Jump to content

Marc_Foreman

Honorary Members
  • Posts

    42
  • Joined

  • Last visited

Everything posted by Marc_Foreman

  1. Malwarebytes just reported the attached files as infected. I believe this is a false positive. vdub32.zip fpreport.zip
  2. Just to confirm, I'm getting this too. Started today. The FlexNet licensing service on my system is the 32bit process, and is used to validate licensing for Autodesk 3D Studio Max, v2013. Looking forward to hearing feedback on this from the MWB engineers to determine if it's a false positive and how to safely disable the unnecessary popup under those circumstances. Best, Marc
  3. Thanks Exile360. I've just checked and my system hibernate function had already been disabled via admin command line. However, I've re-enabled it and have unchecked fast startup as instructed in your post. I'll let you know how it goes.
  4. One bad-news update to this : During boot this morning, the system hung in the previously-described manner (the moment the desktop was revealed, all activity halted). I was forced to power-down and reboot. Upon rebooting, the problem didn't occur. Now that I'm running a more recent version of Windows 10 (1903), I presume the debugging process to look into the issue will need to begin again. I did try to run the Malwarebytes Support Tool 1.5.3.749, but it fails at the zip logs stage with the error message "We were unable to create mbst-grab-results.zip, please notify Malwarebytes Support". Instead, I've used FRST64 directly and generated the attached log files. Hope to hear back from you soon. FRST.txt Addition.txt
  5. Further to the extensive thread on this issue, I wanted to provide additional information which may help. I can confirm that having upgraded my Windows o/s from Windows 10 v1803 to v1903 (May 2019), the issues with Malwarebytes 4 are no longer present. To install the upgrade, I uninstalled Malwarebytes from my system and then agreed to the feature update for 1903. This took about 3 hours to install. Once the installation had completed, I then reinstalled Malwarebytes 4 and found it to be far more responsive. If you are experiencing the same issue, then I hope this helps you. My original post on the topic can be found here:
  6. Thanks Maurice - I confirm 3.8.3.2965 is in place, all protection layers are on, application updates are off, self protection is on and rootkit checking is on. Best regards, Marc
  7. Thanks Maurice - I have indeed taken everything you've said on board, and it's encouraging to know just how much more seriously Microsoft are soak-testing their products. I WILL be performing a feature update to 1903 in the very near future, and as soon as is prudent, will then follow on with 1909. Thanks so much for the link to the most recent version of MWB3 to suit me in the interim, and I will certainly be back in touch. For now, I'll ensure that the MWB support ticket I also opened on this topic is linked with this conversation for internal reference, and if there's anything further I can do within the context of what is achievable given my current restrictions, please let me know and I'll be happy to generate new logging or debug info for you. Best regards, Marc
  8. Thanks Maurice, At this moment, I am running Malwarebytes 3.3.1 and the system is stable with no lockups, and no interruptions (freezing) during use. All 4 security layers are activated and show as being "on", and the malware library has been updated to the latest available version. Just to explain my reticence, we suffered a period of unwanted, unexpected and significant downtime when Windows 10 was upgraded to a new release (1703, at that time). The upgrade caused a repartitioning of our hard drives, and this had a detrimental effect on a range of licensed software we were using which then falsely triggered a lock on the license, due to the change in hard drive formatting. This cost a lot of time to resolve, and in the process we were delayed on a contract that the affected PC's were allocated to work on. It then became company policy to not trigger feature updates unless the update has been market-tested en masse for a minimum of 6 months. It was also around this time during the remediation process that I began following Woody Leonhard, and over the years have trusted his cautious and measured approach which weigh security risk with known threats in the wild and then balances this with the potential disruption a feature update may cause. What I can do, is since Win10 1903 has been out for 7 months now, I would consider it safe to install. I can go ahead and upgrade to that and install 1909 when I have confidence in its stability. Irrespective, since I'd like to continue using Malwarebytes due to my faith in your technology, I would at the very least like to download the latest version 3 build that you have prior to release of version 4. If you could share a link with me, perhaps by direct email if you're not comfortable doing so in the forum, then I would be very grateful. When 1903 is installed, I can then repeat testing with MWB4 and see what happens. If the same problem occurs, I will still have MWB3 to then fall back on, prior to the big push to 1909. I hope this makes sense, and I apologise if it sounds foolish. There is however good reason behind the decision. I look forward to hearing from you. Best, Marc
  9. OK, it's 0:47am here, so I'm calling it a night. Thank you for your patience and assistance in this. I'll leave a reminder for me to try Malwarebytes 4 once again when 1909 becomes a realistic feature update option for me. I'll look forward to receiving your link for the most recent MWB3 in the morning. Have a good evening yourself, Marc
  10. So sorry Maurice, but the risk is too great, given my system is mission critical and stable in all other respects on malwarebytes v3. As a work-pc, I can't afford to take the risk, I'm sure you understand. Would you be able to guide me to the most recent build of Malwarebytes 3, so that I can at least be as secure as possible until such time as Woody Leonard pronounces it safe (he's been a lifesaver during previous incarnations of windows 10 and I watch his MS Defcon tracking regularly at askwoody.com).
  11. Maurice, I have grave misgivings about a feature update to the latest version of Windows when it's so fresh in the marketplace and hasn't been doled out to my PC yet. Can we not do this with a version of windows which has been around for long enough to be pronounced stable?
  12. OK, this has installed. I haven't been prompted to reboot so am still in the same windows session.
  13. Hi Maurice, Sorry for shifting the goalposts on you. Should I remove Malwarebytes 4 first using the malwarebytes support tool, prior to installing the windows ssu? Best regards, Marc
  14. Thank you Maurice, I can also confirm that I re-ran your instructions from yesterday, and I used the support tool to clean malwarebytes from my system, and on reboot reinstalled version 4. I then rebooted and confirmed the same problem persisted of locking up on start. I also discovered that by forcing the next reboot, the system launched successfully. It's from this newly launched session with MWB4 installed that the ARN file has been generated. Secondly, I also observed a freeze in the windows taskbar of the same type when I first disabled, and then manually re-enabled the ransomware protection layer, in accordance with Ron Harr's suggestion. There was a delay of apprx 10 seconds whilst the taskbar and desktop were unresponsive, after which it cleared. Thirdly, the Autoruns tool UI has been updated by Microsoft I believe, as your instructions seem to refer to a different incarnation of it. However, I think I've transposed what you asked for successfully but please let me know if you need me to re-run. Attached is the ARN file it created. Best regards, Marc I7-6950X.zip
  15. Maurice, good morning. But it's bad new I'm afraid. On first and second boot this morning, Windows locks up in exactly the way it did beforehand. I was forced to boot into safe mode, use the removal tool to remove Malwarebytes, and then instead of reinstalling 4, I've reinstalled my old version 3 (some protection being better than none). What's the next debugging step please? Thanks, Marc
  16. Thanks Maurice - really appreciate it and so far I'm very much enjoying the new experience of Malwarebytes 4. Best, Marc
  17. Sorry Maurice - one last thing : In the course of picking up the file you asked for, I saw that in my Windows\system32 folder, there's a set of files with chinese characters and no file extension. Are these malware traces? I've attached a zip of the files in question. I've never seen anything like them before. Best, Marc System32_chinesefiles.zip
  18. Hi - thanks for your advice, but it turns out the problem was much more fundamental. It was me. 🙂 I had been placing my email address into the "Display Name" field at login. It was only just now that I realised the display name was a different variable. I've corrected this and now all works correctly. Thanks very much for that. Best regards, Marc
  19. Hi Maurice, Please find the requested file attached to this message. Best regards, Marc status.txt
  20. Just tried this Nukecad but unfortunately I get the same behaviour. Also tried re-pasting the password rather than using the one my browser (chrome) stores. Same result. Very odd.
  21. I did truncate, but I didn't use one completely different. I'll give it a go and post the result here in a sec ... (thanks).
  22. I've also just realised I forgot to check the "notify me of replies" option so posting this comment to correct that 🙂
  23. Hi - I've encountered a problem with the Malwarebytes Forum recently during a Malware debugging session. Each time I attempt to log into the forum, my password is unrecognised. The only way I can get into it is to click the "forgot password" link, and then manually reset the password to the same one (copy/paste - I have it on a sticky on my desktop now). If I log out, and then log back in that same password no longer functions and I need to go through this process again. Is there a forum admin able to advise on this please? Best, Marc
  24. Hi Maurice - thank you for your help. I've following your instructions, and on this occasion can report that following reinstallation and reboot, Windows did enter the desktop successfully (yay!). I've checked the system settings and the only change I can see on this occasion is that Malwarebytes has automatically registered with the Windows Security Center, and therefore Windows Defender is disabled. In the previous installs, Windows Defender was still running and active. I'll keep a close eye on the system over the next 24 hours and will let you know how it goes, but for now I would say tentatively, looking good. :-) Much appreciated, Marc
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.