Jump to content

Initial thoughts on MB 3.3.1


Recommended Posts

Just installed MB 3.3.1 over 3.3.0 Beta by clicking on Install Application Updates on the Application Tab. Got the message Unable To Contact Licence Server after installation, but everything seems to have installed correctly. In the first few minutes of playing around with the new release, I could invoke the message again by clicking on the My Account tab but the message seems to have been suppressed now.

Ran a manual Hyper Scan which seemed to finish very quickly - I looked at the report (see attached) and was interested to see that it reported:-

-Scan Options-
Memory: Enabled
Startup: Disabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Disabled
PUP: Detect
PUM: Detect

That seems a little odd, as Hyper Scan is supposed to check Memory and Startup Objects.

I have not yet rebooted after the installation - will be shutting down shortly and probably won't have the opportunity to get back on this computer for a couple of days, but will add further details as I can.

I ran FRST64 and MB-Check and attach the results below......

Windows 7 Home Premium SP1 64x
MB Premium 3.3.1
MSE
CryptoPrevent Premium 8.0.4.3

HyperscanLog.txt

mb-check-results.zip

Link to post
Share on other sites

Just carried out a reboot and the problems persist. Still getting "Unable To Connect To Licence Server" popups and a very truncated Hyper Scan without scan of Startup.

I will run MB Clean when I'm next back on this laptop and see how MB 3.3.1 runs then.

I'm not absolutely certain that my problems are due to the latest release as I had been experiencing one or two anomalies over the last few days when running 3.2.2, which is why I tried 3.3.0 Beta

Windows 7 Home Premium SP1 64x
MB Premium 3.3.1
MSE
CryptoPrevent Premium 8.0.4.3

Link to post
Share on other sites

Just to add my 2 cents... I see the same results as both of you...

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 11/2/17
Scan Time: 4:26 PM
Log File: 7c10919c-c014-11e7-8018-484d7edd8d7e.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.236
Update Package Version: 1.0.3161
License: Premium

-System Information-
OS: Windows 10 (Build 15063.674)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Hyper Scan
Result: Completed
Objects Scanned: 3760
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 0 min, 9 sec

-Scan Options-
Memory: Enabled
Startup: Disabled
Filesystem: Disabled
Archives: Disabled
Rootkits: Disabled
Heuristics: Disabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

Glad it's not just me! I was planning on an early night (here in France) but just had to do a clean uninstall and reinstall first.  The Licence Server popups issues seem to have disappeared but the Hyper Scan is still skipping stuff.

Windows 7 Home Premium SP1 64x
MB Premium 3.3.1
MSE
CryptoPrevent Premium 8.0.4.3

Link to post
Share on other sites

Hi TempLost:

This might be an old bug.  I'm still on MB v3.2.2.2018 and ran a Hyperscan after reading your original post and my scan log (MB v3_2_2 Hyperscan Log 02 Nov 2017.txt) also says:

-Scan Options-
Memory: Enabled
Startup: Disabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Disabled
PUP: Warn
PUM: Warn

...even though the interface shows Startup Objects being scanned.

59fba9ea53a23_MBv3.2.2HyperscanStartupObjects02Nov2017.png.a7ca2c71ea31e0bd4294e9e6f05ae365.png

----------
32-bit Vista Home Premium SP2 * Firefox ESR v52.4.0 * NS Premium v22.11.0.41 * MB Premium v3.2.2.2018-1.0.212

Link to post
Share on other sites

  • Staff

Hi all--

There are a couple issues here, both of which have been around since we released the initial Malwarebytes 3.0 back in December of last year.  

First, I want to clarify what Hyper Scan is currently scanning and looking at.  It ONLY scans Memory and Startup.  And it is actually scanning these areas, despite what the logs show.

We've had two items in our queue to fix, that basically fell off our radar due to being lower priority, more cosmetic issues. But this conversation is helping them get some additional attention.  :)

1) The logging for the Hyper Scan scan options is incorrect.  Startup should show as Enabled.  It’s just the logging that is incorrect as the scanning is taking place. (e.g. if there are malicious startup items, Hyper Scan will detect these).

2) The progress bar displayed during Hyper Scans should not display Scan File System or Heuristics Analysis phases. Only the following nodes should show:  Check for Updates, Pre-Scan Operations, Scan Memory, Scan Startup Files

We'll get both of these items fixed in a future update.

 

Edited by bdubrow
clarified text
Link to post
Share on other sites

 

@bdubrow

 

4 hours ago, bdubrow said:

First, I want to clarify what Hyper Scan is currently scanning and looking at.  It ONLY scans Memory and Startup.  And it is actually scanning these areas, despite what the logs show.

 

Thanks for the explanation.  Glad to know the scan is working as expected.  Just a couple of clarifications.

1. Is a 7 second elapsed time "normal"?

2. Should Archives: also show as Disabled?

Scan Options-
Memory: Enabled
Startup: Disabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Disabled

Thanks,
Bill

Link to post
Share on other sites

Yes, everything seems fine for me since I ran the MB-clean and it reinstalled MB 3.3.1. Just a question - does running the clean process remove all log files as well as the program files?

Windows 7 Home Premium SP1 64x
MB Premium 3.3.1
MSE
CryptoPrevent Premium 8.0.4.3

Link to post
Share on other sites

@bdubrow

@BillH99999

Additional information : this seems to be related to the main setting under "Protection Settings" > Scan Options > Scan within archives; if this setting is activated, the log will show enabled. If this setting is deactivated, the log will show disabled (see attached logs).

But in the case of a Hyper Scan, it should definitely show as disabled in the log as it doesn't apply ...

Main setting scan within archives activated.txt

Main setting scan within archives deactivated.txt

Edited by throkr
typo
Link to post
Share on other sites

  • Root Admin

Looks good on my system scan

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 11/4/17
Scan Time: 12:46 AM
Log File: 33b2560c-e124-13e7-baea-2c56dc3f1adf.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.236
Update Package Version: 1.0.3171
License: Premium

-System Information-
OS: Windows 10 (Build 16299.19)
CPU: x64
File System: NTFS
User: AS\BuckinghamPalace

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 430124
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 2 min, 39 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)

Edited by AdvancedSetup
Link to post
Share on other sites

Hi AdvancedSetup,

Time elapsed showing up in your log is very low.

I had a scheduled Threat scan running in the background (while I was working on the computer) which took 9min, 30sec. As a comparison, I just ran a manual Threat scan (high priority, GUI closed and no other activity on the computer) which took 4min, 9 sec. (see attached logs)

Is such a big time difference between these 2 scans normal ?

Scheduled Threat scan.txt

Manual Threat scan.txt

Link to post
Share on other sites

  • Root Admin

Hello @throkr

I run an M.2 SSD which is much faster than a normal SSD drive and why I'm able to scan pretty fast.

2,500MB/s Seq. Read
1,500MB/s Seq. Write

As for why there is an obvious speed difference between a manual Threat Scan and a Scheduled one I''m not sure. Perhaps @bdubrow or @exile360 can give some feedback on that issue. I'm going to be on vacation so wouldn't have time to follow up with you on the issue right now.

Thank you

Ron

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.