Jump to content

LiquidTension

Staff
  • Content Count

    3,032
  • Joined

  • Last visited

Everything posted by LiquidTension

  1. Hi @shalebing, The dump file you provided reveals the crash is occurring during a normal QT operation; specifically, it's experiencing an access violation when attempting to access a standard memory location for QT. This indicates the source of the issue is almost definitely OS related or caused by interaction of other third-party software you have installed. Have you since managed to get into Safe Mode to verify if the Malwarebytes UI still fails to open? Please do the following: SFC /Scannow Please download sfc_scannow.bat using the link below. → https://malwarebytes.box.com/s/71uel6xlgciq5fitx1lq8a6jqo3ck4mi Open your Downloads folder. Double-click sfc_scannow.bat. Note: If you are prompted by Windows SmartScreen, click More info followed by Run anyway. A blue Command Prompt window will appear. Upon completion, a file named mb-cbs-log.zip will be created on your Desktop. Please attach the file in your next reply.
  2. When we add a new item to the Web Protection database, the block can be placed on a domain name, IP address or both. If an exclusion is placed on a domain name (such as the exclusion you've configured for free.appnee[.]com), we need to ensure we also do not block the IP address that the domain maps to - otherwise, the website will be inaccessible. The frequent querying is done to check if the IP address that the excluded domain maps to has changed. If it has, we can still ensure the IP address is not blocked. Unfortunately, we cannot wait for the DNS query that is performed when the user attempts to visit the website, so we must do this in advance to ensure the excluded website is accessible to the user at all times.
  3. Thanks for the update. If you encounter any further mbamtray.exe crashes, please let us know.
  4. Hi @lertch01, The mbamtray crash dumps you've provided do not reveal much unfortunately. They show that the crash was caused when initialisation of a DLL (used by mbamtray) failed. It does not show which DLL or why the issue occurred. I can see mbamtray.exe is running in the logs provided. To confirm, have you encountered any further issues with it launching since your post yesterday? What issue are you experiencing with Vortex Mod Manager?
  5. Thanks for the update. Did you manage to check if a particular Real-Time Protection module is involved? ----- Could you also try configuring mutual exclusions in Malwarebytes and Webroot. The article linked below lists out the Malwarebytes files/folders to add as exclusions in Webroot: https://support.malwarebytes.com/docs/DOC-1123 For instructions on configuring exclusions in Malwarebytes, please refer to: https://support.malwarebytes.com/docs/DOC-1130 Folders to add: C:\Program Files\Webroot C:\Program Files\Common Files\Webroot C:\ProgramData\WRData Files to add: C:\WINDOWS\System32\drivers\WRkrn.sys C:\WINDOWS\system32\DRIVERS\wrUrlFlt.sys Ensure the computer is restarted afterwards and check if this has any impact.
  6. Hello, This is expected behaviour in the current version of Malwarebytes. When an exclusion is made on a domain, we query it every 2 minutes to check if the associated IP address has changed or not. This is to ensure we do not block it in case it has changed. Many users are unfamiliar with DNS and when they enter in an exclusion to Malwarebytes, they expect that exclusion to work at all times. With that said, I can certainly appreciate why the frequency seems excessive and will be bring this up further with the product team.
  7. Hello, The scans can be performed in Normal Mode. They're intended to double-check for the presence of malware/adware. Booting into Safe Mode is just to check if you experience the same double-click behaviour or not in that environment. You don't need to perform the 3 scans there. Here are instructions on booting into Safe Mode: https://support.microsoft.com/en-gb/help/12376/windows-10-start-your-pc-in-safe-mode
  8. Thanks for the information. Did you also check if the same behaviour occurs in Safe Mode? We can run a couple of on-demand scans to check further (though I do suspect the cause lies with a particular configuration on your computer rather than malware/adware). Please work your way through the following: Malwarebytes Threat Scan with Rootkit Scanning Open Malwarebytes. Click the Settings menu followed by the Protection tab. Scroll down to Scan Options and turn the Scan for rootkits setting on. Click the Dashboard menu. Click Scan Now. If threats are detected, ensure all items are checked at the end of the scan and click Quarantine Selected. If you are prompted to restart, click Yes. Upon completion of the scan or after the reboot, click the Export Summary button. Click Text File (.txt). Click Desktop in the sidebar on the left. Give the report a file name and click Save. Click OK followed by Close. Attach the report (found on your Desktop) in your next reply. Malwarebytes AdwCleaner Please download Malwarebytes AdwCleaner using the link below. → https://toolslib.net/downloads/finish/1/ Right-click adwcleaner_7.#.#.exe and select Run as administrator to run the program. Click I AGREE if you consent to the EULA. Click Settings. Scroll down to Reset Winsock and turn the setting off . Click Dashboard followed by Scan Now. Upon completion, if no threats are detected, click Skip Basic Repair and skip to the last bullet point below. If items are detected, click Clean & Repair. Ensure all open work is saved and closed. Click Clean & Restart Now when prompted. Note: This will automatically reboot your computer. After the reboot, AdwCleaner will open. Close the program. A log named AdwCleaner[C0].txt will be saved in the following folder: C:\AdwCleaner\Logs. Please attach the log in your next reply. ESET Online Scan Please download ESET Online Scan using the link below. → http://download.eset.com/special/eos/esetonlinescanner_enu.exe Double-click esetonlinescanner_enu.exe to run the program. Click Accept. Place a checkmark next to Enable detection of potentially unwanted applications. Click Advanced settings. Place a checkmark next to Enable detection of potentially unsafe applications. Important: Ensure Clean threats automatically is unchecked. Click Scan. Allow the virus signature database to download. Wait for the scan to finish. Please be patient as this can take some time. Upon completion, click List of found threats. Click Export to text file…, name the file and save to your Desktop. Click Back. Note: If no threats were found, there will be no list of found threats or log to save. Place a checkmark next to Delete application’s data on close and click Finish. Click the ‘X’ in the upper right corner to close the window. Please attach the file in your next reply.
  9. Thanks. Please try the steps above to set MBAMService to delayed-start and confirm if the issue persists or not.
  10. Thanks for the file. Please perform a clean boot and then try the Malwarebytes installer. Afterwards, reverse the steps to undo the clean boot. Perform Clean Boot Press the Windows Key + R on your keyboard at the same time. Type msconfig and click OK. On the Services tab of the System Configuration dialog box, select the Hide all Microsoft services check box. Click Disable all. On the Startup tab of the System Configuration dialog box, click Open Task Manager. On the Startup tab in Task Manager, for each startup item, select the item and then click Disable. Close Task Manager. On the Startup tab of the System Configuration dialog box, click OK and then restart the computer. Log back into your normal user account. If the issue persists, please boot the computer into Safe Mode with Networking and try running the Malwarebytes installer once more. https://support.microsoft.com/en-gb/help/12376/windows-10-start-your-pc-in-safe-mode If you still encounter an issue, we'll need to obtain a Process Monitor log captured as the installer is running so we can take a closer look at the cause.
  11. Hi @AndrewC, Here are a few common reasons why MEMORY.dmp is not created: https://support.microsoft.com/en-gb/help/130536/windows-does-not-save-memory-dump-file-after-a-crash Just to confirm, Windows is definitely configured to generate a complete memory dump as specified in the article linked below? https://www.tenforums.com/tutorials/5560-configure-windows-10-create-minidump-bsod.html The System Event log should contain an entry with details on why the dump file was not created. Export Event Logs Press the Windows Key + R on your keyboard at the same time. Type eventvwr.msc and click OK. Expand Windows Logs. Right-click Application and click Save All Events As.... Name the file application and click OK. Repeat for Security and System. Navigate to the location of the files. Highlight the three files, right-click one and click Send to followed by Compressed (zipped) folder. Name the Zip file EventLogs.zip and attach the file in your next reply.
  12. Hi @cams, Thanks for sharing your findings. Please could you also carry out the steps in the following topic so we can get a closer look at your system's setup. This will help us reproduce the issue. https://forums.malwarebytes.com/topic/190532-having-problems-using-malwarebytes-please-follow-these-steps/ Please do the following as well: Export Event Logs Press the Windows Key + R on your keyboard at the same time. Type eventvwr.msc and click OK. Expand Windows Logs. Right-click Application and click Save All Events As.... Name the file application and click OK. Repeat for Security and System. Navigate to the location of the files. Highlight the three files, right-click one and click Send to followed by Compressed (zipped) folder. Name the Zip file EventLogs.zip and attach the file in your next reply.
  13. Thanks for the dump file. Please answer this question as well:
  14. Hi @AliAbbas1988, Please provide the following event logs so we can confirm mbamtray.exe isn't crashing. I don't suspect it is, but it's still worth confirming. Export Event Logs Press the Windows Key + R on your keyboard at the same time. Type eventvwr.msc and click OK. Expand Windows Logs. Right-click Application and click Save All Events As.... Name the file application and click OK. Repeat for System. Navigate to the location of the files. Highlight the two files, right-click one and click Send to followed by Compressed (zipped) folder. Name the Zip file EventLogs.zip and attach the file in your next reply. ----- Typically, users experience this issue when the Windows startup time is particularly slow or when fast startup is enabled. Have you noticed any recent changes in the time it takes for Windows to startup? Please try the following and check if you still experience an issue over multiple reboots. Set Malwarebytes Startup Type As Delayed-Auto Download mbamservice_delayed.reg using the link below: → https://malwarebytes.box.com/s/15jbt7tifcetlhcgmszzb6appbak56w4 Right-click the Malwarebytes icon in your notification area (next to the system clock). Note: You may need to click the arrow to reveal the icon. Click Quit Malwarebytes followed by Yes if prompted by User Account Control. Open your Downloads folder or location of the downloaded mbamservice_delayed.reg file. Double-click mbamservice_delayed.reg and click Run followed by Yes if prompted by User Account Control. Click Yes when prompted to continue. Click OK. Restart the computer.
  15. Hello @Mirfly, Sorry to hear of the troubles you're having. In addition to elaborating on the issues, please could you also carry out the instructions in the topic linked below so we can take a closer look at the issue. https://forums.malwarebytes.com/topic/190532-having-problems-using-malwarebytes-please-follow-these-steps/ Thanks!
  16. Hi @kimabc3, Thanks for providing the logs. There are no signs of any malware present. Could you elaborate a little more on the issue please. Are you experiencing a double-click every time you single-click? Are there any other issues occurring? Have you tried testing a different mouse to see if the fault lies there? Does this behaviour occur in Safe Mode?
  17. Hi @Yang, Does the freeze occur consistently occur with manual Threat Scans or only sometimes? Are there any other actions/events in particular that typically trigger the issue? How long have you had a Malwarebytes product installed? Is this new behaviour that previously did not occur with Malwarebytes installed? It's unlikely related, but I would consider uninstalling PCAPro and rebooting. We do not recommend using software of this nature. ----- Let's see if we can narrow down the source of the issue. Please disable all Real-Time Protection modules in Malwarebytes (Dashboard -> disable each module on the right). Once done, verify if the issue persists or not. If it doesn't, re-enable one module and check again. Repeat until you identify which module is responsible.
  18. Hi @shalebing, Do you have any type of tablet software installed? We can see mbam.exe (the Malwarebytes user interface) is crashing. Let's enable user mode crash dumps and obtain a crash dump. This should give us a good indication as to what is causing the crash. Enable User Mode Crash Dumps Please download enable_crash_dumps.bat using the link below. → https://malwarebytes.box.com/s/eug9gmk7i1xqeugb0xobjlqcsfb4uv1e Open your Downloads folder. Right-click enable_crash_dumps.bat and select Run as administrator to run the file. Note: If you are prompted by Windows SmartScreen, click More info followed by Run anyway. A black Command Prompt window will appear. Upon completion, press any key to exit. Once done, please reproduce the issue you're experiencing. Collect Crash Dump Reproduce the issue by attempting to open the Malwarebytes user interface. Wait at least 1 minute. Press the Windows Key + R on your keyboard at the same time. Copy %localappdata%\CrashDumps and paste into the Run box. Click OK. A folder will open. Inside you should see a DMP file with "mbam.exe" in the file name. Right-click the file and click Send to followed by Compressed (Zipped) folder. This will create a Zip file. Go to WeTransfer.com in your browser. Click Add your files, navigate to %localappdata%\CrashDumps and double-click the ZIP file. Click (...) and select the link radio button under Send as. Click Transfer. Upon completion, copy the download link and include it in a forum post.
  19. Thanks for the update. Please rerun the Malwarebytes Support Tool in the same manner as before and provide the newly generated mbst-grab-results.zip.
  20. Hi @zwizzcheese, Thanks for the file you provided earlier. The particular error message you referenced in your first post is consistent with other users who have also encountered issues with installing Malwarebytes. In those cases, the cause was found to be AVG/Avast Anti-Virus. Please could you uninstall Avast, run their removal tool using the link below and reboot the computer afterwards. https://www.avast.com/en-gb/uninstall-utility Once done, try the Malwarebytes installation again and let us know the results.
  21. Hello, Thanks for providing the file. We're very sorry for the inconvenience that's been caused. The detections were indeed a false-positive that we've since removed from the database. Unfortunately, there are no items currently in the Malwarebytes Quarantine. This is due to the machine being restored to a previous point using System Restore. When dealing with a false-positive, the best way of proceeding is to access the Malwarebytes Quarantine and restore the quarantined items directly using Malwarebytes. Just to confirm there are no other factors involved, you may want to try booting the machine into Safe Mode with Networking and checking if you still encounter the same issue. Aside from that, I'm afraid there's not much else we can do to assist with this issue.
  22. Thanks for clarifying. So what you're experiencing is a full system freeze (as opposed to just the Malwarebytes program freezing)? In which case, it won't be possible to obtain a memory dump specifically for MBAMService in the issue state as the entire system is frozen. ----- We can however try to generate a memory dump of the system in the frozen state. This involves forcing the macahine to blue screen. More information can be found here. First, please ensure the machine is configured to generate full memory dumps. Details on this can be found in the article linked below: https://www.tenforums.com/tutorials/5560-configure-windows-10-create-minidump-bsod.html (Refer to Option 2: "Have Windows Create a Complete Memory Dump on BSOD") Once done, proceed with the following: Enable Forced BSOD Download enable_forced_bsod.reg using the link below: → https://malwarebytes.box.com/s/8rxpxrwm4jmdz95dg5p1kudymdl4vtzm Open your Downloads folder or location of the downloaded enable_forced_bsod.reg file. Double-click enable_forced_bsod.reg and click Run followed by Yes if prompted by User Account Control. Click Yes when prompted to continue. Click OK. Restart your computer. After the computer has restarted, reproduce the issue so that your machine is in the frozen state. Once done, hold down the rightmost Ctrl key on your keyboard and press the Scroll Lock key twice. This will force your machine to blue screen. After the computer has rebooted, open the C:\Windows folder and verify a file named MEMORY.dmp is present. Right-click MEMORY.dmp and click Send to followed by Compressed (zipped) folder. If prompted to save the file to your Desktop, click Yes. Upon completion, upload the Zip file to a file hosting service (e.g. Google Drive, OneDrive, WeTransfer.com, etc) and provide a download link in your next reply.
  23. Hi @Sallyco, I'm sorry to hear of the trouble you're having. We can certainly look into the events that took place and check if it's possible to restore your data. Please start by carrying out the instructions in the post above and provide the generated mbst-grab-results.zip file.
  24. Hi @AndrewC, There's no indication of a hang in that memory dump. To confirm, is this the order of events you took? Ran the batch file -> Entered Y into the Command Prompt and allowed the computer to reboot automatically -> After the reboot, ran a Threat Scan with Malwarebytes and waited for the program to freeze/hang -> Ran the batch file a second time
  25. Thanks for the information and memory dump. I'll get back to you shortly with the results.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.