Jump to content

SDM

Members
  • Posts

    10
  • Joined

  • Last visited

Reputation

1 Neutral
  1. Ok, installed MB, checked registry key, rebooted, checked registry key, ran MB full scan with all options turned on (ran 18+ hours). Rebooted, rechecked registry. All seems ok. I have 3 disks with backup data, that I have kept offline during this process. I need to restore a lot of this data but I am worried that they might have become infected at some time before I discovered the tamper restore malware. What is the safest way to proceed. I was going to mount them one at a time and run Microsoft Safety Scanner on each disk followed by MB scan. Then copy the data back to the PC and go on to the next disk and repeat process. Does this make sense or is there a better way? Thanks
  2. See attached log file. Shows nothing found. Regedit shows zeros in the 2 Disable fields. Thanks msert.log
  3. Hi, See Attached. I don't see any issues there. Do we reinstall MB scanner and privacy? Thanks FSS.txt
  4. Hi, Attached is the log for the fix. I keep checking registry and disables are both set to 0. Whats next? Thanks Fixlog.txt
  5. Hi, Attached is the grab zip. Also attached a screenshot of setting immediately before and after the reboot. I was tempted to reinstall MBAM but I will resist until I hear back from you. Thanks mbst-grab-results.zip
  6. Hi, The file is Attached as requested. Please note this is a fresh clean reinstall of Windows 10 on this computer. All data was deleted and wiped beforehand because of msret tool reported VirTool:Win32/DefenderTamperingRestore malware. See attached logs. I may have overreacted at the thought of such malware on my computer despite my careful precautions over the years. Never before had any viruses or Malware on any of my computers. I am in the process of completely rebuilding the PC but wanted to resolve this issue first. Thanks, mbst-grab-results.zipmrt.logmsert.log
  7. As soon as Malwarebytes loads up it turns on and somehow locks DisableAntiMalware and DisableAntiVirus. This caused Microsoft Safety Scanner to report tamperrestore malware which it removes by deleting the aforementioned disable register keys. Upon reboot they are turned back on. Once Malwarebytes is uninstalled this behavior stops. What am I missing?
  8. This is very good news. Is that version currently available? If not what is expected date of release?
  9. I Have been using Malwarebytes software for 5+ years back when there were two separate programs (Anti-Malware and Anti-Exploit). I have also helped several dozen family members, friends, and clients to purchase and setup this software on their PC’s. As part of the setup I have always a scheduled Daily Custom Threat Scan early every morning and a Monthly Custom Full Scan once a month. For obvious reasons these scans were generally scheduled for off hours when people were not using their computers (usually during the night while most people are asleep). This worked fine for several years their computers would wake up, run the scans, and then go back to sleep. When people first signed on in the morning the scan was already completed, and they could check the report to see if anything was found and quarantined and follow up as necessary. All worked well, and everyone was happy. Approximately 2 years ago I believe it was after the update to MB 3.0 this all stopped working. Every morning when I woke up my PC, the scan would start running thereby slowing up my work on the PC. While this was a minor annoyance for the daily scans (which only ran 10-15 minutes) it was a major annoyance for the monthly scan (which usually ran several hours). It was even worse for many of my clients since their monthly scans often ran 5 to 8 hours. The result is that the scan schedule feature became virtually useless. It only works when someone is using the computer, so it stays awake. This behavior is the exact opposite of what is expected and desired. People generally run scheduled maintenance activities in the off hours when there is little chance that they will be using the computer (usually in the middle of the night for most). This kind of defeats the purpose of having a schedule in the first place. No one wants to sit there while a long running scan eats away resources in the background, that is why you schedule these maintenance tasks while you are asleep and not using the PC. I have numerous clients that I have moved to MB since I believe it is one of the best anti-malware programs. However, they are all complaining about the poor performance when they wake their computers in the morning, especially for the monthly full custom scan. Problem is it used to work fine in older releases of MB but feature seems to have been intentionally removed well over a year ago. There really needs to be a way to make these scans run when no one is using the computer. It seems odd to me that a schedule feature that works so well in the past had simply been removed. When I searched Malwarebytes Forums, I noticed that several other people have complained about this. There was even a response from Dcollins in august 2017 making it pretty clear that the feature was removed, and no immediate remedy is planned. He stating: “After another follow up, this is currently expected behavior but we're looking at how we want to address this in the future. Thanks for bringing it up”. There is also several comments and reference to changes in how MB 3.0 works that makes the removal necessary however no real details are provided and I find it extremely difficult to understand what those difficulties are. Every other antivirus/antimalware/backup program I have tested manages to do make it work. Most programs make an entry in the Windows task scheduler that wakes the computer up at the appropriate time and runs the scan. These programs also request a power override, so the system does not go back to sleep if the scan exceeds the sleep/hibernate timers. The problem is twofold: You no longer make any attempt to set the computer to wake up at the scheduled time. If your computer is already awake you scan will startup and run. However as discussed above most people want these tasks to run in the off hours when their computer is usually asleep. You make no attempt to inform windows that you are running a task that should not be interrupted until it is finished. Hence, even if the computer wakes up at the appropriate time for the scan to run nothing is preventing it from going back to sleep when the sleep/hibernate times expire. Since you stopped supporting the wake-up feature, I have added Windows Task Scheduler entries with the same dates & times that match each MB schedule entry. They wake up at the proper time, in order to allow the MB schedule to start. However, since the scans often run long (and you no longer support blocking Windows from reentering sleep mode) the PC goes back to sleep, and the scan stops until I manually wake up the PC in the morning to start working. I have a very convoluted work around (using command files and windows task scheduler). I schedule a task with a trigger to match the MB scan schedule and I set the action to run a command file with a parameter that estimates the time needed for MB scan to complete. The command file turns off windows sleep/hibernate times and then waits the specified amount of time before resetting the sleep/hibernate timers before exiting. The problem is it requires guessing how long the scan is going to run (not very professional). Since run times vary greatly from computer to computer (and even on the same computer as files are added, etc.) this is a real kludge with a few potential pitfalls. There are better and easier ways to make this work, but it requires changes from MB. The most desirable would be to make it work like it used to by: Use windows APIs to schedule a wake timer for 30 seconds before your next scheduled scan. When starting the scheduled scan use windows APIs (PowerSetRequest) to request overrides to windows entering sleep mode while scan is running. After scan is completed delete override request and wake timer. Set a wake timer for the next scheduled scan. Other alternatives that would also work: Provide a command line method of running a scan with all the necessary custom options as command line parameters. This would enable the customer to solve the problem by running you command line version in a Windows Task Scheduler entry which would wake up the PC and it awake until the command (i.e. scan) finishes. If you really want to make things user friendly you can have your schedule create the Windows Task Scheduler entries for the user. Many other products already do this, and it is quite simple to code. Add the ability to run a pre-scan and a post-scan command script to each scheduled scan. This way the user could use a simple command script to turn off windows sleep/hibernation in the pre-scan script and turn them back on in the post-scan script. When starting the scheduled scan use windows APIs to request overrides to windows entering sleep mode while scan is running. Then delete the override request when scan is finished. Then the user can then just create Windows Task Scheduler entries with the same dates & times that match each MB schedule entry. They would wake up the PC at the proper time, in order to allow the MB schedule to start. The action command script would simply wait around a few seconds to give MB schedule time to start and then exit. If any other MB users are also struggling with this issue, please leave your comments on this thread so MB staff knows this is an important issue and well past due waiting for a solution. Also, if anyone is interested, I can provide my work around scripts and schedule Task Scheduler entries. They are not a perfect solution but better than nothing. Just place comment if interested and I will find a way to post them.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.