Jump to content
havok2

Win 10 Fall Creators Update trouble

Recommended Posts

Hello,

after I installed the latest Updates (30 & 31th Oct) from MS and also the Fall Creators Update (1th Nov) I had to boot my machines in safe mode to disable Anti-Ransomware-Beta in services. Otherwise my machines slow down some seconds after the computer booted into Windows Desktop. It looks like AR Beta 9 has a problem to load and causes the computer to slow down that it looks like a freeze - I opened the taskmanager and it opens 10 minitues after I clicked on it. Have the problem on every computer I tried. Can I do something to report some additional informations that may help you?

Share this post


Link to post
Share on other sites

Greetings, @havok2 - welcome to the forum.

This is not something we have seen in testing.  I'd like to collect some information from the system to help us assess the issue.

 

 Please provide the log file created by our arwlogs tool.

 

Next, we need to gather additional information to assist with our analysis. arwlogs.exe is an information gathering tool that neither installs nor does it make system/registry hive changes.

  1. Download the trusted, Malwarebytes authored arwlogs.exe utility/tool and save only to a system Administrator's desktop of the system in question.
  2. Single right-click the j1Bynr2.png&key=c55e643d4ec26aa771880d2d  arwlogs.exe icon and select RunAsAdmin.jpg  Run as administrator from the Windows context menu.
  3. If a Windows User Account Control (UAC) alert/prompt for arwlogs.exe appears, select the "Yes" button to continue.
  4. If a Windows SmartScreen warning alert/prompt for arwlogs.exe appears, select "More info" then select the "Run anyway" button to continue.
  5. A Command window will appear and its contents may be mostly ignored.
  6. When "Press any key to continue . . . " appears at the bottom of the Command window, type any Enter key to close the window.
  7. A zipped archive HSPwQfy.png&key=8bea481e1c29518a4e1e2ca3 (yyyy-mm-dd-{COMPUTERNAME}.zip) should have been generated to the system Administrator's desktop.
  8. Attach the above-zipped archive to your next reply in this topic.
  9. Delete j1Bynr2.png&key=c55e643d4ec26aa771880d2d  arwlogs.exe from the Administrator desktop.

 

Create and obtain Farbar Recovery Scan Tool (FRST) logs

  1. Download FRST and save it to your desktop
    Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit
  2. Double-click to run FRST and when the tool opens click "Yes" to the disclaimer
  3. Press the "Scan" button
  4. This will product two files in the same location (directory) as FRST: FRST.txt and Addition.txt

Please attach those files in reply.

 

As a workaround you may try to change the service startup type for MB3Service

Press the Windows key +R and in the Run box, type services.msc and press Enter or click OK.

In the Services dialog which opens, scroll to "Malwarebytes Anti-Ransomware Service" and double click on it.

In the "Startup type:" field, change via the drop down menu to "Automatic (Delayed Start)" and click OK.

Reboot to test the change.

 

 

Share this post


Link to post
Share on other sites

Hi @havok2 - 

Did you try changing the startup type of the MB3Service to Automatic (Delayed Start) ?

Also, FRST should have created a second log file, Addition.txt but I don't see that attached. Can you send that file as well please? It should be on your desktop

Edited by tetonbob

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.