Jump to content

LiquidTension

Staff
  • Content Count

    3,820
  • Joined

  • Last visited

Everything posted by LiquidTension

  1. @AndyGarside The reports from the above users are indeed a false-positive. To confirm with certainty if this applies to your 3 affected machines, we would need to see the MBAMService.log file (found in %programdata%\Malwarebytes\MBAMService\logs or %programdata%\Malwarebytes\MB3Service\logs). The additional information requested in post #13 is to aid our efforts in finding a solution for the false-positive.
  2. Hi @RichardMills, If you still encounter an issue, please disable hardware acceleration for the Malwarebytes user interface. This can be accomplished by running the following batch file: https://downloads.malwarebytes.com/file/disable_hwacc_bat You should find the user interface opens normally afterwards.
  3. The only option currently available is to disable Malwarebytes from registering with Windows Security Center. You can find the option to disable this in Settings -> Security -> Windows Security Center.
  4. Hello @Nj2020, An incompatibility between Malwarebytes Ransomware Protection and Kaspersky 2020 products currently exists. We've released a fix for this issue in the standalone Malwarebytes Anti-Ransomware and hope to bring this across to the main Malwarebytes product in an upcoming update. See here: https://forums.malwarebytes.com/topic/255936-kaspersky-2020-version-issues-incompatibility-and-more/?do=findComment&comment=1359179 Until that time, you can either use the 2019 version of your Kaspersky product or disable Ransomware Protection (and reboot at least once).
  5. Thank you for the additional information. We're still looking for Process Monitor boot time logs captured as the issue is reproduced. If you're able to reproduce the detection once more, please generate a boot time log using the instructions in the article below: https://support.malwarebytes.com/hc/en-us/articles/360039025073-Use-Process-Monitor-to-create-real-time-event-logs (refer to the "Create a boot log" steps) Once you have the log, please zip up and provide the following: Process Monitor boot time log MBAMService.log Contents of the C:\ProgramData\Malwarebytes\MB3Service\ARW directory. Farbar Recovery Scan Tool logs: https://support.malwarebytes.com/hc/en-us/articles/360039025013-Run-Farbar-Recovery-Scan-Tool-to-gather-logs Please ensure the second, third and forth items are uploaded after generating the Process Monitor log.
  6. Hi @TigerByte, When you run Process Monitor, could you save the results to a log file and provide us with a copy, please. This will help us determine if what you're experiencing is a known issue or not. You can find instructions for saving a log in the following article: https://support.malwarebytes.com/hc/en-us/articles/360039025073-Use-Process-Monitor-to-create-real-time-event-logs Thank you!
  7. Thank you for the logs, @biomembrain The issue is evident in the logs, but unfortunately there's not enough information to determine why this is occurring. I've sent you follow-up instructions to gather more information on the issue.
  8. Hi @raphaelmsx, What you're seeing is likely caused by your last scan time. If a scan has not been performed within the last 7 days, Windows Security Centre will be instructed to display the warning you're currently seeing. Please run a Threat Scan (open the user interface and click Scan Now). After the scan, confirm the warning is no longer displayed.
  9. Hi all, Thank you for your patience with this issue. We are still working on this and hope to make a fix available in a future update. In the meantime, if you would prefer not to leave Web Protection disabled, you can revert to an earlier version of Malwarebytes that does not contain this issue. See this post for details.
  10. The standalone Malwarebytes Anti-Ransomware cannot be installed on a machine with Malwarebytes already installed. Hi Paul, I certainly understand the frustration. Unfortunately, we do not have any information to share at this current time. As soon as we do, a post will be made on the forum.
  11. Thank you! Hi @torrey, which Malwarebytes product are you using?
  12. Hi @CeeBee, The files are all counter-signed, which proves the validity of the signing signature despite it being expired. This can be seen in any of the file properties (e.g. open mbarw.exe properties -> Digital Signatures -> Open details -> Countersignatures -> Details). What's important is the signing timestamp of the counter signature, which is before the certificate expired. You can read more about this here: https://docs.microsoft.com/en-us/windows/win32/seccrypto/time-stamping-authenticode-signatures
  13. Hi @Eagle12, Thanks for those dumps. Unfortunately, minidumps aren't particularly useful. Could you zip up and upload the full memory dump found at C:\Windows\MEMORY.dmp please? Also, please provide the following information: When did this BSOD first start occurring? How often does it occur? Are you able to consistently reproduce it or is it random? What actions typically cause it to occur? What were you doing with the computer when it last occurred? If you temporarily uninstall McAfee and reboot the computer, does the BSOD persist?
  14. Thanks for letting us know about this. Please could you zip up and provide C:\Windows\MEMORY.dmp (assuming it was created) along with logs from the Malwarebytes Support Tool: https://support.malwarebytes.com/hc/en-us/articles/360039023453-Upload-Malwarebytes-Support-Tool-logs-manually
  15. Thanks Phil. That's consistent with our findings. Once we have an update on the issue, I'll respond back to this topic.
  16. Thank you! In case it helps, the follow article outlines how to enable user mode dump creation: https://docs.microsoft.com/en-us/windows/win32/wer/collecting-user-mode-dumps Also, if you're able to associate the crash with a particular set of actions, this will greatly help with our efforts to reproduce the issue.
  17. Malwarebytes uses plain text files (with JSON formatted data/.json file extension) located in %ProgramData%\Malwarebytes\MBAMService\config to store product settings. Windows System Restore does not monitor this type of file. See About System Restore. If you are looking to restore the Malwarebytes settings to default, you can use the "Restore default settings" button found in Settings -> General (scroll to the bottom).
  18. Thanks for the report, @AnotherConcernedCitizen. We haven't been able to reproduce this issue yet. I've sent you a PM with steps to generate some troubleshooting data for us.
  19. Hi @BillH99999, Do you have NVIDIA HD Audio Driver installed? Please could you start with logs from the Malwarebytes Support Tool: https://support.malwarebytes.com/hc/en-us/articles/360039023453-Upload-Malwarebytes-Support-Tool-logs-manually
  20. Thank you for the report. Do you have any dumps files from these crashes? If automatic dump creation is enabled, %localappdata%\CrashDumps is the default location to check. Without any dumps or methods to reliably reproduce this, I'm afraid there isn't much we can do here.
  21. Thank you for the report. We have a defect filed for this issue. Until we're able to release a fix, please keep the exclusions in place.
  22. The event log excerpts found in the Addition.txt file is a good starting point to check if there's indication of an Ant-Exploit-related crash. If you perform a clean boot, do you experience the same issue? https://support.microsoft.com/en-gb/help/929135/how-to-perform-a-clean-boot-in-windows (leave anything Malwarebytes-related enabled/checked)
  23. Hi @MJBJ, Thank you for the file. You currently have rootkit scanning enabled, which will often significantly increase the duration of the scan due to the low level nature of the scanning that is performed. To confirm if this is the cause, please disable rootkit scanning and run a manual Threat Scan. Open Malwarebytes. Click Settings. Click Security. Turn "Scan for rootkits" off under Scan options. Return to the Dashboard and click Scan. Please let us know how you get on.
  24. Hi @RaulV, The file indicates there are leftovers from a Malwarebytes Anti-Malware version 2 installation. Please use the Malwarebytes Support Tool to remove all leftovers and install the latest Malwarebytes version 4. https://support.malwarebytes.com/hc/en-us/articles/360039023473-Uninstall-and-reinstall-using-the-Malwarebytes-Support-Tool
  25. Thank you for the report. Please note that winrar.exe is added as a protected application by default (albeit, it is not included in the "Default" list displayed within the user interface). The expected behaviour here is for an error message to be displayed indicating the application is already protected. A defect has been filed to correct this.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.