Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer

jmtcesnz.co.nz

Members
  • Posts

    5
  • Joined

  • Days Won

    1

Everything posted by jmtcesnz.co.nz

  1. Hi Kirkules& Cicely , I have been using and recommending the free versions of IObit software to family friends and clients for years as most of the products outshine the competition. I was willing to put up with the ads because it was free and I reasoned that free software should be able to advertise to remain free. I have been fighting for and defending IOBit on the MalwareBytes forum for the last few years because MalwareBytes quarantines each new update of Advanced SystemCare and forces me to have to whitelist it every time with the only other option of having to turn off Malwarebytes PUP detection. Most of my family/friends & clients don't know how to whitelist so I have moved them from MalwareBytes (also a very good program but appears to have a vendetta against IOBit having lost a court case against them) and put them and myself on the paid version of Advanced SystemCare Ultimate (ASCU) and IOBit Malware Fighter (IMF). My thoughts being that between the two ASCU with BitDefender and IMF designed for Malware protection, I'd have close to the same protection that Malware Bytes provided. I did not think that we'd be bombarded by ads, most of which trick my family, friends and clients into installing. I have been looking for ways to stop the ads and wound up in this forum. A year or two ago, I thought only MalwareBytes considered ASC/ASCU as malware but now I have seen other AV software quarantine it and Virus total shows this. IOBit should listen to their users and allow an opt out in the paid versions or at lease on each new ad, allow a working "Don't show me this product any more" check box.
  2. This is what I just posted on the MalwareBytes forum at: https://forums.malwarebytes.com/topic/228094-iobit-battle-and-drama/ There is no way that MalwareBytes is not using the thinnest of reasons, spurred on by vengeance, to keep disrupting IOBit Advanced SystemCare (ASC) and Advanced SystemCare Ultimate (ASCU) installs on our PCs. They are singling out these products because of the Court battle they lost some time ago. They themselves are acting as malware when they are continually looking for ways around the exclusions you set in their program to continue to isolate, block or quarantine parts of ASC/ASCU. Every Time I install ASC/ASCU and MalwareBytes (MBAM) on a Clients PC, I have to Install MBAM first, disable Real-time protection, Install ASC/ASCU then set up all the "*\IOBit" folder exclusions for where ASC/ASCU files are installed, run an MBAM scan so that I can add all the ASC/ASCU registry keys, Task Scheduler tasks and shortcuts in folders I don't want to exclude (desktop, startmenu, etc). Then I'm usually sweet until ASC/ASCU next upgrades to a newer version. After an upgrade, MBAM used to only quarantine new shortcuts in the folders not excluded (desktop, startmenu, etc) and the occasional new Registry key. ASC/ASCU could continue to work without these shortcuts and I could easily instruct my clients to restore the shortcut from MBAM's quarantine. It is still a hassle and with dozens and dozens of PCs to have to do this with usually during a monthly maintenance check or a call from the client about a popup message. Now MBAM is quarantining the Definition downloader file that runs from the %TEMP% to prevent ASC/ASCU from updating definitions. I restored one of the 17 quarantined downloader files ""C:\Users\stationary\AppData\Local\Temp\is-ASA1P.tmp\DownConfig.exe"" and submitted it to Virus Total and only 4 of the 67 virus engines reported it (MalwareBytes, DrWeb, Cylance & EGambit). Not sure if they are in cahoots with MBAM, subscribe to some common definitions or have some legitimate concerns. The others may provide a way to exclude ASC/ASCU E.g. From: https://forum.drweb.com/index.php?showtopic=323196&hl=iobit Posted 25 November 2015 - 22:17 Dr. Web (CureIt) considers IObit as a potentially unwanted program, not a virus, because IObit misuse can cause serious problems. You may add IObit in the exceptions list of SpiderGuard/Scanner, if it bothers you. I like both programs for their abilities but MBAM should respect my judgment on what programs , including PUPs, I want to keep on my PC if I exclude them We should try to bring this MalwareBytes/IOBit saga to an end. I propose that we draft a letter to both parties pointing out what we see as their bad behaviour (e.g. MalwareBytes' specific targeting of ASC, IOBit's ad Popups for the free software bundled with the paid versions - like IOBit Uninstaller) and if they don't hash this out within a set period of time, we will draft a facebook, twitter, etc post and encourage all users to put the posts out on their social media. The Posts should warn all potential new users, of either product that refuses to make adjustments, to stay away from it and to pass it on to all their followers. It won't take long for it to hit their bottom line!!
  3. System Reinforce for Windows 10 is not the problem. I have some machines on Windows XP, Windows 7 and Windows 10 and some but not all have this problem (some 64bit, some 32Bit). Also on some of the machines, it breaks file and printer sharing but not on others. I sent an email to 'IObit support'<avfeedback@iobit.com> describing the problem yesterday before I found this forum thread. Marcel39 made me try one more thing which allowed me to see exactly what was happening (at least for RDP). At first I thought that the Scheduled Quick Scan from the ASCU antivirus module was disabling Remote Desktop (RDP) but it is the actual opening of the ASCU UI that causes the problem. Yesterday, I enabled the RDP, opened ASCU, used RegShop to do a snapshot of the registry, ran the quick scan, then did another Regshot snapshot and compared the two. Though RDP was now disabled again, I could not find anything in the 12 or so registry keys that were modified that had anything to do with RDP. After reading Marcel's thread, I repeated the same process but this time, I did the first RegShot Snapshot directly after enabling RDP and did the second Snapshot directly after opening the ASCU UI and there the comparison showed the Terminal Service (RDP) keys that were modified as shown below: Regshot 1.9.0 x86 Unicode Comments: Datetime: 2016/3/10 01:16:08 , 2016/3/10 01:16:54 Computer: CES-3570 , CES-3570 Username: jmt , jmt ---------------------------------- Values modified: 7 ---------------------------------- HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed: 5B DA A2 E0 FF 93 FD 6B 14 65 2F FD BB 5D DA 03 24 A2 B6 AC C1 E8 65 9D AC 6F EC D7 F0 17 FC 2C B3 C5 8D 95 82 B2 84 C4 6B 72 0E E7 78 64 0C CF F0 23 77 8E 61 3E C9 7C F0 80 8F 9D 35 A9 4D 93 F5 F5 2D 6E 5F F5 F7 CC F5 85 4A 73 41 AC AF 7C HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed: 51 63 5C 7E 41 DB B5 2D 1E 32 86 97 EB 70 E9 FB E6 B5 29 C1 4F 9A 1B D6 F9 72 89 9F 6F 81 23 C2 A4 9A 6E 74 20 52 86 84 D7 A0 41 B2 C8 B6 FE 49 C6 94 59 00 5E 32 B9 C3 92 0E AC 28 8C E8 B3 D9 01 9A 9C 3D 70 24 95 8F 51 DD BF FF 90 E6 57 AB HKLM\SYSTEM\ControlSet001\Control\Terminal Server\fDenyTSConnections: 0x00000000 HKLM\SYSTEM\ControlSet001\Control\Terminal Server\fDenyTSConnections: 0x00000001 HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\fDenyTSConnections: 0x00000000 HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\fDenyTSConnections: 0x00000001 HKU\S-1-5-21-1708537768-1757981266-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\StartMenu_Balloon_Time: F5 6E 55 27 6A 7A D1 01 HKU\S-1-5-21-1708537768-1757981266-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\StartPage\StartMenu_Balloon_Time: 53 BA AB 7C 6A 7A D1 01 HKU\S-1-5-21-1708537768-1757981266-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHAPCY: D6 03 00 00 09 00 00 00 C0 24 52 48 6A 7A D1 01 HKU\S-1-5-21-1708537768-1757981266-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHAPCY: D6 03 00 00 0A 00 00 00 80 08 40 7F 6A 7A D1 01 HKU\S-1-5-21-1708537768-1757981266-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHAPCY:FLFQZ.PCY: D6 03 00 00 0D 00 00 00 C0 24 52 48 6A 7A D1 01 HKU\S-1-5-21-1708537768-1757981266-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHAPCY:FLFQZ.PCY: D6 03 00 00 0E 00 00 00 80 08 40 7F 6A 7A D1 01 HKU\S-1-5-21-1708537768-1757981266-1801674531-1003\SessionInformation\ProgramCount: 0x0000000F HKU\S-1-5-21-1708537768-1757981266-1801674531-1003\SessionInformation\ProgramCount: 0x00000011 ---------------------------------- Total changes: 7 ---------------------------------- Others might try this experiment on their PCs. I have ASCU on 30 PCs on a clients site and most but not all of them exhibit this problem. You can download RegShot from https://sourceforge.net/projects/regshot/
  4. System Reinforce for Windows 10 is not the problem because it does the same thing in Windows XP and Windows 7 also but not every Windows 7 or Windows XP PC.
  5. I cannot find a download link for the ASCU v9 beta, can someone please post a link?
×
×
  • Create New...