Jump to content

dcollins

Staff
  • Posts

    5,015
  • Joined

Everything posted by dcollins

  1. Yep, you can download it here: http://malwarebytes.com/ios
  2. Just to clarify, if you disable Avast, the issue also goes away?
  3. Sorry for the delay, wanted to make sure I could download/open the dump before responding. You can delete this now, thanks again!
  4. Sorry, I didn't mean ProcDump, I meant ProcExp (which has a UI) As for your issue, if you can't upload the logs, you can email them to me at dcollins@malwarebytes.com
  5. Can you try rebooting, then turning that option off and back on? This sometimes happens during updates because of how Windows uses those shell extensions. IF that doesn't work, please provide logs using our new Support Tool instead of the older legacy tool you used. Download and launch the Malwarebytes Support Tool Click Advanced Click Gather Logs Upload the mbst-grab-results.zip file from your desktop
  6. After a hard reboot is fine. Support Tool doesn't grab too much "in the moment" stuff. Although if you can pre-load a tool like procdump (in admin mode) and wait for the hang to happen, then try to get a full memory dump of mbamservice, that would be super helpful. Not sure if that will work though depending on how bad the system locked up
  7. For reference, adding exclusions doesn't mask an issue, they help prevent compatibility issues. Sometimes two products being installed together are just incompatible and exclusions are necessary. We did make some pretty big changes to our Web Protection platform with this release that is designed to increase protection, so if I had to guess, that's what's going on. Not saying we can't fix it, but that exclusions might be necessary. That being said, please start by making sure you have the latest version of AVAST installed as they did introduce an issue a few months ago that caused Malwarebytes to deadlock systems. A subsequent update on their side fixed the issue as well. Support Tool logs would definitely help as well, but ideally only after the issue has occurred. It would also help to enable Debug Logs under Settings -> Application.
  8. Hi @Wonko. Windows Server is not a supported operating system, and with some of the changes made in this component update, it could cause some issues like you're seeing here. That being said, can you start by making sure you have all the updates for AVG? We had some issues similar to what you're describing in the past and would like to rule that out.
  9. Thanks. I'm downloading the memory dump, looks like it'll take a little bit to do so but I appreciate it.
  10. x64: ECB760B2391608BA4E0A7987ADA70CCF x86: 12B1CB3720AB5570D960D9DCEA6B7D98 Note that if the hash was wrong, I'm pretty sure most of your protections would fail due to our built-in security checks.
  11. Thanks for working with us on this and showing some patience as we try to figure out what's going on. The latest dump does indeed show you're on the beta, but unfortunately doesn't have quite enough information to fully grasp what's happening. If you wouldn't mind, can you please do the following to get us a bit more information about what's happening? Open Malwarebytes, and go to Settings -> Application. Scroll down a bit and enable the option for Event Log Data This will turn on enhanced logging our internal Malwarebytes logs Download and extract the attached RUNME.zip Right click on RUNME.bat inside the extracted folder and choose Run as Administrator Choose Option 1 and press Enter This will enable driver verifier for our web protection module and turn on a complete memory dump instead of just a kernel memory dump Reboot Turn on Web Protection, and use your computer as normal until it crashes Once it does, please zip up the memory.dmp file again and upload it to wetransfer.com and provide the link Please also provide a new set of Support Tool logs. If you could also let us know what type of stuff you're doing when the crash happens, that would be very helpful. IE: playing a game, browsing the internet, etc Once completed, you can then redo steps 4, 5 and 6, but this time choose Option 2 to change things back to how you had them. I realize this is a lot to ask, and we really do appreciate you sticking through this with us. One of our QA managers should be reaching out to you via email shortly for your diligence in helping. RUNME.zip
  12. I split your post out from the one you originally responded to as that post was over a year and a half old. The issue in question was resolved quite awhile ago. Can you please follow the steps below to gather a set of logs so we can see what's going on? Thanks Download and run Malwarebytes Support Tool. Once the file is downloaded, open your Downloads folder/location of the downloaded file Double-click mb-support-X.X.X.XXXX.exe to run the program You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent. Place a checkmark next to Accept License Agreement and click Next Click Advanced under the Menu Pane. Click the Gather Logs button The Malwarebytes Support Tool gathers Malwarebytes and Farbar Recovery Scan Tool (FRST) logs and saves them to the Desktop. A file named mbst-grab-results.zip will be saved to your Desktop Please attach the file in your next reply.
  13. Thanks, I've let our engineers know and we're researching this now
  14. Yep, definitely looks upgraded. But the memory dump does show that it was still the old driver, so I wonder if it hadn't fully upgraded before the crash happened. Can you try enabling Web Protection, leave it running, and using the support tool again? This should give us the running driver version and verify the latest version is installed now.
  15. You'll want to reach out to our support teams at https://support.malwarebytes.com for help with this task
  16. It looks like that memory dump is actually showing the older version. Can you grab a new set of logs using the Support Tool like you did above so we can make sure the update applied properly?
  17. Download Malwarebytes Support Tool Once the file is downloaded, open your Downloads folder/location of the downloaded file Double-click mb-support-X.X.X.XXXX.exe to run the program You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent. Place a checkmark next to Accept License Agreement and click Next You will be presented with a page stating, "Get Started!" Click the Advanced tab Click the Gather Logs button A progress bar will appear and the program will proceed with getting logs from your computer Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK Please attach the file in your next reply. Before submitting your reply, be sure to enable "Notify me of replies" like so: Please attach the zip file from your desktop in your reply
  18. Ahh I see what you mean now, you mean do we detect a file that has an invalid signature as a threat. The answer is no. This would require keeping a database of known good files with their signature to compare against, which requires signature updating, and is an old way of validating threats. In the example above, anytime HitmanPro released a new binary, we'd have to download it, verify the fingerprint thumbnail, and then keep track of that. Instead we rely on our other algorithms for detection, which already incorporate signature validation, and allow us to detect a lot of these threats without requiring new updates everytime someone releases a new binary
  19. Thanks. I won't be able to research this until tomorrow, but assuming it's from the same driver as last time, you can disable the Web Protection module under Settings -> Protection which should stop the blue screens for the time being.
  20. Do you mean check if the program is signed? If so, yes, it's one of the many pieces of information we use to identify whether or not something is malicious.
  21. Thanks for the update. We've made some slight changes on our end to help offset user issues, but we haven't received any official word from Google yet that this false positive was fixed on their side.
  22. It looks like you followed the instructions Malwarebytes 2.x, but you have Malwarebytes 3.x. You want the instructions in the spoiler in the first post: Download and launch the Malwarebytes Support Tool Do not click Start Repair Click Advanced Click Gather Logs Once the process finishes, it should put a zip file on your desktop named mbst-grab-results.zip. Please upload that zip file in your reply
  23. We are still working with Google on this, but in the meantime, Internet Explorer or Edge will allow you to download properly.
  24. Thanks for that. I believe we have fixed this issue in our beta that was just released. Would you mind trying the following? Install Malwarebytes and deactivate the trial/premium mode (you want to be in free, which should stop the blue screens) Go to Settings -> Application and scroll to the very bottom Turn on the option for Beta Application Updates Scroll back to the top, and wait 5 minutes before clicking Install Application Updates If it says no updates available, wait another 5 minutes and repeat until you get the new update Once the update comes through, activate your product back to Premium and make sure Web Protection turns on (that's the module causing the issue here) Use the computer as normal If the blue screen comes back, please get the memory dump at c:\windows\memory.dmp (we don't need the minidumps). You can also just disable Web Protection under Settings -> Protection so you can stay protected without having to fully remove the product
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.