTotal option from the Send To context menu:

https://www.virustotal.com/en/documentation/desktop-applications/

Edited by Porthos
Link to post
Share on other sites

7 hours ago, Porthos said:

Though it should not take very long. Scanning a Word doc is a waste of time.

Malwarebytes does not target script files. That means MB will not target; JS, HTML, VBS, .CLASS, SWF, BAT, CMD, PDF, PHP, etc.

It also does not target documents such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, etc.

It also does not target media files;  MP3, WMV, JPG, GIF, etc.

But if that file is executed MB is designed to stop the payload from getting to your computer.

I personally use the Virus Total uploader. With VirusTotal uploader this task could not be easier, just right-click on the file you wish to upload and select the VirusTotal option from the Send To context menu:

https://www.virustotal.com/en/documentation/desktop-applications/

A minor correction here.  While our anti-malware engine does not explicitly scan/detect scripts and the other file types you mentioned, our anti-exploit component does actually target exploits which utilize these and other file types, not just the payloads they might try to download.  This means that if you have a Word document, PDF, MP3 or some other non-executable file which contains malicious code/an exploit that as soon as the file is opened and the exploit code attempts to launch, our exploit protection should stop it and quarantine the file accordingly long before the exploit is given the opportunity to reach out to the web to grab an executable payload.

I hope that helps to clear things up a bit.

Link to post
Share on other sites

5 minutes ago, exile360 said:

as the file is opened and the exploit code attempts to launch, our exploit protection should stop it and quarantine the file accordingly long before the exploit is given the opportunity to reach out to the web to grab an executable payload.

I said that Samuel. :)

7 hours ago, Porthos said:

But if that file is executed MB is designed to stop the payload from getting to your computer.

 

Link to post
Share on other sites

7 hours ago, Firefox said:

@exile360, thanks for that, however right clicking on the file/folder with those types of files would yield no results right? Unless you try to execute the file correct?

Correct, because the scanner only uses our anti-malware database as our anti-exploit and other modules work via behavioral detection meaning they must catch the threat in the act in order to detect it.

7 hours ago, Porthos said:

I said that Samuel. :)

 

Sort of.  You did say that it stops the payload from getting to the computer, however the way the rest of the information was presented/phrased made it sound to me like we had no means of detecting infected documents and scripts, so I just wanted to clarify that we do have a component that actually does detect them directly now; it simply functions by using signatureless behavioral means of detection, which is why it is not part of the on-demand file scanner.  While it is true that for a long time Malwarebytes had no way of detecting non-executable (i.e. non-PE) malicious files, since we now have additional protection layers in MB3, we now do have ways of detecting them.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.