Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by zappozeppo

  1. You are right, I misanderstud suggested syntax inserting URLs, showingmore URLs separated by comma. ZZ
  2. IP addresses aren't a good solution to manage website exclusions, they are hosting provider managed, often covering a pletora of sites not connected eachother. If you want to work correctly you have to depend from DNSs, using pure URLs. The only case I can think about is when you are hosting a site by yourself and your server has a static public IP. The www subdomain is normaly dedicated to a single http site. People there are apparently using subdomains instead of trees of subfolders. The only way I know to indicate them is by jolly characters as you set into firewalls rules (*.domain) The access to portals I spoked about is simply by browser, no dedicated software to allow by rule. Excluding any internet browser from antimalware control is not a very good idea, even if you dedicate a specific one to a specific use. You cannot be sure that users will never use it for other connections and this is very dangerous. Anyway, my question was very simple, and essentially I needed a simple answer: did developers include into Malwarebytes the possibility to insert as web exclusion objects as classes of subdomains, and if yes, by which syntax? Beacuse, if this is possible, any other consideration could be bypassed by a simple, clear statement. Tank you in advance ZZ
  3. The article you refer (I saw it before writinh here) doesn't contain any useful detail to solve my problem. It simply says you can add a WebSite (URL or IP) as exclusion. It doesn't even dedicate words to the possibility of adding more that one URL in the same exclusion line (permitted, if separated by comma) ZZ
  4. Hi, I have a customer using a private educational platform containing hundreds of documents. Documents are often located on different servers (and domains). Malwarebytes is blocking these domain changes making him unable to see the documents he needs. I tried to add secondary URLs to Malwarebytes Web Exclusions but the complete URL is often different, mantaining main domain but changing sub-domains: name1.domain.ext name2.domain.ext name3.name1.domain.ext I tried to insert in the Web Exclusion list something as "*.domain.ext" (refused) or simply "domain.ext" (accepted but not avoiding blocks). Is there a way to simply insert main domain and all possible sub-domains as a single Web Exclusion? Thanks ZZ
  5. Hi, I tried to password protect unmanaged AntiMalware clients. As from product manual page 21, this password protection "restricts access to the Protection, Ignore List and Settings tabs of the user interface" , but: What is the meaning of this protection if the user can simply right-click the tray icon and unckeck main functionalities FILE SYSTEM PROTECTION, WEBSITE BLOCKING, START WITH WINDOWS? Thank you in advance ZZ
  6. It is not acceptable to be tied to a single, not standard browser: this is a major software developement rule for everybody. Malwarebytes cloud has to be compatible FIRST with standard browsers included with operating systems (IE and Edge for Windows clients & servers, Safari for Apple world). Then, if you have time more, you can develop compatibility for optional browsers as Chrome, Firefox, Opera and so on.
  7. Hi, I'm finding problems using pdf modules. I have a PDF module used to send data to a branch of our government (and produced by them). I compile the module (opened in Acrobat Reader) filling requested fields, then I have to push a button inside the module. An XML file is created and the default mail program is asked to generate a new mail, already filled with destination address, subject, text and the XML file as attachement. But Malwarebytes anti-exploit section blocks it (it blocks Acrobat Reader). I can of course disable Acrobat Reader anti-exploit protection in Malwarebytes settings, but this vanishes every other exploit protection related to Acrobat Reader too. I can see exploit blocked in the logs but if I try to add an exploit exception the list showed is empty. I attached here MB log, pdf module and screenshots Thank you in advance ZZ 20170617 - Malwarebytes and Acrobat modules.zip
  8. Malwarebytes OK, now: Updated MWB to version components 1.0.122 package 1.0.1976 Restarted the PC No more protections disabled. Solved, thanks. ZZ
  9. Hi, Devin. I replicated customer's situation on a machine with MBAM with same PDF file, and Acrobat module button "Send by mail" correctly opened a new mail with default mail application (Outlook 2016). I will update MBAM on customer machine while today MBAM version 3.1.1 seems passed from beta to release status. My main PC is actually using and I've not found any new problems. Crossing fingers ... ZZ
  10. Really don't know, it was a new problem on a customer PC, yesterday. I prefere not to install MBAM betas customer side. I will try Acrobat automation tomorrow on a machine with MBAM 3.1 and relate you here. ZZ
  11. Hi, a new problem with Anti-Exploit protection in MBAM3. With MB 3.0.6, Acrobat documents conteining module fields to be filled ad mail sent by automation are not able to complete the process. MB blocks Acrobat when it tries to generate a mail message with the default mail application. Disabling anti-exploit protection for Acrobat and Acrobat Reader solves. But the question is: what's the sense of Anti-exploit protection? Protecting users from malware or stopping them from use Word, Excel, PowerPoint an now Acrobat? Thank youin advance, P.S. v3.1.x beta eliminates Microsoft Office file saving problems. ZZ
  12. Problem IS NOT SOLVED I'm actually running Malwarebytes: MB version Component pkg 1.0.103 Update pkg 1.0.1802 If I re-enable Exploit protection on Microsoft Office Excel, PowerPoint, Publisher and Word, saving a file from these applications hangs them and you need to force close them. Disabling Exploit protection again, solves as before. Windows 10 Pro v1703 b15063.138 Office 2016 v1701 b7766.2076 Regards ZZ
  13. What we need, Devin, is to be somehow advised when you'll solve this problem, to re-enable exploit protection on Office applications or, of course, automatically re-enable these settings when updating MBAM. Thank you in advance. ZZ
  14. Ten days ago I updated several PCs to Creators Windows 10 (1703) edition, and all users began unable to save within Office 2016 Word, Excel, PowerPoint. It was a big problem, I spent a lot of time investigating on it, searching Internet, trying to repair, uninstalling, reinstalling Office with no results: all Office users were unable to operate (to save ...) their files. Here is the solution: a bug in Malwarebytes Anti-Exploit protection. I suggest MalwareBytes to quick disable by design MBAM 3.0.6 Office anti-exploit protection until update. I would like to know, as SaveTheTiger asked before, "What protection am I losing by turning off Word in MB3 -> Settings -> Protections -> Manage Protected Applications?" Best regards ZZ
  15. This is typical tip without sense. If programmers and beta tester work on insulated machines only, they will never be able to release a product. We are beta testing software on production machines, on our own risk, exactly while this kind of problem is only present on production machines. And this is positive for programmers. Dear 1PW, the reason I didn't send a "false positive report" for Office Clicktorun is very simple: Each PC sold in the last year has Office Clicktorun executable preinstalled. And there are not particular situations to put in evidence: Anti-Ransomware is interfering with it. You can reproduce the problem, simply creating a virtual machine, installing OEM Clicktorun or an Office 365 and ... "voila" Best regards ZZ
  16. Same problem. Today Anti-Ransomware detected my OfficeClickToRun.exe as malware and quarantined it (Tray banner). Office 2016 products stopped running. It was not possible to restore the file while quarantine list was empty. Uninstalling Anti-ransomware and restarting the PC solved the problem. It should be useful to make a public list of fale positive solved, to be sure not to jump into this bug again. ZZ
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.