ITC23
-
Posts
14 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by ITC23
-
-
16 hours ago, LiquidTension said:
Thanks for the update, @ITC23. We've identified the issue and have been working on a fix. We hope to have this available in an upcoming update.
In the meantime, please keep the two folder exclusions for C:\Program Files\Common Files\Apple and C:\Program Files (x86)\Common Files\Apple in place to mitigate the issue.Glad to hear, will do. If it ends up being more problematic still, please advise and I'll try to find the time to collect logs. Thank you again!
-
On 1/16/2020 at 8:23 AM, LiquidTension said:
Hi @ITC23,
Could you try adding folder exclusions for the following and check if this has any impact:- C:\Program Files (x86)\Common Files\Apple
- C:\Program Files\Common Files\Apple
Adding these, along with all of the other previously mentioned exclusions, appears to have resolved the issue. The colored bar at the bottom of iTunes displays each category and its corresponding data amount appropriately, rather than the one singular yellow bar indicating all contents of the device are "other."
-
On 1/10/2020 at 11:12 AM, AdvancedSetup said:
If you add the iTunes program to the exclusions within Malwarebytes does the issue go away @ITC23
It does not.
-
This seems to have resolved the issue with some extensions, however, the iTunes backup and sync issue persists with Ransonware protection still enabled.
-
35 minutes ago, tetonbob said:
Hi @ITC23 - it's the Ransomware Protection component which is causing the issue. From our testing, there is nothing to be done on the side of the extension to resolve the issue, it's on our side.
Thanks for the clarification. This same issue also seems to prevent proper syncing with iTunes and iOS devices for syncing/backups, just to add that to the list of what I have noticed to be impacted.
I can live with turning off Ransomware protection for now. I think.
-
55 minutes ago, BillH99999 said:
I never had this problem with 1.0.770. So it must be something that was added to the beta. Is that correct?
When you say it will be "awhile", how long do you think it might be? Days, weeks, months?
Will the fix you are talking about be added to the beta before it is generally released? If not you might break a lot of people's systems.
Otherwise I guess I'll have to go back to 1.0.770 and not do any updates until the fix is added to MB.
Thanks,
BillThank you very much for the confirmation. Took me a little to figure out what was going on.
Is there a certain aspect of MBAM that's causing this? I'd prefer not to downgrade or totally turn it off, is there any element that can be disabled to prevent this?
Is there anything on the 1Pass or Roboform side that can be done to resolve the issue, or is this exclusively on the MBAM side? Beta is beta, but this has to be impacting a signifant number of users.
Thanks again for the update.
-
Pretty much the same issue with 1Password in any Chromium based browser.
-
I wanted to mention that I had this happen for me as well. I've used O&O software for years, and as far as I understood, they are a reputable company.
Very curious as to what qualifies their programs as being in the PUP category all of a sudden.
-
Hi @ITC23, it's not "C:\Program Files\ASUS Xonar Essence STX Audio\Customapp\AsusAudioCenter.exe" the one you have to kill.
Kill "C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe" instead and try again.
I dont have that on my system. The only Asus software/hardware I have is the soundcard.
I do appreciate the time you've spent on this issue.
-
This issue is still unresolved for me. The only process in the list of possible conflicts I had running was: (CMedia) C:\Program Files\ASUS Xonar Essence STX Audio\Customapp\AsusAudioCenter.exe
Killing that process and then attempting to run Firefox/Tor still generates the exploit blocked pop up.
Stopping protection, then opening the browser, then closing, then starting again seemed to temporarily work. I'm not sure if that's what those steps actually suggested to do, they were vague.
But as soon as I sign out, sign back in, attempt to open either browsers, the exploit blocked alert comes right back.
Again, this does not seem to be impacting any of the 64 bit versions of Firefox.
-
did the logs offer any more information for this?
-
Welcome to the forum and thanks for posting ITC23.
This issue was reported a few hours ago at Wilders and I tried to replicate but was unsuccessful. We will try again in our QA environment to see if we can replicate and identify the problem.
I've done a little more testing and it seems that 32 bit Firefox is impacted as well. The 64 bit beta and the 64 bit nightly seem to be unaffected.
I assume it is some kind of a false positive or odd conflict since it returned so quickly after totally wiping my system. Thanks for the assistance.
-
Hello,
Hopefully this is the proper place to post. I recently have been having issues with Tor being blocked by MBAE. I had the block notifications begin to appear, so I would then delete the Tor install folder, and install the program again. It would then work until I either signed out or restarted. Sometimes it seemed to end up working if I waited a few minutes, or if I can a cleanup utility like Ccleaner or Privazer, but as soon as I restarted/signed out, I would be given the MBAE alert.
I eventually reformatted my system as it had been overdue for a while anyways. Things seemed to be operating as expected for a short time, and then even Firefox began to display MBAE block notifications. I really do not know what is causing this. I have two sets of logs. The first is for the issue when it seemed to be only happening with Tor, the 2nd is for when it started happening for Firefox and Tor.
What is also interesting to note is that the Firefox Nightly developer version seems to not be impacted. I would open up Firefox and Tor and have the block from MBAE, but Nightly operates as expected.
I hope the attached logs have some useful information. Thank you for any assistance.
Malwarebytes Anti-Exploit.rarMalwarebytes Anti-Exploit 2.rar
Slow DNS resolution with potential to completely free system
in Malwarebytes 4.x Beta
Posted
I'm unsure of any DNS issues after the latest update, but I did have the MWAC.sys blue screen a handful of times. It has yet to occur again for a handful of days now, but I do not believe I changed anything manually after it occurred.
Currently on the 1.0.889 component package.