Jump to content

Eagle Creek

Experts
  • Posts

    33
  • Joined

  • Last visited

Reputation

1 Neutral

Recent Profile Visitors

2,169 profile views
  1. Hi Exile360, Thanks for your reply. I will try this, although I'd have to say the idea of disabling ransomware protection isn't really re-assuring. However, I can imagine that a lot of simultaneous file changes exactly could be a red flag when it comes to ransomware, therefore making MBAM doing overtime. What would be the proper way to determine if this causes the issue? Look in the GUI and see if a scan is running? Although I agree this could sometimes happen, the issue is most prominent with a lot of file changes. Perhaps it does make the problem worse when it both tries to scan all the file changes and a scheduled scan is running at the same time. Of course you may have my logs. Is there, with regards to privacy, any need for me to encrypt/password protect the logs before I attach them?
  2. Hey guys, I've noticed MBAM uses a lot of CPU, every time my system boots up or resumes from sleep. I think this is related due to OneDrive synch. I have 3 OneDrive clients running (1x personal, 2x business) with quite some file changes. It seems that MBAM scans those files rigorously every time changes are detected, resulting in a nearly locked-up system for an extensive period of time. The screenshot I attached to this post shows the CPU usage around 5 min after boot time, OneDrive processing around 100 file changes. The problem is even worse when I have a lot of file changes (500+) or very big files (4GB+). If OneDrive downloads this kind of data, MBAM memory usages goes through the roof as well, consuming almost all available system memory. This forced me a couple of times to completely quit the MBAM service, which obviously is undesired. I have observed this behavior at my laptop (specs below), but also at other systems that are using OneDrive. i7-6600 CPU (2.8 Ghz) 16GB RAM 1TB SSD (Default that came with Surface Book gen1) 64 bit Windows 10 20H2 I do understand in this scenario CPU is consumed by a combination of MBAM, OneDrive and Windows Search - all of which are disk related. However, on systems not running MBAM I don't experience lock-up situations. As a general concern I'd say overall system performance is hit hard by having MBAM installed, and OneDrive maybe could be affected by MBAM as well. What's your look on it?
  3. Hey guys, Could the blocking of https - ricochet . im be wrong? As far as I can judge, this is a anonymous IM tool used to protect privacy. https://en.wikipedia.org/wiki/Ricochet_(software)
  4. Hey guys, I don't see why https://www.masterfire.nl/ would be blocked. It's an online webshop to order timber etc. and they seem to have a good reputation (https://www.kiyoh.com/reviews/1044656/masterfire). I'm not the owner of the website or affiliated but wanted to bring this under your attention. I didn't add the protection log because the explanation at the sticky topic doesn't show up. (it shows an imageproxy.php page). If you could explain to me how to find those, I'll make sure to add them. I found the following information I hope this is helpful.
  5. I'm not sure what you mean. Using task manager, I can't see which user is running a service. When looking at the properties of the service, it's set to Network Service. (screenshot). Branchcache is just a random service I used to try if it was possible, so it might have a specific configuration (which isn't admin related). Technically, I believe UAC was designed to improve the way privilege escalation is executed. Because in the past many systems settings either couldn't be changed at all (and you would need to log off and log on), or wouldn't function properly (when using the "run as" feature), where preventing escalation is a nice side feature. I know for sure I've read something about this. However, this kinda is off topic, and I might even be wrong.
  6. I fully agree that adding more startup items isn't the solution. All these services, quick start items, supportive excecutables, etc. etc. slow down your computer. Even a modern computer (I7/SSD) might suffer from this over time, when more applications are installed. Just a random thought: one is able to start a service without administrative privileges if I'm not mistaking. So why not install an MBAM service, set it to manual startup, and then use "net start" (or something similar) to start it when needed. I don't know if this will solve the problem, but it's just something I was thinking about.
  7. I hear you. I still find it somewhat confusing to an end user, because I think updating should be possible at all times, regardless of your level of privilege. However, as it seems to be working 'as designed', I just hope you might consider my post as being feedback instead of a complaint .
  8. Yes, I'm running a licensed pro version. Setting the scheduler seems to have solved the problem. I know update every 6 hours, and a tray balloon informs me of success.However, if the database storage location is protected, how is the built-in scheduler able to access it? I don't need to fill in administrative credentials when I start my pc, so where does it receive it's correct permissions from?
  9. Hi, Is there a way to stop MBAM asking for administrative credentials when updating? I'm running the protection module, which works fine. However, every 7 days it alerts me the dbase is outdated 7 days and asks me if I want to update. When I click yes, it asks for my credentials (I'm running UAC / Windows 7). I know no other scanner application that needs administrative permissions just to update it's database. It almost is counter intuitive, because when a user doesn't have the right permissions, he will end up with an out of date database. Please share your idea's or thoughts. Thanks.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.