Problem just started. I hope it's just a running process conflict or perhaps a bad registry key...
On the computer in question, I run a MalwareBytes Quick Scan every few days to complement the free resident AV software I have running. Last run was a few days ago, and completed without problem (and detection free).
On repeated Quick Scans (all scan types checked) today, mbam locks-up when almost complete in the "additional items" scan. Looking via task manager, CPU goes to 100% for the mbam process and stays that way until I terminate the application (have waited 15 minutes). Disk I/O for that process stops as well at that point. Note: through that point it reports 0 (zero) detections. Log doesn't get generated.
This machine has 2 administrator accounts - one that's mine, and one that my wife used to use. The lock-up occurs on mine. On a whim, I tried it on the other account, and it runs successfully to completion. Looking at the timing of the failed scan and the successful one, the lock-up is coming very close to the time of completion of the successful one on the other account.
Note: on the account with the scan that completes shows the PUM.Disabled.SecurityCenter notification about the Windows firewall being disabled (as expected, ZoneAlarm is sub); this happens very close to completion. On the account where it locks up, it doesn't get to this point, but I think it gets close based on time.
If I disable "Scan additional items against heuristics", the scan completes without problem. No surprise, as that's the segment of the scan that's failing.
AVG-Free resident with up-to-date database
ZoneAlarm software firewall resident
MBAM 188.8.131.520 - update database before runs
Things I've Tried to Get it To Run
All failed except the very first (although it was not the first thing I tried)
- Run on another admin account - success: see above
- Disabled resident anti-virus and firewall during run
- Turned off "advanced heuristics engine"
- Tried with Chameleon - locks up after the same amount of time with high CPU as with reg scan.
- Ran mbam in safe mode (my account)
- Chkdsk (no errors found)
- Uninstall mbam, run mbam-clean, reboot, reinstall mbam. NOTE: Ran scan with the definitions (about 40 days old) that came with the fresh install; same failure. Updated database, re-scanned; same failure
Well, I guess I'm paranoid when a good piece of anti-malware locks up, so I ran a few other scans. All were completely clean:
- AVG full scan
- Trend Micro online quick "cloud" scan
- Panda online quick scan
- MS SafetyScanner quick scan
AVG intercepted an inbound spam email that came in today a about an hour before I ran mbam. It noted an HTML attachment named Efax_Corporate, with a detection of "HTML/Framer". AVG deleted the attachment long before I knew it was there, so I never opened that attachment (nor would I have). As I read HTML/Framer details, because I didn't open the attachment and thus didn't follow it's redirection to a Web site, it's not an issue for me. Google search of that file name shows a couple of blog posts about it in the past 20 hours or so.
So.... I'd really welcome expert insight here. Thanks very much in advance.