Jump to content

Scan for rootkits in scheduled scans shows disabled + more


Recommended Posts

On all machines running MBAM Premium scheduled scan logs show "Rootkits: Disabled" (attachment 1). Detection Options most definitely have "Scan for Rootkits" enabled (attachment 2). Manual scan logs do indeed show "Rootkits: Enabled" (attachment 3).

1. Do scheduled scans actually check for Rootkits even though the log shows the option disabled?
 

In a similar vein, "PUP (Potentially Unwanted Program) detections" is set to "Treat detections as malware" but logs for scheduled scans show "PUP: Warn". Manual scan logs show "PUP: Enabled".
 

2. Is PUP really set to "Treat detections as malware"?
 

I vaguely remember both of these issues being mentioned when v2 was first released and it was said that these bugs would be fixed.

 

post-49883-0-20638100-1436486827_thumb.j

post-49883-0-02047000-1436486837_thumb.j

post-49883-0-92902800-1436486847_thumb.j

Link to post
Share on other sites

I don't have premium installed but In the OP it looks that the settings panel you're using is not the scheduler, advanced mode panel. There is an option there (according to the manual) to scan for rootkits. I don't know about the PUP/PUM inconsistency.

http://static-cdn.malwarebytes.org/assets/userguides/2015-07-01/MalwarebytesAntiMalwareUserGuide.pdf

Sections 7.9 through 7.9.3. Actual PDF pages 32 through 35.

Interesting.  Apparently when selecting Hyper Scan as the automated scan the option to "Scan for rootkits" and "Scan within archives" are not available.  See screen shot. If choosing Threat Scan or Custom Scan the options are present. See second screenshot.

So am I to assume when doing a scheduled Hyper scan it will not scan for rootkits or within archives?  Seems like it.

 

As for the PUP inconsistency I know that was an issue early on with v2, but I had hoped it would be resolved.

post-49883-0-17054300-1436542315_thumb.j

post-49883-0-26083200-1436542323_thumb.j

Link to post
Share on other sites

Yes you are correct, Scan for rootkits and Scan within archives are not available in a Hyper Scan....

 

I will move to Threat Scan then as they really don't take much longer that Hyper Scans on my systems.

 

How about the PUP inconsistency?  I am sure it has been a known bug for quite a while.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.