Jump to content

[resolved] Rootkit switch will not stay on.


Recommended Posts

Original topic posted 29 August. Satisfactorily solved.  Since then I have upgraded Win 7 to 64-bit Pro and completed all current updates.  Computer very stable. No CPU% overload as before.  Installed 3.2.2 version of MWB.  First scan went well. 

Installed McAfee too and excluded all MWB files from scan as directed; also switched off RealTime McAfee scanning (as I do a regular full scan).

Checked settings today: MWB Rootkit switch off.  Can reset it; but leaving and returning to settings screen shows it off again.

MB check.zip attached.  Scan done with MWB open and rootkit switch on.  Closing MWB moves switch to off.

mb-check-results.zip

Edited by muesik
Extra info
Link to post
Share on other sites

3 hours ago, muesik said:

Checked settings today: MWB Rootkit switch off.

Can you try installing the latest 3.2.2.2018 over your existing product and let me know if that worked.

Just download the latest installer from : https://downloads.malwarebytes.org/file/mb3

Run the installer on top of your existing product. No need to uninstall.

Link to post
Share on other sites

Done that; thanks for link. 

No change; switch rootkit on;  in Protection tab, as usual; do anything else (e.g. open Application tab instead of Protection tab) and it is no longer on when returning to Protection tab.

Edited by muesik
clarity!
Link to post
Share on other sites

4 minutes ago, muesik said:

No change

The last thing to try is a clean install with the MB clean tool.

Let us get a clean install of the current version.

We have another tool called MB-Clean which will automate the whole process for you.

 Tool can be found at https://downloads.malwarebytes.com/file/mb_clean

1. After downloading the tool run the tool.

2. The tool will automatically clean up the older possibly damaged installation and will ask you for a restart.

3. Restart your system and then the MB-Clean tool will prompt you to re-install the latest product .

4. Click on "Yes" to reinstall MB 3.×.

5. Now you will have the latest product installed.

Please let me know if you are still seeing issues after the latest product install.

 

Link to post
Share on other sites

I am trying in a manual scan; but because the switch for rootkit scanning switches itself off as soon as I leave the Settings>Protection screen, it never scans rootkits.  I don't know whether scheduled scanning will do it; but as the rootkit switch doesn't stay in the "on" position, I doubt it.   I have tried switching on the rootkit option and then going straight to the scan screen, but it doesn't appear in the progress train and checking back on the Protection tab it's off again.

Is there any way I can find out whether rootkits have been scanned, despite the fact that it doesn't appear on-screen?

I will set up a scheduled scan for half-an-hour's time and let you know whether scheduled scanning is any different.

Link to post
Share on other sites

I switched on the rootkit scan and left the screen open.  Scheduled scan started.  Rootkit was not in the progress train; but I went to the Protection tab and rootkit was still in the "on" position.  Scan continued with all other Protections, but not rootkit. 

As usual, though, moving off the Protection tab in any way causes the switch to go off again.

Link to post
Share on other sites

Hello @muesik

Can you please try this

1. Go to Settings/Applications and turn on "Collect enhanced event log data for support"

2. Now try to turn on Rootkit scan under Settings/Protection.

3. Tab and make sure if goes off again.

4. Run the mb-check tool and send the result.

This will get us the debug logs which will help us isolate the issue further.

Link to post
Share on other sites

Hello, @nikhils

I did what you suggest.  in Safe Mode, on the UI screen>Protection, I could not switch on any of the real-time protection.  Rootkit and everything else below was on.  (see attached doc "Screen In Safe Mode" with pic).  This is UI Protection screen.  Top switch Web Protection was also impossible to switch on (not in screenshot).

I ran threat scan anyway: see attached pic of Progress Train, which is puzzling as Rootkits switch was on but it doesn't show in progress train.

Scan says all fine, 334000 files.

Back in to full Windows mode: no change in behaviour of MWB. All protection switches come on except rootkits. 

When I rebooted, computer was very slow and stuck on 100% CPU with MBAMService.exe taking up to 65% of CPU.  Rebooted again; back to normal CPU levels.

Thanks for your interest and suggestion.  Sorry it didn't work.  I used Safe Mode with Networking in case MWB needded the connection to scanscreen in Safe Mode.docx.  I could do it again in Safe Mode Without Networking if you think it might make a difference.

MWB scan screen safe mode.docx

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.