The Steel Guitar Forum Store 

Post new topic Malwarebytes question
Reply to topic
Author Topic:  Malwarebytes question
Jon Light


From:
Saugerties, NY
Post  Posted 27 Jun 2017 4:21 am    
Reply with quote

I recently bought the full Premium version ( 3.1.2.1733 )

Here is an excerpt of a scan report:

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled


My question is about Rootkits. In SETTINGS I definitely have Rootkit scan "ON" . The report confuses me. If I am misreading or misunderstanding the report, fine. I don't need to know what it means, as long as I can know that it is indeed scanning what I need it to scan.

Does this need my attention?
View user's profile Send private message Send e-mail Visit poster's website

Mitch Drumm

 

From:
Frostbite Falls, hard by Veronica Lake
Post  Posted 27 Jun 2017 5:13 am    
Reply with quote

Doesn't look right to me, Jon.

I show enabled next to rootkits.


I assume in settings/scan options/scan for rootkits, you have the toggle switch set to "on" and have closed the app and rebooted after confirming that setting.

If that's true, you might want to post at the Malwarebytes forum. I haven't checked there, but maybe it is a known issue.
View user's profile Send private message

Jon Light


From:
Saugerties, NY
Post  Posted 27 Jun 2017 5:25 am    
Reply with quote

Thanks Mitch.

Yes, to your questions. I'll look into this.
View user's profile Send private message Send e-mail Visit poster's website

Jon Light


From:
Saugerties, NY
Post  Posted 27 Jun 2017 5:37 am    
Reply with quote

Great advice, Mitch.
It is a known thing, asked and answered in the forum. The selected settings (apparently) apply to manual scans. For automatic scheduled scans you have to click the scan in the schedule and make the selections in 'advanced settings'. My manual settings were good but the default in the scheduled scans is rootkits : disabled (for some reason).

Thanks for the help!
View user's profile Send private message Send e-mail Visit poster's website

Mitch Drumm

 

From:
Frostbite Falls, hard by Veronica Lake
Post  Posted 27 Jun 2017 7:18 am    
Reply with quote

Thanks for digging into that.

I just checked settings/scan schedule/edit button/advanced and found that "scan for rootkits" was checked under "scheduled options".

I guess you are saying that that is NOT the default?

I frankly can't recall if I had previously visited that location and made that setting manually. If it isn't the default, I guess I must have as my scan report says rootkits enabled, unlike yours.
View user's profile Send private message

Jon Light


From:
Saugerties, NY
Post  Posted 27 Jun 2017 7:33 am    
Reply with quote

Your summary is correct although all I can only say for certain that my auto scan was defaulted to 'disabled' and that this is the situation that I found in the MBAM forum. Maybe this pertains only to new installations or something (I upgraded from the free version a couple of weeks ago)? I do not know and did not investigate that.
View user's profile Send private message Send e-mail Visit poster's website

Jack Stoner


From:
Kansas City, MO
Post  Posted 28 Jun 2017 4:18 am    
Reply with quote

I have mine set to "defaults" and that is rootkits off.
_________________
GFI Ultra Keyless S-10 with pad (Black of course) TB202 amp, Hilton VP, Steelers Choice sidekick seat, SIT Strings
Cakewalk by Bandlab and Studio One V4.6 pro DAWs, MOTU Ultralite MK5 recording interface unit
View user's profile Send private message Send e-mail

Jon Light


From:
Saugerties, NY
Post  Posted 28 Jun 2017 4:47 am    
Reply with quote

Jack--do you have some reasoning that would convince me to switch rootkit scanning off? I know/understand nothing and simply opt for 'more scanning is good' unless instructed otherwise.
View user's profile Send private message Send e-mail Visit poster's website

Wiz Feinberg


From:
Mid-Michigan, USA
Post  Posted 28 Jun 2017 8:55 am    
Reply with quote

Jon Light wrote:
Jack--do you have some reasoning that would convince me to switch rootkit scanning off? I know/understand nothing and simply opt for 'more scanning is good' unless instructed otherwise.


I'm not Jack, but will chime in here anyway.

Personally, I turn on scanning for rootkits. While they aren't an every day threat, they are out there in malware like the Petya virus. Petya scrambles the Master Boot Record (thus encrypting the entire disk) and uses a rootkit to reinstall if it is deleted. Petya is currently in the wild and uses some of the attack vectors used in Eternal Blue and WannaCry. While not particularly targeting normal computer users, we can become collateral damage. A rootkit detector goes a long way to stopping Petya and related malware.

Note that scanning for rootkits adds to the load on your computer during the scan and could interfere with its operation until the scanning has completed.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog
View user's profile Send private message Send e-mail Visit poster's website

Jon Light


From:
Saugerties, NY
Post  Posted 28 Jun 2017 9:18 am    
Reply with quote

Thanks Wiz. I schedule my scans for off hours so resource load is not an issue.
I'll keep everything enabled.
View user's profile Send private message Send e-mail Visit poster's website

Wiz Feinberg


From:
Mid-Michigan, USA
Post  Posted 28 Jun 2017 10:05 am     Info on the Petya virus
Reply with quote

Malwarebytes has an info page devoted to the new Petya/NotPetya virus.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog
View user's profile Send private message Send e-mail Visit poster's website


All times are GMT - 8 Hours
Jump to:  

Our Online Catalog
Strings, CDs, instruction,
steel guitars & accessories

www.SteelGuitarShopper.com

Please review our Forum Rules and Policies

Steel Guitar Forum LLC
PO Box 237
Mount Horeb, WI 53572 USA


Click Here to Send a Donation

Email admin@steelguitarforum.com for technical support.


BIAB Styles
Ray Price Shuffles for
Band-in-a-Box

by Jim Baron
HTTP