pal1000
Honorary Members-
Posts
139 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by pal1000
-
Logs cfglobalcdn-1.txt cfglobalcdn-2.txt
-
cfglobalcdn.com is the CDN of netu.tv video hosting website. As an extra problem netu.tv always uses subdomains of cfglobalcdn.com so allowing cfglobalcdn.com doesn't seam to help. I find it odd the inability to include subdomains when allowing websites on such a long term developed security software like Malwarebytes.
-
Detection: Malware.AI.1032332009 This is not the first time I saw this FP. It disappeared last year before I could report it, but now it's back. I could always reproduce if enabling expert systems algorithms. sanitychecks.zip mbst-grab-results.zip
- 1 reply
-
- meson build
- gcc
-
(and 3 more)
Tagged with:
-
8-11 UTC, 13-16 UTC, 19-21 UTC daily.
- 8 replies
-
- security center
- integration
-
(and 2 more)
Tagged with:
-
Okay I am wiling to run some checks and I am aware this is a common problem for many regardless of anti-malware product used. Also system reboot doesn't help and if I reactivate Windows Defender, its integration with security center works properly.
- 8 replies
-
- security center
- integration
-
(and 2 more)
Tagged with:
-
No. It stays on premium and protection modules seam to stay active per UI.
- 8 replies
-
- security center
- integration
-
(and 2 more)
Tagged with:
-
4.5.9.198 CP 1.0.1672 may also be affected but I didn't get to test it and now it's too late as CP 1.0.1672 was only available in beta and never made it to stable. Issue only starts manifesting when re-installing so upgrading from an unaffected product version and CP hides the problem. 4.5.9.198 CP 1.0.1683 beta is still affected. Snippet from Addition.txt ==================== Event log errors: ======================== Application errors: ================== Error: (05/13/2022 10:39:53 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Error while updating status to SECURITY_PRODUCT_STATE_ON. Error: (05/13/2022 10:39:48 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Error while updating status to SECURITY_PRODUCT_STATE_ON. Error: (05/13/2022 10:39:43 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Error while updating status to SECURITY_PRODUCT_STATE_ON. Error: (05/13/2022 10:39:38 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Error while updating status to SECURITY_PRODUCT_STATE_ON. Error: (05/13/2022 10:39:33 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Error while updating status to SECURITY_PRODUCT_STATE_ON. Error: (05/13/2022 10:39:28 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Error while updating status to SECURITY_PRODUCT_STATE_ON. Error: (05/13/2022 10:39:23 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Error while updating status to SECURITY_PRODUCT_STATE_ON. Error: (05/13/2022 10:39:18 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Error while updating status to SECURITY_PRODUCT_STATE_ON. I have good explanations for the other errors reported by FRST and I can provide them if necessary. mbst-grab-results.zip
- 8 replies
-
- security center
- integration
-
(and 2 more)
Tagged with:
-
Solved in 4.5.4.168 CU 1.0.1957 somehow. Activating by login failed 2 times with `Unable to access license server` error, but activating with product key was successful. This could very well be just a temporary server side glitch.
- 5 replies
-
- 4.5.3
- regression
-
(and 2 more)
Tagged with:
-
That's normal because you can only enable beta updates when premium is activated. Those pictures don't help much. nothing stood out to me there. Also judging by the fact you couldn't reproduce following the alternative steps which comply with Malwarebytes supported usage, it means the hang may only happen when activating from Malwarebytes `Getting started` screen. If so the upgrade process itself hides the issue so the alternative and supported steps fail to reproduce the issue. However this issue may surface to supported usage when/if Malwarebytes v4.5.3.162 CU 1.0.1579 gets promoted to stable.
- 5 replies
-
- 4.5.3
- regression
-
(and 2 more)
Tagged with:
-
Thanks @1PW for highlighting the supported way of installing beta updates. With that being said, these alternative steps might also reproduce the problem but I haven't tested them: - enroll in beta; - upgrade to v4.5.3.162 CU 1.0.1579 then restart the system if prompted; - disable premium then restart; - try activating premium again.
- 5 replies
-
- 4.5.3
- regression
-
(and 2 more)
Tagged with:
-
Prerequisite - Malwarebytes online installer v4.5.3.263 or newer. Note that this is only available by enrolling in beta at the moment I am writing this. It gets downloaded in "C:\ProgramData\Malwarebytes\MBAMService" under a folder which name begins with "In". Copy it somewhere readily available. Steps - Uninstall Malwarebytes normally or via Support Tool; - Run Malwarebytes online installer with undocumented command line option to install beta program directly*; - Try activating license either via providing the key or by logging in, both activation means reproduce the problem. Note (*) I am aware this is unsupported and probably only Malwarebytes developers are supposed to know how to do this step, but this will become a real issue if/when Malwarebytes v4.5.3.162 CU 1.0.1579 hits general availability.
- 5 replies
-
- 4.5.3
- regression
-
(and 2 more)
Tagged with:
-
I decided to try this experimental MBAE build linked here out of curiosity, but it didn't took me long to discover why it wasn't announced here, it crashes Command prompt no matter what shields or protection settings I disable. Reverting to MBAE 1.13.4.345 built into Malwarebytes premium makes issue go away.
-
Issue came back. Apparently issue occurs after the following steps: - remove all scheduled scans; - create a quick scan schedule and don't change anything, just go ahead and confirm the scheduled scan. Outcomes - because scheduled scan date and time matches system date and time down to minutes, scan won't run and its scheduled time gets delayed by 5 mins over and over for about half a day; - During this half day check for updates button doesn't work and background intelligence updates don't trigger either. Issue goes away temporary - on restart; - after a few hours. Issue returns on its own - on logout / switch user; - on next boot if fast startup is enabled; - after a few hours. Restoring proper functionality This is tricky. Sometimes support tool succeeds in curing the problem, sometimes it fails. Same for normal uninstaller. Running both with reboots for each maximizes chances of success. mbst-grab-results.zip
- 10 replies
-
- threat intelligence updates
- check for updates
- (and 3 more)
-
This can't be reproduced no matter what after clean installing from Oct 16. I think Support tool eliminated whatever persistent glitch occurred during components 1.0.1053-1.0.1070 beta cycle.
- 10 replies
-
- threat intelligence updates
- check for updates
- (and 3 more)
-
Clean installed with support tool and the issue seams fixed. One thing I need to test is if the problem returns if I do a standard uninstall, reboot and reinstall. If it does come back then the culprit is the uninstaller.
- 10 replies
-
- threat intelligence updates
- check for updates
- (and 3 more)
-
I was already on MB 4.2.1.89 Component 1.0,1070 stable as I did a clean install before opening this thread. Issue manifested shortly after install. mbst-grab-results.zip
- 10 replies
-
- threat intelligence updates
- check for updates
- (and 3 more)
-
This issue seams to be triggered by threat intelligence updates. Also when issue is in effect threat intelligence updates, component updates and scheduled scans don't trigger. Issue fixes on its own after a day and half at most and can reoccur after another threat intelligence update. Issue can be triggered silently in the background, so if you don't check Settings About page the only clue hinting at something being wrong are the times when scheduled scans run. They'll run shortly after issue fixes on its own. This problem started around component 1.0.1045 or 1.0.1053. Clean installing doesn't help at all and issue can manifest immediately after a fresh install.
- 10 replies
-
- threat intelligence updates
- check for updates
- (and 3 more)
-
These same five services being disabled is the root cause for these issues as well:
- 19 replies
-
- support tool
- incomplete logs
- (and 2 more)
-
The only one running is SSDPSRV (SSDP Discovery).
- 19 replies
-
- support tool
- incomplete logs
- (and 2 more)
-
If those aren't the cause then maybe one or more of these is: - dmwappushservice - SSDPSRV - fdPHost I still disable SMB via Windows Firewall, blocking ports 137-139, 445 outbound TCP and UDP..
- 19 replies
-
- support tool
- incomplete logs
- (and 2 more)
-
And finally this was also caused by those services being disabled. MB 4.2.0.82 Component 1.0.1025 hitting general availability gave me the opportunity to test this. This thread can be closed as all issues reported has been dealt with at my end with the exception of incomplete cleanup issue, which was known to Malwarebytes before this topic started. I wonder if Support tool should have a fix for LanmanWorkstation service. I am inclined to believe Malwarebytes relies on some SMB loopback communication. IP Helper may also be involved, but I don't see how.
- 19 replies
-
- support tool
- incomplete logs
- (and 2 more)
-
@exile360, as I found the root cause of this issue and neutralized it at my end, I think this topic can be closed.
- 7 replies
-
- p2p
- slow resolving host
-
(and 1 more)
Tagged with:
-
This was also caused by certain services being disabled.
- 19 replies
-
- support tool
- incomplete logs
- (and 2 more)
-
Tests I made clearly indicate that one of the tweaks I made to my system was responsible for this one. See https://github.com/pal1000/pal1000.github.io/commit/9ba400c0521a949ece3da93cfea9f0bb26832363 I then found batcmd.com website which has a very comprehensive catalog with information about Windows services all the way from XP to Windows 10 Version 2004, including default startup type, the exact kind of information to recover from this kind of problem.