Jump to content

LiquidTension

Staff
  • Content Count

    2,875
  • Joined

  • Last visited

Everything posted by LiquidTension

  1. Thanks for the file. The Schannel Event Log errors coincide with the following Malwarebytes events: 03/18/19 " 10:36:43.018" 2566754 0350 1cbc WARNING MBAMChameleon PreProcHandleOperationRoutine "mbamwatchdog.c" 725 "ObjCallback: Process (\Device\HarddiskVolume15\Windows\System32\services.exe) thread access for protected process \Device\HarddiskVolume15\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe with access 10" 03/18/19 " 10:36:43.206" 2566942 02a4 17a0 WARNING MBAMChameleon PreProcHandleOperationRoutine "mbamwatchdog.c" 725 "ObjCallback: Process (\Device\HarddiskVolume15\Windows\System32\csrss.exe) thread access for protected process \Device\HarddiskVolume15\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe with access 1fffff" These events originate from the Self-Protection component in Malwarebytes. They're normal/expected. As a test, try disabling Self-Protection in Malwarebytes and check if the Schannel errors still appear. To do so: Open Malwarebytes. Click Settings. Click Protection. Scroll down to Startup Options and turn the Self-Protection module setting off.
  2. Hello, Please carry out steps 4 and 5 in the topic linked below so we can investigate the issue: https://forums.malwarebytes.com/topic/190532-having-problems-using-malwarebytes-please-follow-these-steps/
  3. You could also try running the following command from an elevated Command Prompt: "C:\Program Files\Microsoft Security Client\mpcmdrun.exe" -RemoveDefinitions This rolls back the current definition update to a previous version.
  4. Hi @DSperber, The Schannel error you're seeing is typically related to network communication between a client and server. Here's a user who reported seeing the same error: https://forums.malwarebytes.com/topic/236708-scan-produces-schannel-error/ Note that this user also has Microsoft Security Essentials installed. Could you try disabling/uninstalling MSE and then check if the error is still exhibited during/after running a scan with Malwarebytes. It would also help if we could obtain some troubleshooting logs to see if any errors in Malwarebytes' service logging coincide with the errors in your Event Log. Steps on how to provide the logs can be found here: https://forums.malwarebytes.com/topic/190532-having-problems-using-malwarebytes-please-follow-these-steps/
  5. Hi @slovokia, Thanks for providing the data. We recently made some changes to how files are queried against some of our internal systems during an online scan. To test, please could you try running the same scan whilst the machine is disconnected from the Internet and check what impact this has on the completion time. Could you also try out latest components package version (1.0.563) please. Details here: https://forums.malwarebytes.com/topic/242280-ladies-and-gentlemen-mb371/?do=findComment&comment=1304385 ----- Please do the following as well: Press the Windows Key + R on your keyboard at the same time. Type eventvwr.msc and click OK. Expand Applications and Services Logs. Expand Microsoft followed by Windows. Scroll down the list and expand CodeIntegrity. Right-click Operational and click Save All Events As.... Name the file codeinteg and click OK. Navigate to the location of the file. Right-click the file and click Send to followed by Compressed (zipped) folder. Name the Zip file EventLogs.zip and send the file to me.
  6. Hello, This issue is not being caused by Malwarebytes. The 1.289.1521.0 definition update released by Microsoft appears to be the cause. The following screenshot is captured from a machine without any Malwarebytes software installed. There are various other reports of this issue: https://answers.microsoft.com/en-us/protect/forum/all/microsoft-security-essentials-real-time-protection/e58f2bb3-f423-4948-85d1-684925f671e3 https://superuser.com/questions/1415239/microsoft-security-essentials-log-indicates-it-keeps-crashing https://www.askwoody.com/2019/windows-defender-security-definition-problems/ https://techdows.com/2019/03/microsoft-security-essentials-windows-defender-0x800106ba-error.html https://social.technet.microsoft.com/Forums/en-US/18ab60a3-3b26-4a07-b68d-84085ce66ce5/scep-crashing-pcs Microsoft will likely address this by reverting the update or releasing a fix.
  7. Thanks for the information. I've responded to your topic in the other forum section. We can move any further discussion there.
  8. Hello, I've reviewed the logs and found no evidence of malware present on the computer. As I mentioned in your other topic, our Research team have confirmed the IP is safe. There's no apparent need for a fixlist. Do you have any other concerns or issues with the computer currently?
  9. Hello, I'm sorry to hear about your continued issue. Do you have Macrium, Acronis or similar backup software installed on the computers? Please could you provide troubleshooting logs from a few of the affected computers. Steps on how to do so can be found here: https://forums.malwarebytes.com/topic/190532-having-problems-using-malwarebytes-please-follow-these-steps/
  10. Unfortunately, we've been unable to reproduce the issue (due to the limited information provided, it's possible we aren't using the correct testing conditions). We'd appreciate if you could upload the dump file and other log file for analysis. Thank you!
  11. Hi @Hornsj2, We don't typically close topics in this section of the forum. Our Research team have reviewed the IP address and determined it is safe. If you'd like us to double-check your computer for malware, please carry out the steps in post #5.
  12. Hi @tr1cky, Malwarebytes is crashing because of the Proxifier version 3.42 program you have installed. At this current time, that program will either need to be uninstalled or you'll need to stick with the previous Malwarebytes version (3.6) until a permanent solution is found. Please run the Malwarebytes Support Tool again and use the Clean option on the Advanced page (as explained by Firefox above). When you're prompted to install the latest version of Malwarebytes, please click No. At this point, you'll need to decide if you would like to uninstall Proxifier or stick to the previous Malwarebytes version. If you choose to uninstall Proxifier, reboot the computer afterwards and download/install the latest version of Malwarebytes using the following link. If you do not wish to uninstall Proxifier, you can download/install the previous version of Malwarebytes using the following link. You will also need to disable the check for new installer updates (otherwise you will be repeatedly notified). To do so, open Malwarebytes > click Settings > turn off, "Notify me when full version updates are available".
  13. Hi @DanJustice, Can you try uninstalling Proxifier version 3.31, rebooting the computer and then activating Malwarebytes. There's currently an issue between Malwarebytes and certain third-party programs that insert a DLL into the Winsock.
  14. Hello, Please could you provide us with the crash dump file. If necessary, it can be uploaded to WeTransfer.com. Also, please carry out the steps in the topic linked below: https://forums.malwarebytes.com/topic/190532-having-problems-using-malwarebytes-please-follow-these-steps/ Thank you!
  15. Hi @MAXBAR1, The custom shields you've added along with the program types selected are fine. Selecting 'MS Office' for the two programs you've mentioned shouldn't cause any issues, but does slightly alter what actions Exploit Protection will allow and not allow the processes to perform. For example, if either program has scripting functionality built-in (leveraging something like Microsoft CScript), you will find this is blocked by Exploit Protection. If you encounter any issues, just let us know.
  16. Hi @enyceedanny, We've determined this blue screen is being caused by a conflict between the Web Protection component in Malwarebytes and the Web Protection component in BitDefender. As a workaround, either component can be disabled. We are currently investigating whether a more permanent solution is available.
  17. Thanks for the file. I don't see a wireless network adapter present. There's no indication this was caused by the Malwarebytes scans ran back in April last year. The scan results only contain items related to Internet Explorer search scopes and other PUP-related files/folders. Nothing related to your Wireless network adapter. You can redownload/reinstall it from the HP website. https://support.hp.com/us-en/drivers/selfservice/ I see your computer has been blue screening recently. When did this first start occurring?
  18. Thanks for the update! To help us investigate why this occurred, please could you do the following: Press the Windows Key + R on your keyboard at the same time. Type C:\FRST and click OK. Copy the Quarantine folder to your Desktop. Right-click the copied Quarantine folder on your Desktop and click Send to followed by Compressed (zipped) folder. This will create a Zip file on your Desktop. Please attach the Zip file to a post. Please attach Fixlog.txt as well (saved to your Downloads folder).
  19. Thanks for the information and confirming all is well. We're looking into the cause of your initial issue.
  20. We are actively investigating the issue. As soon as we have an update, I'll respond back to this topic.
  21. Hi Gagome, As Porthos mentioned above, you will need to delete the downloaded installer file. Here are steps on how to do so. Open Malwarebytes. Click Settings followed by Protection. Scroll down to Startup Options and turn the, "Enable self-protection module" setting off. Press the Windows Key + R on your keyboard at the same time. Type %programdata%\Malwarebytes\MBAMService and click OK. Right-click the instlrupdate folder and click Delete. Reverse the earlier change made to the Self-Protection setting. Thank you for providing feedback on the full version update process/behaviour. We believe it's paramount for updates and upgrades to be more transparent in the future.
  22. Hi @Don12, Thanks for reporting the issue. Please clarify the steps you took leading up to this. Did you delete the scheduled scan depicted in your first original post and then create a new one? Or did you continue to edit the same scan? After you inputted the starting date/time, did you immediately click OK? From this point, what did you click next?
  23. If you open the C:\Windows\System32\drivers folder, are you able to rename the mbae64.sys file to something else (e.g. mbae64.sys.old)? If not, please do the following: Farbar Recovery Scan Tool (FRST) Script Please download Fixlist.txt using the following link: https://malwarebytes.box.com/s/dboqfq1irrzcbvi40w6czdxvg3aionl3 Ensure the file is saved to your Downloads folder. Open your Downloads folder. Inside you should see a file named FRSTEnglish.exe along with Fixlist.txt. Right-click FRSTEnglish.exe and select Run as administrator to run the program. Click the Fix button (not the Scan button). Please be patient. If you are prompted to reboot upon completion, please consent. A log named Fixlog.txt will be saved in your Downloads folder. Please attach the log in your next reply.
  24. Please carry out steps #4 and #5 in the following topic so we can take a closer look at the issue. https://forums.malwarebytes.com/topic/190532-having-problems-using-malwarebytes-please-follow-these-steps/
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.