Jump to content

Recommended Posts

I'm a newbie (to Malwarebytes Anti-malware), running (trial expired) 2.0.2.1012.  I want to understand the basic operations, settings, etc of the software so that I can perform my own investigation before asking for full-blown assistance as described in "Available Assistance for Possibly Infected Computers".  My computer seems to be working OK, except for repeated e-mail hijacking.

 

Altho' Malwarebytes' Detection & Protection Settings has "Scan for Rootkits" checked, the Scanning History log shows "Rootkits:Disabled".  Why is that? 

 

Recommended Settings show "Scan for rootkits" unchecked.  My e-mail has been hi-jacked several times this year...malicious e-mail sent to people in my address book.  Isn't that caused by rootkits?  Even if not, why wouldn't I want to scan for rootkits?

 

See log below (from a cancelled scan).  Note that Malware Protection, Malicious Website Protection & Self-protection are all disabled (which I didn't notice before). I'm confused about why these protections would be disabled.

 

I've been taking comfort after several runnings of Malwarebytes, based on "no malicious items detected", that maybe the problem wasn't with my computer, but possibly with one of my contacts' computer.

What am I missing?

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/8/2014
Scan Time: 8:04:46 AM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.09.08.02
Rootkit Database: v2014.08.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: xxxx xxxxxxxxx

Scan Type: Threat Scan
Result: Cancelled
Objects Scanned: 46452
Time Elapsed: 0 min, 45 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

 

Link to post
Share on other sites

Hello and :welcome: :
 
What you report about certain settings may be the known logging/cosmetic bug in scan logs that some users are seeing re: their scan settings.

For example, "scan for rootkits" is enabled in the GUI, but it shows up as disabled in the scan log.
It is due to be fixed in a future release.

We would need to review some diagnostic logs (all 3 of them) in order to know for sure.
 
If you were running the Trial version, but it has expired, as you reported and as your scan log shows, then the program will have reverted to the Free version.
Only the Premium and Trial versions offer real-time protection.
The Free version is only an on-demand, manual scanner.
So, if you are back to the Free version, then those features/settings will be disabled until you reactivate them with a paid license ID & key.
If you open the main program dashboard from the desktop shortcut, does the ribbon at the very top say Free, Trial or Premium?
>>If you would like to upgrade to Premium, you won't have to uninstall or reinstall.  You'll just activate the program with the purchased license ID & key.

 

Please let us know if you need more help.

 

Thanks,

ALSO, for additional information:
There is an FAQ Section here: Common Questions, Issues, and their Solutions
And here are links to the MBAM 2.0 User Guide: Online and PDF
And there are many useful KB topics and videos at the helpdesk support page

Link to post
Share on other sites

My e-mail has been hi-jacked several times this year...malicious e-mail sent to people in my address book.  Isn't that caused by rootkits?  Even if not, why wouldn't I want to scan for rootkits?

 

Do you use web mail or an email client like outlook ect. ?

 

If web-mail it is usually caused by having poor passwords and not changing them often.  Also caused by phishing where you are logging in to yahoo or whatever and it is not but looks legit.

 

Any malware can be programmed to steal user names and passwords of all kinds not just rootkits.

Link to post
Share on other sites

Thanks, @Porthos. :)
I had forgotten to answer that question.

More info about computer security practices:
The complexity of finding, preventing, and cleanup from malware
So how did I get infected in the first place?
How did I get infected?
Answers to common security questions - Best Practices
List of well known antivirus products
Six tips to help you stay safer online
 
 
 As far as anti-rookit (ARK) scanning, it is disabled by default in version 2.
Enabling it can (and probably will) lengthen scan times a bit -- that is normal.
Enabling it can cause issues on CERTAIN systems, e.g. if the drive is encrypted, as explained here in the FAQ.
So, it is disabled by default; however, the user has the option to enable it.
If you find that it causes problems on your system, you can always disable it.
As far as what rootkits are and what they can do, you might the information here to be helpful: MALWARE - ROOTKITS - TROJANS - WORMS - VIRUS

 

Cheers,

Link to post
Share on other sites

Thanks for the quick reply & clarifications.

 

Yes, my free trial has expired.  I ran (to completion) another on-demand scan.  The log showed Rootkits enabled.  I "think" the earlier scan this morning was auto-started (at bootup?).  If so, it seems that rootkits are scanned only when I manually start a scan.  I know that the free version doesn't provide full-time, real-time prevention.

Link to post
Share on other sites

Thanks for the quick reply & clarifications.

^^You are most welcome.^^

 

Yes, my free trial has expired.  I ran (to completion) another on-demand scan.  The log showed Rootkits enabled.  I "think" the earlier scan this morning was auto-started (at bootup?).  If so, it seems that rootkits are scanned only when I manually start a scan.

^^Can't say for sure.  We'd need to see some diagnostic logs to verify your settings.^^

And the options differ a bit in the Free version, because there is no automated scheduler in the Free version.

 

I know that the free version doesn't provide full-time, real-time prevention.

 

^^Okey doke.^^

I was just clarifying -- not only for you, but for anyone else who might read this thread. :)

MBAM Free can only remove infections that have already made it past your anti-virus (AV) onto your computer.

MBAM Premium works alongside your real-time AV to help prevent the types of zero-hour and zero-day threats that the AVs miss.

As just another home user myself, unaffiliated with the company, I wouldn't be without it on any of my computers. :)

 

Cheers,

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.