search

keybase / client

Keybase Go Library, Client, Service, OS X, iOS, Android, Electron
BSD 3-Clause "New" or "Revised" License
8.9k stars 1.23k forks source link

Win10 client hangs on "loading..." even after reinstall #6959

Open kienankb opened 7 years ago

kienankb commented 7 years ago

Launching Keybase brings up the GUI window but it never moves past "loading...". Sometimes status tray window displays "logged-in" interface, other times it doesn't; KBFS is inaccessible and unusuable. Error reported is that keybased.sock doesn't exist (and it doesn't); system PATH and environment variables don't seem to be different from a working Win10 installation in a way that would break Keybase. Log report ID: 10e8828c05267710cdc5191c

quonic commented 7 years ago

Also I am experiencing this issue on Windows 10. Log report ID: b1c7a973c546f07d8a9bdf1c

maxtaco commented 7 years ago

CC @zanderz

@quonic seesms like you have permissions problems:

24 2017-05-11T22:26:54.863037-05:00 - [DEBU keybase util.go:183] 018 | Temporary file generated: C:\Users\spyin\AppData\Local\Keybase\keybased.info.GAIGVMATIOJ2CKJJUGFW7FOB3DNQ3FGA
25 2017-05-11T22:26:54.864038-05:00 - [ERRO keybase standard.go:230] 019 Error renaming file C:\Users\spyin\AppData\Local\Keybase\keybased.info.GAIGVMATIOJ2CKJJUGFW7FOB3DNQ3FGA: rename C:\Users\spyin\AppData\Local\Keybase\keybased.info.GAIGVMATIOJ2CKJJUGFW7F
vb4life commented 7 years ago

I also have this issue. log ID: 93f5a61e3bb63eff4a6a1f1c

Also, these errors appeared when submitting the logs:

edit: It is because of BitDefender that detects runquiet.exe as a Trojan...

On-Access scanning has detected a threat. The file has been deleted.C:\Users\magan\AppData\Local\Keybase\runquiet.exe is malware of type Gen:Trojan.Heur.JP.WX2@aWdsoIni

quonic commented 7 years ago

@maxtaco That folder is set for full control for my user account that this is running under.

I've tried uninstalling, removing the Keybase folders, and reinstalling, but that hasn't change anything.

From what Procmon is saying is that ReplaceIfExists call get's the Access Denied.

9:54:19.3680046 AM  keybase.exe 29844   CreateFile  C:\Users\spyin\AppData\Local\Keybase\keybased.info.AFQHGQ7XKVPSQEYIJI3CHFL2ZGRPAVB6 SUCCESS Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Created
9:54:19.3682678 AM  keybase.exe 29844   WriteFile   C:\Users\spyin\AppData\Local\Keybase\keybase.service.log    SUCCESS Offset: -1, Length: 178
9:54:19.3682920 AM  keybase.exe 29844   WriteFile   C:\Users\spyin\AppData\Local\Keybase\keybased.info.AFQHGQ7XKVPSQEYIJI3CHFL2ZGRPAVB6 SUCCESS Offset: 0, Length: 64, Priority: Normal
9:54:19.3683382 AM  keybase.exe 29844   CloseFile   C:\Users\spyin\AppData\Local\Keybase\keybased.info.AFQHGQ7XKVPSQEYIJI3CHFL2ZGRPAVB6 SUCCESS 
9:54:19.3684118 AM  keybase.exe 29844   WriteFile   C:\Users\spyin\AppData\Local\Keybase\keybased.info.AFQHGQ7XKVPSQEYIJI3CHFL2ZGRPAVB6 SUCCESS Offset: 0, Length: 4,096, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Normal
9:54:19.3686826 AM  keybase.exe 29844   CreateFile  C:\Users\spyin\AppData\Local\Keybase\keybased.info.AFQHGQ7XKVPSQEYIJI3CHFL2ZGRPAVB6 SUCCESS Desired Access: Read Attributes, Delete, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
9:54:19.3687511 AM  keybase.exe 29844   QueryAttributeTagFile   C:\Users\spyin\AppData\Local\Keybase\keybased.info.AFQHGQ7XKVPSQEYIJI3CHFL2ZGRPAVB6 SUCCESS Attributes: A, ReparseTag: 0x0
9:54:19.3687717 AM  keybase.exe 29844   QueryBasicInformationFile   C:\Users\spyin\AppData\Local\Keybase\keybased.info.AFQHGQ7XKVPSQEYIJI3CHFL2ZGRPAVB6 SUCCESS CreationTime: 5/12/2017 9:54:19 AM, LastAccessTime: 5/12/2017 9:54:19 AM, LastWriteTime: 5/12/2017 9:54:19 AM, ChangeTime: 5/12/2017 9:54:19 AM, FileAttributes: A
9:54:19.3688662 AM  keybase.exe 29844   CreateFile  C:\Users\spyin\AppData\Local\Keybase    SUCCESS Desired Access: Write Data/Add File, Synchronize, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
9:54:19.3690760 AM  keybase.exe 29844   SetRenameInformationFile    C:\Users\spyin\AppData\Local\Keybase\keybased.info.AFQHGQ7XKVPSQEYIJI3CHFL2ZGRPAVB6 ACCESS DENIED   ReplaceIfExists: True, FileName: C:\Users\spyin\AppData\Local\Keybase\keybased.info
9:54:19.3692812 AM  keybase.exe 29844   CreateFile  C:\Users\spyin\AppData\Local\Keybase\keybased.info  SUCCESS Desired Access: Generic Read, Disposition: Open, Options: Non-Directory File, Attributes: n/a, ShareMode: None, AllocationSize: n/a, OpenResult: Opened
9:54:19.3693326 AM  keybase.exe 29844   QueryFileInternalInformationFile    C:\Users\spyin\AppData\Local\Keybase\keybased.info  SUCCESS IndexNumber: 0x214000000017627
9:54:19.3693476 AM  keybase.exe 29844   CloseFile   C:\Users\spyin\AppData\Local\Keybase\keybased.info  SUCCESS 
9:54:19.3694195 AM  keybase.exe 29844   CloseFile   C:\Users\spyin\AppData\Local\Keybase    SUCCESS 
9:54:19.3694612 AM  keybase.exe 29844   CloseFile   C:\Users\spyin\AppData\Local\Keybase\keybased.info.AFQHGQ7XKVPSQEYIJI3CHFL2ZGRPAVB6 SUCCESS
maxtaco commented 7 years ago

cc: @zanderz for the follow up. Might be an issue of virus protection

zanderz commented 7 years ago

@quonic We've seen this kind of thing when an AV is monitoring file access, though I'd have expected it would show up in ProcMon. Do you have one?

quonic commented 7 years ago

@zanderz MalwareBytes doesn't appear do be doing anything other than opening the Keybase folder and closing it, but doesn't seem to touch the files. I've also excluded the Keybase folders in MB and that hasn't changed anything.

zanderz commented 7 years ago

@kienankb Your logs show that everything installed, but for some reason the services are not running. Can you check that:

zanderz commented 7 years ago

@quonic An AV could, in theory, still cause a delay during file access while it checks its whitelist. Is it possible to disable it completely for a brief test?

quonic commented 7 years ago

@zanderz I've turned off MB's protections, but that didn't change anything that I can tell. Excluding the keybase folder from MB, Procmon doesn't show MB doing anything with Keybase.

kienankb commented 7 years ago

@zanderz I did mess around with the startup settings a bit and Keybase started on boot and seems to be working! Thanks so much for the help.

zanderz commented 7 years ago

Good news, @kienankb , thanks. Are there particular settings that helped? Maybe they could help someone else.

zanderz commented 7 years ago

@vb4life We have renamed runquiet.exe to keybaserq.exe and have been submitting it to AV vendors as a false positive, but there is little else we can do except urge our users to do the same with their AV vendors. Hopefully you can add an exception for our utilities.

kienankb commented 7 years ago

@zanderz Turns out I'd disabled Keybase in Task Manager's startup tab. Re-enabling both entries for Keybase fixed the issue.

vb4life commented 7 years ago

@zanderz it works if i keybase ctl watchdog or keybase ctl watchdog2 from the Keybase Shell, so I'll manage for now. It works from my home computer, since I don't use BitDefender there.

pointydev commented 7 years ago

Keybase is enabled in Task Manager, both files are present in Startup folder, %localappdata%\Keybase is whitelisted in MBAM, keybase ctl watchdog(2) both fail, KBFS isn't present as a drive, GUI won't load, gives a connectivity error, clean reinstall still didn't help. Help anyone? @zanderz

Log ID: 010c9e5056e5cb8881676a1c

QuibblingAsh42 commented 7 years ago

Seems to be working for me now, but can't tell you why. Had the stuck on loading screen issue after first install. Rebooted, still no love, so I reinstalled. I checked Task Manager and didn't see it in the Startup tab, so I checked %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup and there were two lnks: GUISTartup and KeybaseStartup. I double-clicked the GUIStartup option and the app popped right up with a login screen. Logged in, and it's been working since including after a reboot.

Neither option is showing up in the Startup tab in Task Manager, though.

starkythefox commented 7 years ago

@QuibblingAsh42 On my end they are called "Keybase quiet start utility" on the Start Up tab. Moving the GUIStartup and KeybaseStarup links outside then inside the folder makes them disappear and reappear after a few secs. Also in my case, the first entry is for the GUI (which I disabled) and the second one is for the service (which I enabled).

vb4life commented 7 years ago

@zanderz it seems that most AV vendors have whitelisted the file now. https://www.virustotal.com/en/file/1bf95ea81e25ee011d275ec1188bb6f6af5c01bcc4dc326244fe2cd2e90333d2/analysis/1494943091/

I reinstalled, and everything is golden :)