Jump to content

pal1000

Honorary Members
 View Profile  See their activity

  • Posts

    139

  • Joined

  • Last visited

 Content Type 

Everything posted by pal1000

  1. pal1000
    Logs cfglobalcdn-1.txt cfglobalcdn-2.txt
  2. pal1000
    cfglobalcdn.com is the CDN of netu.tv video hosting website. As an extra problem netu.tv always uses subdomains of cfglobalcdn.com so allowing cfglobalcdn.com doesn't seam to help. I find it odd the inability to include subdomains when allowing websites on such a long term developed security software like Malwarebytes.
  3. pal1000
    Detection: Malware.AI.1032332009 This is not the first time I saw this FP. It disappeared last year before I could report it, but now it's back. I could always reproduce if enabling expert systems algorithms. sanitychecks.zip mbst-grab-results.zip
  4. pal1000
    8-11 UTC, 13-16 UTC, 19-21 UTC daily.
  5. pal1000
    Okay I am wiling to run some checks and I am aware this is a common problem for many regardless of anti-malware product used. Also system reboot doesn't help and if I reactivate Windows Defender, its integration with security center works properly.
  6. pal1000
    No. It stays on premium and protection modules seam to stay active per UI.
  7. pal1000
    4.5.9.198 CP 1.0.1672 may also be affected but I didn't get to test it and now it's too late as CP 1.0.1672 was only available in beta and never made it to stable. Issue only starts manifesting when re-installing so upgrading from an unaffected product version and CP hides the problem. 4.5.9.198 CP 1.0.1683 beta is still affected. Snippet from Addition.txt ==================== Event log errors: ======================== Application errors: ================== Error: (05/13/2022 10:39:53 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Error while updating status to SECURITY_PRODUCT_STATE_ON. Error: (05/13/2022 10:39:48 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Error while updating status to SECURITY_PRODUCT_STATE_ON. Error: (05/13/2022 10:39:43 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Error while updating status to SECURITY_PRODUCT_STATE_ON. Error: (05/13/2022 10:39:38 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Error while updating status to SECURITY_PRODUCT_STATE_ON. Error: (05/13/2022 10:39:33 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Error while updating status to SECURITY_PRODUCT_STATE_ON. Error: (05/13/2022 10:39:28 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Error while updating status to SECURITY_PRODUCT_STATE_ON. Error: (05/13/2022 10:39:23 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Error while updating status to SECURITY_PRODUCT_STATE_ON. Error: (05/13/2022 10:39:18 PM) (Source: SecurityCenter) (EventID: 16) (User: ) Description: Error while updating status to SECURITY_PRODUCT_STATE_ON. I have good explanations for the other errors reported by FRST and I can provide them if necessary. mbst-grab-results.zip
  8. pal1000
    Solved in 4.5.4.168 CU 1.0.1957 somehow. Activating by login failed 2 times with `Unable to access license server` error, but activating with product key was successful. This could very well be just a temporary server side glitch.
  9. pal1000
    That's normal because you can only enable beta updates when premium is activated. Those pictures don't help much. nothing stood out to me there. Also judging by the fact you couldn't reproduce following the alternative steps which comply with Malwarebytes supported usage, it means the hang may only happen when activating from Malwarebytes `Getting started` screen. If so the upgrade process itself hides the issue so the alternative and supported steps fail to reproduce the issue. However this issue may surface to supported usage when/if Malwarebytes v4.5.3.162 CU 1.0.1579 gets promoted to stable.
  10. pal1000
    Thanks @1PW for highlighting the supported way of installing beta updates. With that being said, these alternative steps might also reproduce the problem but I haven't tested them: - enroll in beta; - upgrade to v4.5.3.162 CU 1.0.1579 then restart the system if prompted; - disable premium then restart; - try activating premium again.
  11. pal1000
    Prerequisite - Malwarebytes online installer v4.5.3.263 or newer. Note that this is only available by enrolling in beta at the moment I am writing this. It gets downloaded in "C:\ProgramData\Malwarebytes\MBAMService" under a folder which name begins with "In". Copy it somewhere readily available. Steps - Uninstall Malwarebytes normally or via Support Tool; - Run Malwarebytes online installer with undocumented command line option to install beta program directly*; - Try activating license either via providing the key or by logging in, both activation means reproduce the problem. Note (*) I am aware this is unsupported and probably only Malwarebytes developers are supposed to know how to do this step, but this will become a real issue if/when Malwarebytes v4.5.3.162 CU 1.0.1579 hits general availability.
  12. pal1000
    I decided to try this experimental MBAE build linked here out of curiosity, but it didn't took me long to discover why it wasn't announced here, it crashes Command prompt no matter what shields or protection settings I disable. Reverting to MBAE 1.13.4.345 built into Malwarebytes premium makes issue go away.
  13. pal1000
    Issue came back. Apparently issue occurs after the following steps: - remove all scheduled scans; - create a quick scan schedule and don't change anything, just go ahead and confirm the scheduled scan. Outcomes - because scheduled scan date and time matches system date and time down to minutes, scan won't run and its scheduled time gets delayed by 5 mins over and over for about half a day; - During this half day check for updates button doesn't work and background intelligence updates don't trigger either. Issue goes away temporary - on restart; - after a few hours. Issue returns on its own - on logout / switch user; - on next boot if fast startup is enabled; - after a few hours. Restoring proper functionality This is tricky. Sometimes support tool succeeds in curing the problem, sometimes it fails. Same for normal uninstaller. Running both with reboots for each maximizes chances of success. mbst-grab-results.zip
  14. pal1000
    This can't be reproduced no matter what after clean installing from Oct 16. I think Support tool eliminated whatever persistent glitch occurred during components 1.0.1053-1.0.1070 beta cycle.
  15. pal1000
    Clean installed with support tool and the issue seams fixed. One thing I need to test is if the problem returns if I do a standard uninstall, reboot and reinstall. If it does come back then the culprit is the uninstaller.
  16. pal1000
    I was already on MB 4.2.1.89 Component 1.0,1070 stable as I did a clean install before opening this thread. Issue manifested shortly after install. mbst-grab-results.zip
  17. pal1000
    This issue seams to be triggered by threat intelligence updates. Also when issue is in effect threat intelligence updates, component updates and scheduled scans don't trigger. Issue fixes on its own after a day and half at most and can reoccur after another threat intelligence update. Issue can be triggered silently in the background, so if you don't check Settings About page the only clue hinting at something being wrong are the times when scheduled scans run. They'll run shortly after issue fixes on its own. This problem started around component 1.0.1045 or 1.0.1053. Clean installing doesn't help at all and issue can manifest immediately after a fresh install.
  18. pal1000
    Scenario A, just like B is also caused by disabling these services: - iphlpsvc - dmwappushservice - SSDPSRV - fdPHost - LanmanWorkstation
  19. pal1000
    These same five services being disabled is the root cause for these issues as well:
  20. pal1000
    The only one running is SSDPSRV (SSDP Discovery).
  21. pal1000
    If those aren't the cause then maybe one or more of these is: - dmwappushservice - SSDPSRV - fdPHost I still disable SMB via Windows Firewall, blocking ports 137-139, 445 outbound TCP and UDP..
  22. pal1000
    And finally this was also caused by those services being disabled. MB 4.2.0.82 Component 1.0.1025 hitting general availability gave me the opportunity to test this. This thread can be closed as all issues reported has been dealt with at my end with the exception of incomplete cleanup issue, which was known to Malwarebytes before this topic started. I wonder if Support tool should have a fix for LanmanWorkstation service. I am inclined to believe Malwarebytes relies on some SMB loopback communication. IP Helper may also be involved, but I don't see how.
  23. pal1000
    @exile360, as I found the root cause of this issue and neutralized it at my end, I think this topic can be closed.
  24. pal1000
    This was also caused by certain services being disabled.
  25. pal1000
    Tests I made clearly indicate that one of the tweaks I made to my system was responsible for this one. See https://github.com/pal1000/pal1000.github.io/commit/9ba400c0521a949ece3da93cfea9f0bb26832363 I then found batcmd.com website which has a very comprehensive catalog with information about Windows services all the way from XP to Windows 10 Version 2004, including default startup type, the exact kind of information to recover from this kind of problem.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.