Boss281 Posted March 7, 2017 ID:1106996 Share Posted March 7, 2017 My main MS Word editing machine is an older Dell laptop (XPS L702X) running Windows 7--Dell informs me it can NOT be upgraded to Windows 10 due to not being supported via drivers, etc. Of course I found this after giving Windows 10 a try last summer, and after finding the fan ran continuously, backed out and reverted to Windows 7 again. I've been using the free version of Malwarebytes for ages on 5 household machines which consist of two Windows 10 Dell and Acer laptops (all purchased within the last 6 months), an older Toshiba laptop running Windows 8.1 and a Dell XPS desktop system about 3 years old running Windows 10, plus this errant machine. When MWB 3 came out, I was impressed by how well it worked on two of the Windows machines and decided to purchase licenses for the full versions: I now have a 5 license paid version of Malwarebytes 3.x. This new version is installed on the Windows 10 desktop (runs flawlessly), the new Dell Windows 10 laptop (runs flawlessly) and this problematic older Dell laptop running Windows 7. Each scan I run, either the default or a custom including root kits and limited to the C drive, will hang between 30k and 65k files scanned. It just stops and will spin endlessly on some random file. Sometimes but not always, memory will get jammed when it hangs and it becomes very difficult to close an open browser that's been sitting idle and reboot the machine. Attached are the required files. Hope this information is helpful. I may have to revert to the Malwarebytes 2.x version. Will my new license work with that version? JW_MBAM_LOGS.zip MB-CheckResult.txt Addition.txt FRST.txt Link to post Share on other sites More sharing options...
Super Dave Posted March 7, 2017 ID:1106999 Share Posted March 7, 2017 I'd run ver 2 on the win 7 machine and yes your license will work. Get it here https://downloads.malwarebytes.com/file/mbam_2x Link to post Share on other sites More sharing options...
dcollins Posted March 7, 2017 ID:1107001 Share Posted March 7, 2017 It looks like MBAM is crashing in the background. Can you please follow the instructions below to grab a crash dump for us please? Close Malwarebytes by right clicking the icon in the System Tray and choosing Quit Malwarebytes Download the attached ProcDump.zip file Place procdump.zip in C:\ Right click on procdump.zip and then choose properties In the window that pops up, click the unblock button near the bottom and then click ok Extract procdump.zip. Check that the extracted files are in the directory "C:\Procdump" Right click "mbamservice_procdump.bat" and select Run as administrator. If you did the steps correctly you will see the following: Open Malwarebytes again Run a threat scan with MBAM 3.0. When MBAMSERVICE.exe crashes it should close that command window and generate a memory dump file in "C:\Procdump". Please upload that crash dump. Note that the dump file may be too large to upload here, if it is, please upload the file to wetransfer.com and send the file to dcollins@malwarebytes.com procdump.zip Link to post Share on other sites More sharing options...
Boss281 Posted March 8, 2017 Author ID:1107025 Share Posted March 8, 2017 I will get you the dump file in the morning. If all else fails to resolve it, I can revert to version 2... Link to post Share on other sites More sharing options...
Boss281 Posted March 8, 2017 Author ID:1107129 Share Posted March 8, 2017 Deven: Here's the file. MBAMService.exe_170308_121250.dmp Link to post Share on other sites More sharing options...
Boss281 Posted March 9, 2017 Author ID:1107261 Share Posted March 9, 2017 On 3/7/2017 at 5:14 PM, dcollins said: It looks like MBAM is crashing in the background. Can you please follow the instructions below to grab a crash dump for us please? Close Malwarebytes by right clicking the icon in the System Tray and choosing Quit Malwarebytes Download the attached ProcDump.zip file Place procdump.zip in C:\ Right click on procdump.zip and then choose properties In the window that pops up, click the unblock button near the bottom and then click ok Extract procdump.zip. Check that the extracted files are in the directory "C:\Procdump" Right click "mbamservice_procdump.bat" and select Run as administrator. If you did the steps correctly you will see the following: Open Malwarebytes again Run a threat scan with MBAM 3.0. When MBAMSERVICE.exe crashes it should close that command window and generate a memory dump file in "C:\Procdump". Please upload that crash dump. Note that the dump file may be too large to upload here, if it is, please upload the file to wetransfer.com and send the file to dcollins@malwarebytes.com procdump.zip Deven, see end of thread, I've posted the file you requested. Link to post Share on other sites More sharing options...
Firefox Posted March 9, 2017 ID:1107275 Share Posted March 9, 2017 @dcollins will check in when he is available and check your logs... Thanks for understanding Link to post Share on other sites More sharing options...
dcollins Posted March 9, 2017 ID:1107285 Share Posted March 9, 2017 Thanks for the crash dump @Boss281, I'm still researching the crash dump for more information. While I'm doing that, are you able to grab one more set of logs for me? The following instructions will show you how to get what we need. Open Malwarebytes and navigate to the Settings pane On the Application tab, scroll down and turn on the Event Log Data option Start a threat scan Wait for the scan to hang up again (if you're unsure, 10 minutes is probably a good estimate) Navigate to C:\ProgramData\Malwarebytes\MBAMService Right click the Logs folder and choose Send to... -> Compressed (Zipped) folder This should create a zip file on your desktop named logs.zip Upload the created zip file here This is similar to the logs you provided in your first post, but with the Event Log Data which will give us quite a bit more information about what's happening. Once done, you can restart your computer, and turn the Event Log Data option off so your logs don't get too large. Link to post Share on other sites More sharing options...
Boss281 Posted March 9, 2017 Author ID:1107339 Share Posted March 9, 2017 3 hours ago, dcollins said: Thanks for the crash dump @Boss281, I'm still researching the crash dump for more information. While I'm doing that, are you able to grab one more set of logs for me? The following instructions will show you how to get what we need. Open Malwarebytes and navigate to the Settings pane On the Application tab, scroll down and turn on the Event Log Data option Start a threat scan Wait for the scan to hang up again (if you're unsure, 10 minutes is probably a good estimate) Navigate to C:\ProgramData\Malwarebytes\MBAMService Right click the Logs folder and choose Send to... -> Compressed (Zipped) folder This should create a zip file on your desktop named logs.zip Upload the created zip file here This is similar to the logs you provided in your first post, but with the Event Log Data which will give us quite a bit more information about what's happening. Once done, you can restart your computer, and turn the Event Log Data option off so your logs don't get too large. Here you go... logs.zip Link to post Share on other sites More sharing options...
Boss281 Posted March 15, 2017 Author ID:1108769 Share Posted March 15, 2017 On 3/9/2017 at 10:30 AM, dcollins said: Thanks for the crash dump @Boss281, I'm still researching the crash dump for more information. While I'm doing that, are you able to grab one more set of logs for me? The following instructions will show you how to get what we need. Open Malwarebytes and navigate to the Settings pane On the Application tab, scroll down and turn on the Event Log Data option Start a threat scan Wait for the scan to hang up again (if you're unsure, 10 minutes is probably a good estimate) Navigate to C:\ProgramData\Malwarebytes\MBAMService Right click the Logs folder and choose Send to... -> Compressed (Zipped) folder This should create a zip file on your desktop named logs.zip Upload the created zip file here This is similar to the logs you provided in your first post, but with the Event Log Data which will give us quite a bit more information about what's happening. Once done, you can restart your computer, and turn the Event Log Data option off so your logs don't get too large. David, I haven't heard back from you for a long time. Is this Windows 7 problem still being researched? Link to post Share on other sites More sharing options...
dcollins Posted March 15, 2017 ID:1108868 Share Posted March 15, 2017 We believe we have figured out the cause, and are now working on a possible solution. You can try turn off anti-ransomware protection under Settings -> Protection, but I'm not sure if that will allow your scans to finish Link to post Share on other sites More sharing options...
Boss281 Posted March 15, 2017 Author ID:1108911 Share Posted March 15, 2017 2 hours ago, dcollins said: We believe we have figured out the cause, and are now working on a possible solution. You can try turn off anti-ransomware protection under Settings -> Protection, but I'm not sure if that will allow your scans to finish Devin, actually it did work! The scan completed after 11 minutes on 400k files. That said, the secondary issue of slowing the system down a bit (memory leak in Win7 perhaps) seems to be there, so I'm rebooting and will just run it once a week then close down until you have a fix. Thanks! Link to post Share on other sites More sharing options...
Boss281 Posted March 16, 2017 Author ID:1109096 Share Posted March 16, 2017 Actually, I'm uninstalling my licensed copy of MWB 3.x from this Windows 7 machine and reinstalling the 2.x version. While I can successfully scan by turning off the anti-ransomeware function, it still locks up the system now and then or at least slows it down to a painful level. Keep me posted on a fix I can test. Link to post Share on other sites More sharing options...
Boss281 Posted March 17, 2017 Author ID:1109356 Share Posted March 17, 2017 MWB 2.x runs flawlessly on my Win7 machine, and accepted my license number that I purchased for my other home computers running WIn10. It's trying to get me to upgrade to MWB 3, but I'm ignoring that until I hear back from you all... Link to post Share on other sites More sharing options...
Porthos Posted March 17, 2017 ID:1109377 Share Posted March 17, 2017 1 hour ago, Boss281 said: It's trying to get me to upgrade to MWB 3, but I'm ignoring that until I hear back from you all... You can turn off the upgrade notices . See this post. Link to post Share on other sites More sharing options...
Boss281 Posted March 17, 2017 Author ID:1109382 Share Posted March 17, 2017 Thanks, I'll see if that works. Done. Link to post Share on other sites More sharing options...
arbrich Posted March 27, 2017 ID:1112603 Share Posted March 27, 2017 Having same issue here consistently with Windows 7 and Symantec Endpoint Protection 14. Cannot quit Malware or end the process (says I do not have permission). Any update on a fix for this hanging ?? Thanks Link to post Share on other sites More sharing options...
Firefox Posted March 27, 2017 ID:1112604 Share Posted March 27, 2017 2 minutes ago, arbrich said: Having same issue here consistently with Windows 7 and Symantec Endpoint Protection 14. Cannot quit Malware or end the process (says I do not have permission). Any update on a fix for this hanging ?? Thanks I have Symantec Endpoint Protection 12 and have no issues, have not used 14 yet.... have you tried added exceptions? I would like you to add these files to your Anti-Virus exclusions list C:\Program Files\Malwarebytes\Anti-Malware\assistant.exe C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe C:\Program Files\Malwarebytes\Anti-Malware\MbamPt.exe C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe I also suggest adding these to the exclusion list in your Antivirus software. C:\Windows\System32\drivers\mbae64.sys C:\Windows\System32\drivers\mbam.sys C:\Windows\System32\drivers\MBAMChameleon.sys C:\Windows\System32\drivers\MBAMSwissArmy.sys C:\Windows\System32\drivers\mwac.sys C:\Windows\system32\Drivers\farflt.sys Link to post Share on other sites More sharing options...
arbrich Posted March 27, 2017 ID:1112638 Share Posted March 27, 2017 I just added all those exceptions. The strange thing is it runs for a couple days without issue then just seems to lock up and only a reboot can get MBAM "unlocked" Would like to know what they found and what the planned fix is that dcollins was eluding to above. Link to post Share on other sites More sharing options...
Boss281 Posted March 27, 2017 Author ID:1112640 Share Posted March 27, 2017 An earlier post indicated there were suspicions on what the issues were for both the scanner getting stuck on files and hanging, and also the eventual slow down if not lock up of a Win 7 system. Any news that can be shared? Link to post Share on other sites More sharing options...
dcollins Posted March 28, 2017 ID:1112851 Share Posted March 28, 2017 15 hours ago, Boss281 said: An earlier post indicated there were suspicions on what the issues were for both the scanner getting stuck on files and hanging, and also the eventual slow down if not lock up of a Win 7 system. Any news that can be shared? The issue was that MBAM was crashing while scanning. This should be resolved in our new CU4 beta which is available here: Link to post Share on other sites More sharing options...
arbrich Posted April 4, 2017 ID:1114885 Share Posted April 4, 2017 OK, So I have been testing the BETA since last week and so far so good on the Windows 7 machine. IT has not crashed again since and was doing so every time it auto scanned. When will this be released so I can install on our other affected machines or should I go ahead and install the BETA on them ? Also will there be an easy "in APP" upgrade for this (ie.. clicking the "Install Application updates" button) or better yet auto update ? Let us know. Thanks Link to post Share on other sites More sharing options...
dcollins Posted April 4, 2017 ID:1114886 Share Posted April 4, 2017 The full release for Component Update 1.0.96 came out on March 29, you can find the download link here: Link to post Share on other sites More sharing options...
arbrich Posted April 8, 2017 ID:1115832 Share Posted April 8, 2017 OK, I updated to this version on my Windows 10 machine and now Chrome and Firefox have stopped working and will only work if I turn Anti-Exploit protection OFF or quit Malwarebytes.. What is going on ?? Link to post Share on other sites More sharing options...
arbrich Posted April 8, 2017 ID:1115841 Share Posted April 8, 2017 Also Adobe Reader has stopped working. If I turn OFF Exploit protection for Chrome, Firefox, and Adobe Reader they start to work again. Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now