Jump to content

Default settings question.


Recommended Posts

Is there a reason why the Scan for Rootkits and a large majority of checkboxes found under Advanced Exploit Protection settings are unchecked by default? Wouldn't I want to be protected against rootkits and exploits while using MBAM? Should I leave the AEP checkboxes on default settings?

Thank you for the dark mode by the way. I just found out about it 5 minutes ago.

screenshot1.png

screenshot2.png

Link to post
Share on other sites

  • Staff

***This is an automated reply***

Hi,

Thanks for posting in the Malwarebytes for Windows Help forum.

 

If you are having technical issues with our Windows product, please do the following: 

Spoiler

If you haven’t already done so, please run the Malwarebytes Support Tool and then attach the logs in your next reply:

NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

  1. Download Malwarebytes Support Tool
  2. Once the file is downloaded, open your Downloads folder/location of the downloaded file
  3. Double-click mb-support-X.X.X.XXXX.exe to run the program
    • You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
  4. Place a checkmark next to Accept License Agreement and click Next
  5. You will be presented with a page stating, "Get Started!"
  6. Click the Advanced tab on the left column

    mbst_get_started.jpg
     
  7. Click the Gather Logs button

    mbst_advanced_gather_logs.jpg
     
  8. A progress bar will appear and the program will proceed with getting logs from your computer

    mbst_getting_logs.jpg
     
  9. Upon completion, a file named mbst-grab-results.zip will be found on your Desktop. Click OK

    mbst_log_saved_desktop.jpg
     
  10. Please attach the file in your next reply. Before submitting your reply, be sure to enable "Notify me of replies" like so:

     notify me.jpeg  

Click "Reveal Hidden Contents" below for details on how to attach a file:
 

Spoiler

To save attachments, please click the link as shown below. You can click and drag the files to this bar or you can click the choose files, then browse to where your files are located, select them and click the Open button.

mb_attach.jpg.220985d559e943927cbe3c078b
 

One of our experts will be able to assist you shortly.

 

If you are having licensing issues, please do the following: 

Spoiler

For any of these issues:

  • Renewals
  • Refunds (including double billing)
  • Cancellations
  • Update Billing Info
  • Multiple Transactions
  • Consumer Purchases
  • Transaction Receipt

Please contact our support team at https://support.malwarebytes.com/hc/en-us/requests/new to get help

If you need help looking up your license details, please head here: Find my premium license key

 

 

Thanks in advance for your patience.

-The Malwarebytes Forum Team

 

Link to post
Share on other sites

14 minutes ago, kola1 said:

Is there a reason why the Scan for Rootkits and a large majority of checkboxes found under Advanced Exploit Protection settings are unchecked by default?

The scan for rootkits is optional because it significantly increases scan times since you are using the paid version with real-time protection you are already protected.

The default exploit settings are a blend of protection and usability of your system. Adding too many check marks can make you programs unusable.

 

Link to post
Share on other sites

1 hour ago, Porthos said:

The scan for rootkits is optional because it significantly increases scan times since you are using the paid version with real-time protection you are already protected.

The default exploit settings are a blend of protection and usability of your system. Adding too many check marks can make you programs unusable.

 

Do you know if there is any reason to adjust the exploit settings or is everyone pretty much expected to leave them on defaults?

Link to post
Share on other sites

1 minute ago, kola1 said:

Do you know if there is any reason to adjust the exploit settings or is everyone pretty much expected to leave them on defaults?

They are the default for a reason. You are welcome to do as you like but it is not recommended. At least you have a way out of your adjustments.

Default exploit.png

Link to post
Share on other sites

1 minute ago, Porthos said:

They are the default for a reason. You are welcome to do as you like but it is not recommended. At least you have a way out of your adjustments.

Default exploit.png

Right on. Sorry last question before I forget. With the rootkit scan unchecked by default, even with a Premium license, will MBAM only detect them at realtime but not on scan?

Link to post
Share on other sites

57 minutes ago, kola1 said:

Right on. Sorry last question before I forget. With the rootkit scan unchecked by default, even with a Premium license, will MBAM only detect them at realtime but not on scan?

As with the other setting you asked about, It is optional. You should not even get a rootkit with real time protection active. If you wish to enable it it is up to you but it will extend scan time.

Link to post
Share on other sites

On 2/29/2020 at 9:56 PM, Porthos said:

As with the other setting you asked about, It is optional. You should not even get a rootkit with real time protection active. If you wish to enable it it is up to you but it will extend scan time.

Scan with rootkit disabled: 15 seconds

Scan with rootkit enabled: 25 seconds

The difference is so marginal that I think for something as serious as a potential rootkit it's worth leaving the option ON, especially if you are doing on-demand scans with the free version.

Still, even with the premium real time protection, wouldn't you want the on-demand and automated scans check for any existing rootkit infections? As definition files improve over time, MBAM would never check if you were infected with a newer version of a rootkit that it might have missed the first time on access. Right?

Link to post
Share on other sites

2 minutes ago, kola1 said:

Scan with rootkit disabled: 15 seconds

Scan with rootkit enabled: 25 seconds

Must have a fast machine with a SSD and these are threat scans.

 

2 minutes ago, kola1 said:

The difference is so marginal that I think for something as serious as a potential rootkit it's worth leaving the option ON, especially if you are doing on-demand scans with the free version.

If only using the free version, might as well.

 

4 minutes ago, kola1 said:

Still, even with the premium real time protection, wouldn't you want the on-demand and automated scans check for any existing rootkit infections?

If you have a decent computer sure. But some systems barely can run the OS much less other things.

Link to post
Share on other sites

40 minutes ago, Porthos said:

Must have a fast machine with a SSD and these are threat scans.

 

If only using the free version, might as well.

 

If you have a decent computer sure. But some systems barely can run the OS much less other things.

Still, seeing how the application's primary purpose is security and how serious rootkit infections are, this one critical setting should be set as an opt-out for both free and premium users. Majority of AV customers are non-technical people that would never bother looking at the application's settings and would leave them on defaults for the life of their product. Wouldn't you agree?

There are other lightweight AV alternatives designed for lower specced systems. Whether or not they are as good as MBAM, that's another topic, but I don't believe that it's justified to gimp a serious feature like rootkit detection for the sake of marginal gains in scan times.

Link to post
Share on other sites

2 minutes ago, kola1 said:

this one critical setting should be set as an opt-out for both free and premium users.

It was at one time. Too many complaints. Many peopole do look at scan settings and enable if they wish.

The user manual in the help (?) explains all the functions.

Link to post
Share on other sites

3 minutes ago, Porthos said:

It was at one time. Too many complaints. Many peopole do look at scan settings and enable if they wish.

The user manual in the help (?) explains all the functions.

Ah. That makes sense. User feedback is always important. Thanks for your help.

Link to post
Share on other sites

If it included a mechanism to determine if the system has an SSD as its primary drive then perhaps it should be enabled by default for such systems, similar to how Windows handles automated maintenance and defrag operations differently dependent on whether or not the drive is an SSD.  If the installer for Malwarebytes could do the same then it should be able to enable the option by default for appropriate systems, perhaps presenting the option to enable it for HDD users, explaining the performance hit to scan times and let them choose whether or not to enable it.  Just an idea, I'm no developer so I don't even know if it would be possible or how complex it would be.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.