TempLost
-
Posts
469 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by TempLost
-
-
Jekko, I attach current diagnostic files if they help at all.
Windows 7 Home Premium SP1 x64
Malwarebytes Premium 3.0.6.1469 CU3 Feb 24th Component Package Version: 1.0.75
Avast Free 17.1.2288
CryptoPrevent 8.0 Premium
Tweaking.com Registry Backup 3.5.3
Casper 10 Backup -
1 hour ago, TempLost said:
Jekko - I've been running that latest version for the last couple of days and all seems well - also, can run CryptoPrevent 8.0 with default settings, so that's good. Thunderstorm here at the moment so I'm not chancing firing up my PC just now (I'm on a tablet) but will check out the web protection then and report back.
Other sites all seem to trigger the block from within Malwarebytes but http://iptest.malwarebytes.org/ only gives me the "This site can't be reached" dialogue using Chrome.
As everything else seems to be running well I wasn't planning to try a clean install until the next release.
Windows 7 Home Premium SP1 x64
Malwarebytes Premium 3.0.6.1469 CU3 Feb 24th Component Package Version: 1.0.75
Avast Free 17.1.2286
CryptoPrevent 8.0 Premium
Tweaking.com Registry Backup 3.5.3
Casper 10 Backup -
5 minutes ago, Jekko said:
If you are still seeing issues with Web Protection not showing a block page, please try installing the new version of MBAM 3.0.6 posted by bdubrow on Feb 24th. This version seemed to solve the issues for @Acrobaze so I am curious if it will also help you.
If you do try this, be sure to check the about page for Component Package Version: 1.0.75.
Jekko - I've been running that latest version for the last couple of days and all seems well - also, can run CryptoPrevent 8.0 with default settings, so that's good. Thunderstorm here at the moment so I'm not chancing firing up my PC just now (I'm on a tablet) but will check out the web protection then and report back.
-
4 hours ago, bdubrow said:
Hi TempLost--
We have had a couple other reports that there are still some issues on Windows 7. We're investigating.
Thanks, Becky - as I've posted elsewhere, the latest BETA seems to be working pretty well for me for the moment in most areas.
-
Really, no problem - just curious, is all - thanks for your interest.
-
Answered in another thread
-
Thanks, no problem, just wondering - that's to add an avatar as well? As there seem to be plenty of members with avatars and less posts. Unless I'm missing something obvious.......
-
I've been running this new BETA for 24 hours and have experienced no problems to date. I installed it over the previous Beta (after turning off Avast protection) - that BETA had been giving me some issues which were mostly resolved with the help of Jekko in this thread:-
Issues with being unable to switch on Self Protection and having occasional incidences of Real Time Protection turning off were resolved with Jekko's help, but I had other problems which only seemed to disappear when I reduced the protection level in CryptoPrevent 8.0 from Default to Minimal. For whatever reason, I haven't seen that issue with this BETA and am running successfully with CryptoPrevent protection back up at default. The System Volume Information bloating now seems to have disappeared as well.
I've rebooted many times, run scans, run lots of different programs and utilities, and haven't met any difficulties yet. Scans still use 100% of my processor but I know that issue is being looked at.
So far, so good!
Windows 7 Home Premium SP1 x64
Malwarebytes Premium 3.0.6.1469 CU3 Feb 24th
Avast Free 17.1.2286
CryptoPrevent 8.0 Premium
Tweaking.com Registry Backup 3.5.3
Casper 10 Backup -
Any reason why I am not allowed to modify my forum profile? At the moment I've got 85 posts to my name, 86 with this one I guess........
-
6 minutes ago, Norwian said:
Forgot to say that after clearing the cache restart your browser.
That worked for me.
That was silly of me not to remember to clean the cache - however, still get "This site cannot be reached". I'm not overly worried about it at the moment, I'm not in the habit of browsing potentially dodgy sites - I'm sure it'll get resolved soon.
-
18 minutes ago, Norwian said:
With Firefox 51.0.1 (64-bit) Edge and IE http://iptest.malwarebytes.org/ is blocked correctly.
Delete your browser cache and try again.
Forgot to say that my post related to Chrome and Windows 7 - thanks, I'll try clearing the cache when I'm next back on the PC.
UPDATE - cleared the cache and still get "This site cannot be reached"
-
On 2/24/2017 at 5:16 PM, Jekko said:
@Acrobaze - That was my mistake! Previously in MBAM 2.x we protected the desktop shortcut for malwarebytes. Another way to test if self-protection is working is, while it's turned on, to create a new folder in the Malwarebytes Program Files directory. C:\Program Files\Malwarebytes\Anti-Malware
@TempLost - Thank you for your response! I'll look into the 2 sets of logs you've sent, but if you have any clear instructions on program compatibility or conflict please don't hesitate to respond. You originally opened this thread for Web Protection issues so we can continue the conversation here.
18 hours ago, Jekko said:Thanks TempLost!
I'll look into that more in the future
.
Hi Jekko,
I took the route of installing mb3-setup-consumer-3.0.6.1469 CU3 Feb24 over the top of my current installation and everything is running well at the moment even after several reboots. No error messages or problems with not being able to modify settings. I haven't increased the protection level of CryptoPrevent Premium 8.0 above Minimal Plan level for the moment but I will try that after a few days if I get no other problems. If I have more relevant information, problems or or queries, I'll raise them in a new thread with a link back to this one if I think it is still relevant.
Thanks again for your help.
-
25 minutes ago, Acrobaze said:
I've updated to mb3-setup-consumer-3.0.6.1469 CU3 Feb24 and if I click on the link in your post, nothing happens. If I right-click, and select "Open link in new tab", then I get the page below:-
-
1 hour ago, Jekko said:
Thanks TempLost!
I'll look into that more in the future
.
Thanks, Jekko
-
4 hours ago, Jekko said:
Do you have CryptoPrevent 8.0 Free or Premium?
I have CryptoPrevent Premium
-
37 minutes ago, Jekko said:
@Acrobaze - That was my mistake! Previously in MBAM 2.x we protected the desktop shortcut for malwarebytes. Another way to test if self-protection is working is, while it's turned on, to create a new folder in the Malwarebytes Program Files directory. C:\Program Files\Malwarebytes\Anti-Malware
@TempLost - Thank you for your response! I'll look into the 2 sets of logs you've sent, but if you have any clear instructions on program compatibility or conflict please don't hesitate to respond. You originally opened this thread for Web Protection issues so we can continue the conversation here.
Thanks, Jekko, MB seems to be behaving itself when I have CryptoPrevent 8.0 set to Minimal Plan but is not stable when I boost protection to the Default Plan - I just tried that again and had problems. Unless things go wrong again, I will probably leave things as they are until the next full release of Malwarebytes 3.0 is issued and the dust settles, thenn try to raise the level of my CryptoPrevent protection again and see what transpires. If I have any more problems, I'll be back. Thanks again.........
-
Any reason why I can't modify my profile, add an avatar & signature etc? - I've 77 posts at the moment (78 with this, I guess)
-
2 hours ago, Acrobaze said:
Hi @TempLost,
I was in the same case as you and after launching the .bat file, chameleon is visible now and the protection button has become active again.
But since I had renamed the desktop icon, I can not test the auto-protection easily anymore. Have you done it?When you say auto protection, do you mean Self Protection? If so, I can open MB from the System Tray icon and now easily turn Self Protection OFF and ON'
-
Hi Kekko,
Well, that's interesting - with CryptoPrevent 8.0 set to minimal plan, Malwarebytes opened up normally - no protection turned off and I was also able to toggle Self Protection modes. It's dangerous to make assumptions (Post hoc ergo propter hoc (after this, therefore because of this)) but it seems possible that the policies set by CryptoPrevent may cause problems for MalwareBytes, although I have run the two together before with no discernible problems. I'll see how it goes for a couple of days and, if no more problems occur, I'll raise a support ticket with FoolishIT about CP and see if they have any suggestions.
I've turned off the Enhanced Event Log- let me know if you want me to change that - I attach another log just to see if you can see what effect the changing of CryptoPrevent's policies might have had, if any.
Thanks again for your support, Jekko.
-
Hi Jekko,
I spoke a little too soon - i shut down the PC and went out for an hour. On returning, I fired it up and when MB loaded, it reported that Ransomware Protection was switched off. I tried to switch it back on, but to no avail. I quit MB from the system tray icon and tried to restart it from the desktop shortcut, but got a "cannot connect to service" error. Tried again - same thing. Restarted the PC and MB loaded but with an error message about protection being turned off- this time both Web and Ransomware were turned of. I could re-enable Ransomware protection this time but not Web!
I attach the latest log file - I still have Enhanced Event Log Data turned on - should I turn that off?
The only change I have made since your fix worked is to change CryptoPrevent back from Minimal Protection to Default (where everything was running fine before). I'm going to drop that protection back to Minimal settings, reboot the PC and see if that makes any difference - will re-post then.
-
8 hours ago, Jekko said:
I've modified the batch script I sent earlier. Based on the logs you sent with Event Logging on, we think this may solve your issue. Please run this file as admin again, and let us know how the results are.
Do not worry about uninstalling Avast or CryptoPrevent yet.
Excellent, Jekko, that seems to have done the trick!!! MBAMChameleon.sys is in its rightful place and I can toggle the Self Protection modules now. For my own interest, what was the problem and what did the .bat file do?
Nice to be able to work with committed technical staff to work through problems together to a successful conclusion. Well done Malwarebytes!
-
22 minutes ago, Jekko said:
Thanks for the logs @TempLost. Unfortunately nothing clear has been found from procmon. We did see there were accesses by aswidagenta.exe which is Avast Identity Protection software. Could you try disabling Avast temporarily and running the batch script I gave you to see if self-protection can be enabled?
Also, can I ask you to enable Event Log Data in MBAM's Application settings? This will give more advanced logging to the MBAMSERVICE.log file.
Please try those steps and attach your mbamservice.log file afterwards.
I disabled Avast's Shields and enabled Event Log Data, then ran the .bat file. When MB app resurfaced, I was still unable to change the Self Protection settings which were displayed as in attached image. I attach the MBAM service log files again.
I'm off to bed shortly, if you think it's worth a try tomorrow, I'm quite happy to uninstall both Avast and CryptoPrevent (about all I'm running that I could conceive might be interfering with the successful running of Malwarebytes 3.0) and try an uninstall and reinstall of MB if you could advise me on the best way I could ensure I've got rid of all traces of earlier Malwarebytes software. This problem has only surfaced recently - I have had MB 3.0 installed and been able to change Self Protection settings but couldn't tell you exactly when and with which version. Also, I don't have Restore Points going back a long way because I turned off System Restore (and then back on) recently to clear the bloated files in the System Volume Information Folder. I do have 2 recent full system clones on two USB drives, so have a couple of good backups. But I'd rather resolve the problem on the system as is.
Thanks again for your help.
-
22 minutes ago, Jekko said:
Here is the process to get logs from ProcessMonitor:
- Run procmon.exe.
- Agree to the License Agreement.
-
Process Monitor will open and being collecting events from your computer.
-
Follow the other steps I've outlined earlier regarding SP_Replace.bat:
- Run SP_Replace.bat as Administrator.
- Wait for MBAM's UI to open.
- Turn on/off self-protection in MBAM's Protection Settings.
-
Click on the save icon.
-
Look at the path for Logfile.PML.
- Click OK.
- Zip and Attach Logfile.PML back here on the forums.
If the file is too big, I can provide a box.com folder for you to upload to. Please let me know if you have any questions.
Looks as if it should JUST fit in the the upload limit - reported size of file 29.2 MB vs 29.3 MB limit !!! Uploading as I write this, I hope - unfortunately, the Self Protection buttons were unresponsive, so I don't know if the log will tell you anything?
-
.
Web protection not working - 3.06 new beta update
in Malwarebytes for Windows Support Forum
Posted · Edited by TempLost
Jekko - I see the same as the image above ERR_NAME_NOT_RESOLVED