marcelser
Members-
Posts
11 -
Joined
-
Last visited
Reputation
0 NeutralRecent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
-
When Browserguard is active it blocks some elements on bitpanda.com one of the biggest european crypto marketplaces making it impossible to buy/sell/trade or swap currencies. I needed to whitelist it to make the functionality work. Can you please remove this erronous modifications or fix browserguard in case it's a bug.
-
Hi, The Ransomware Protection of the newest Malwarebytes release kills the proper operation of the "Terminal" tab which starts an embedded cmd.exe in Android Studio 3.5.3 (latest) and IntelliJ 2019.3 (latest) . The part which seems to be breaking is in the so called "winpty" java library (in the case of Android Studio) or "winpty-agent.exe" and "winpty.dll" in case of IntelliJ. As Android Studio is based on IntelliJ it's no wonder both products are now affected. The point is Malwarebytes doesn't report a ransomware beeing found but it kills the functionality of the embedded terminal which start cmd.exe in that it reports "Cannot start Local Terminal" in both Programs. Looking at the support forums for IntelliJ revealed that you can work around it be excluding "winpty-agent.exe" and "winpty.dll" from scanning to fix it. In Android Studio winpty library is not externalized into a .exe & dll but the same java "winpty" package is used and it shows exactly the same error. To fix it I had to exclude "Android Studio" Folder in C:\Program Files from scanning too. The logs in Android Studio is showing this error: 020-01-12 17:35:36,560 [ thread 10] INFO - erminal.AbstractTerminalRunner - Cannot open Local Terminal java.util.concurrent.ExecutionException: Failed to start [cmd.exe] in C:/src/projects/cupboard_manager_ui at org.jetbrains.plugins.terminal.LocalTerminalDirectRunner.createProcess(LocalTerminalDirectRunner.java:211) at org.jetbrains.plugins.terminal.LocalTerminalDirectRunner.createProcess(LocalTerminalDirectRunner.java:58) at org.jetbrains.plugins.terminal.AbstractTerminalRunner.lambda$openSessionInDirectory$4(AbstractTerminalRunner.java:208) at com.intellij.openapi.application.impl.ApplicationImpl$1.run(ApplicationImpl.java:312) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) Caused by: java.io.IOException: Couldn't create PTY at com.pty4j.windows.WinPtyProcess.<init>(WinPtyProcess.java:75) at com.pty4j.windows.WinPtyProcess.<init>(WinPtyProcess.java:50) at com.pty4j.PtyProcessBuilder.start(PtyProcessBuilder.java:109) at com.pty4j.PtyProcess.exec(PtyProcess.java:78) at com.pty4j.PtyProcess.exec(PtyProcess.java:49) at org.jetbrains.plugins.terminal.LocalTerminalDirectRunner.lambda$createProcess$0(LocalTerminalDirectRunner.java:202) at org.jetbrains.plugins.terminal.TerminalSignalUtil.computeWithIgnoredSignalsResetToDefault(TerminalSignalUtil.java:41) at org.jetbrains.plugins.terminal.LocalTerminalDirectRunner.createProcess(LocalTerminalDirectRunner.java:200) ... 8 more Caused by: com.pty4j.PtyException: Error starting winpty: ConnectNamedPipe failed: Windows error 232 at com.pty4j.windows.WinPty.<init>(WinPty.java:93) at com.pty4j.windows.WinPtyProcess.<init>(WinPtyProcess.java:72) ... 15 more This more or less means that Malwarebytes is interfering with proper Terminal Allocation (see the "Couldn't create PTY" message) in this case. This needs to be fixed soon as IntelliJ and Android Studio are updating regularly and every new release installs into a version specific directory to keep previous isntallation working. So with every new release of Android Studio or IntelliJ it will break again and I will have to add another excluded folder to make it work and I also need to remember how I solved it please. Fix asap. Best regards, Marc PS: For testing purposes it's probably enough to either install IntelliJ Community Edition or Android Studio and then open some dummy project and trying to open the embedded terminal in the bottom tabs while newest Malwarebytes is running. As soon as you disable "Ransomware Protection" from Realtime Scanning it works.
-
ok, here's the mbcheck logs and 2 screenshots which show the problem. The screenshot "mb blocking website example" shows a forum reply form that get's blocked when I post this reply to the thread which is clearly wrong this should not be blocked The screenshot "mb blocking no logging" shows what happens after I submit the post in the browser (the actual blocking page) and also shows that the log stays empty in MB, it doesn't log the blocked page at all. As I said it happened to various URLs but without log I can not collect them for you. The last 3 I remember were: eat.chforum.switchdoc.comshop.compex.com.sg all of them were blocked without reason, they are all legitimate sites without any reason to be blocked, especially eat.ch is a very popular food delivery agency in switzerland. I also attached the logs from mb_check which also contains the FRST logs. mb-check-results.zip
-
I don't know what Malwarebytes did to either their web detection database or their web protection modules but I get ton's of false positives which are not even recorded in event log! some examples: eat.ch forum.switchdoc.com shop.compex.com.sg are just the latest 3 occurrences. The module in it's current state is so bad as it reports nonsense and doesn't even log to event log that I had to disable web blocking! Also whitelisting the sites doesn't properly work! Please fix this asap! This all started suddenly about some weeks ago, I guess 3-4 weeks maybe a bit longer. BTW: I'm using MB 3.3.1.2183
-
I was browsing around in the "Compex" Webshop a legit hardware supplier from singapore. But every click in the webshop beeing registering, logging in, etc. ended up in a Malware Blocked URL report. When I looked at the even log at first I didn't even find the entries, because as first error they are beeing logged with wrong date. They were logged today with date of 30.12.2017 instead of 04.01.2018? Then they are showing totally wrong domain "creative.stripchat.com" instead of "www.compex.com.sg". Also adding "www.compex.com.sg" to exclusions did not help to overcome the block. Probably I would have to add "creative.stripchat.com" but didn't want to to that. So In the end I had to disable web protection until I could make the purchase in this shop. Can you please check if this shop really makes an outgoing connection via javascript or so or if MB3 is somehow totally borked. I mean the wrong date is strange too. btw here is the exported data of the blocked event. Malwarebytes www.malwarebytes.com -Protokolldetails- Datum des Schutzereignisses: 30.12.17 Uhrzeit des Schutzereignisses: 02:57 Protokolldatei: d50333d2-ed04-11e7-9f8a-d8cb8aecbfbd.json Administrator: Ja -Softwaredaten- Version: 3.3.1.2183 Komponentenversion: 1.0.273 Version des Aktualisierungspakets: 1.0.3586 Lizenz: Premium -Systemdaten- Betriebssystem: Windows 10 (Build 16299.125) CPU: x64 Dateisystem: NTFS Benutzer: System -Einzelheiten zu blockierten Websites- Bösartige Website: 1 , , Blockiert, [-1], [-1],0.0.0 -Website-Daten- Kategorie: Betrug Domäne: creative.stripchat.com IP-Adresse: 213.174.135.1 Port: [0] Typ: Ausgehend Datei: (end)
-
Updates are not current
marcelser replied to Buddel's topic in Malwarebytes for Windows Support Forum
I also have the problem with 3.2.2 that I get Updates are not current. With our machines it can often happen that machine is down for more then 24 hours. But still, if I have check-for-updates this should work no matter how long device was turned off. It cannot be that I get a warning that malwarebytes is outdated but when I go there shortly after updater has finished and everything is fine. If I always get the message if machine is off for longer then 24hours the only thing I can say is, that's the stupidiest implementation of this feature I ever seen. No other Virus Scanner I used so far worked like this. It's actually quite easy isn't it (at least from my perspective beeing a professional programmer too): when "check for outdated version" is triggered, delay function until updater is run if auto-updates are enabled. This would then only give you the warning if the updater failed, it's really not that hard. And I really don't get the point of the 24 hours. It makes no sense if auto-update happens shortly after. -
"Updates not current" always happens
marcelser replied to nworker's topic in Malwarebytes for Windows Support Forum
Still having exact th same issue here with MBAM 3.2.2 latest version on all 3 machines I have licenses for. It's unlikely that all 3 installations are screwed. The updater just doesn't check first if it should download and install an update before reporting out-of-date. If I have check for updates it should NEVER report out of date except download fails. Somehow this check is very badly implemented. It should be delayed until updater function is finished -
"Updates not current" always happens
marcelser replied to BryanF's topic in Malwarebytes for Windows Support Forum
Hope this will be fixed with MB 3.2 which is current beta as it's driving me crazy as well.- 25 replies
-
- malwarebytes
- update
-
(and 3 more)
Tagged with:
-
Hi, I'm a new user of MB3 but I have an issue that is really driving me nuts. I enabled to automatically download and install updates in the settings. But If I don't use my laptop for 4-5 days after booting MB3 shows a pop-up that it's not up-to-date and that it has updates to install. When I click on that notification MB3 opens and shows a yellow exclamation mark icon as it's status. But few seconds later normally it switches to the green checkmark because MB3 installed the update without any intervention from me. Also tried out what happens if I ignore this notification at all. So I watied 1 minute and opened MB3 and it shows the green checkmark. So obviously MB3 reports not beeing up-to-date before it automatically installs the updates. That's silly and annoying. MB3 should first try to update itself and report afterwards if something is not ok but not before it auto-installs it's updates it really makes no sense. I could of course disable the notification, but it doesn't matter If I disable it or not. If I disable it I won't be notified if there's really a problem with updating itself. If I leave it enabled I will igrnore the notification and I also won't know if there will ever be a problem with updating. So you see it's annoyance and also a risk to show this misleading not-up-to-date notification. Can you fix this asap. Thank you
-
All of a sudden MBARW started quarantining Nvidia Files placed in my User Profile at the directory C:\Users\marc\AppData\Local\NVIDIA\NvBackend\Packages\000093e1. I have uploaded the first one that was detected as zip. After rebooting the machine 1 day later I got another quarantined filed in the nearly identical directory Nnvidia\NVBackend\00093f3 also with a very similar name "DAO.21159685.exe. I think nvidia started downloading files for its "Geforce Experience" Engine or for driver updates that are now detected as false positives by MBARW. DAO.21154721.zip Malwarebytes Anti-Ransomware.zip
-
Please, please, please. Have Anti-Ransomware minimize to tray bar on start. Atm when it starts it shows a task bar icon and it really disturbs me, when I check what apps are running that you always have this icon there. I also don't understand why you didn't include that option right away as all other Malwarebyte Software seems to support this and ti's really driving me mad. So, please update beta with minimize to tray as default behaviour or at least the possibility to activate this in op'tions. Thanks you very much