SomervilleTom

Attached please find "mbst-grab-results.zip". I appreciate your attention. mbst-grab-results.zip

It appears to me that when MWB blocked my attempts to access google, it caused google to nuke its settings on my local machine and revert to a stale version (from months or years ago) that happened to be in my account in Google cloud. I run my Windows 10 Pro as a guest VM, and I keep frequent snapshots of the entire VM. I loaded a guestVM from a snapshot of 20220905. I then opened Chrome (hoping to find my old bookmarks). No joy -- Chrome automagically updated itself and the bookmarks I wanted are gone. I've attached a screenshot from the MWB dashboard. It appears to me that this MWB failure caused a ripple effect that has damaged my access to google services. I also suspect I'm not the only one. I've been a premium customer of MWB for years. I'd like an update from someone at MWB about what happened, what the unintended consequences might have been, and how to recover (if possible).

No difference, sorry.

As I wrote in my thread-starter ... " I do NOT want to "sync" it to Google Cloud -- that makes everything vulnerable if, for example, my account is compromised." Something caused Chrome clear everything -- it's history, my bookmarks, my cached credentials, everything. The timing of this disaster, coming literally on the heels of the MWB quarantining etc, makes me wonder what MWB did to my system during the failure system. When the "threat" was identified, what happened when MWB quarantined the false positive? Was there a simultaneous upgrade? Is there a reference that describes what MBW does on my system when a local app is quarantined? My system behaves as though all of Chrome's local state was cleared.

When I attempt to access this link, it says the RCA for yesterday's false positive is "unavailable" and that the topic is closed.

Two of our local machines here, each running Windows 10 Pro, were unable to access any Google site yesterday morning. The issue was noted here and is now marked as "resolved". I resolved both issues by rebooting and then manually updating MWB. At first, I thought all was well. That, however, is the beginning -- not the end -- of what happened to me. Chrome logged me out of all my session. When I logged back in, Chrome had reverted my bookmarks folder to its status from years ago. I've spent much of yesterday and today trying to recover. For example, credentials that I use for `auth0` (and that were cached in the browser). Amazon Prime credentials. A year's worth of notes as I find and bookmark valuable sites. Even though I'm now logged back into the same Google account on Chrome, the earliest entry in my browser history is for 2:32p yesterday. Is it just coincidence that all this happened within hours of a major failure of Malwarebytes? Did Google push a Chrome update that broke MWB? Did MWB do something beyond just blocking access to anything google? I'd like further clarification of what actually happened yesterday. As anybody who has tried to backup Chrome anything on Windows 10 Pro already knows, there is no good way to backup this information. I do NOT want to "sync" it to Google Cloud -- that makes everything vulnerable if, for example, my account is compromised. I'd like someone with insight into what happened in yesterday's failure to provide more information about what brought it about. I'd like to know if there are steps I can take to prevent a recurrence. This has been EXTREMELY painful.

Same here, although I think an update just happened that may have fixed the issue. On windows, open MWB and click "Check for updates".

I've been a Malwarebytes pro subscriber for years. I'm seeing a great deal of chatter in the lay media about "Androzek". How do I determine whether not MWB protects me from this threat? I posted a question in the "Malwarebytes For Windows Support Forum", but I'm not sure that's the appropriate place. Am I really the first MWB subscriber to wonder about this? I don't want to find that I've been infected after it's too late -- this sounds like it's very tedious to remove.

I'm seeing lots of publicity about Androzek. I've had MWB installed and running continuously for years. Do I need to be concerned about Androzek?

I'm getting a "Trojan Horse" complaint from MalwareBytes, and I expect this to be a legitimate site. Can you confirm that this is valid complaint? If so, then I'll need to notify the site admin. MWB log entry follows: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 4/20/20 Protection Event Time: 1:33 PM Log File: 1ceb1fbe-832d-11ea-900d-0a0027000008.json -Software Information- Version: 4.1.0.56 Components Version: 1.0.867 Update Package Version: 1.0.22698 License: Premium -System Information- OS: Windows 10 (Build 18362.592) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Trojan Domain: reverserett.org IP Address: 173.247.240.75 Port: 443 Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end)

I don't know if this is a false positive or not. Is there a way to get more information about what triggers a trojan hit? I've been using the Boston Globe online reader daily for months with no issues. This morning, the same site started causing a MalwareBytes popup with a possible trojan warning. I don't want to exclude the site if it's truly dangerous. The offending link is "pages.pagesuite.com". That seems to be a legitimate and widely-used source. I've attached a screenshot of the new complaint. How do I determine whether this complaint is real or not? I'd like to keep using the site.

False alarm. Looks like the battery was dead in the mouse.

My USB mouse is freezing again, especially in Chrome. In the past, this has ALWAYS been caused by Malwarebytes. I've noticed it for the past few days. Here is the version information from my Malwarebytes "About" page: Malwarebytes version: 3.7.1.2839 Component package version: 1.0.586 Update package version: 1.0.10884 According to my dashboard, my protection is "Current". I see no indication of a timestamp or version number for the local db being used. I'm running on Windows 7 pro machine with plenty of RAM, disk, and CPU. Let me know if it will be helpful to update any logfiles.

You don't need to uninstall. Go to the services app (I only know how to do it on windows 7 ... "control panel -> Administrative tools -> services"). Find "Malwarebytes service", and set its "Startup Type" to be "disabled". Then restart your system.

Not only am I disappointed that malwarebytes doesn't have a rollback strategy (I work for a major corporation and we aren't able to even touch production servers without having that in place), I'm also disappointed that there isn't a top-level pinned notice describing the issue and how to work around it. This is not rocket science, it's rather basic customer support. It's no harder than figuring out how to get paid by customers. Companies who care do things like this.

BTW, this demonstrates why having a second protection suite (in my case, windows defender or whatever stupid name Microsoft chose) available. I don't think this has anything to do with updates on a client (you and me). I think they broke the server that all of their clients connect to

I'm pretty sure this is a server issue. I've got mwb2 installed, and it killed my machine (windows 7 pro). Here's what I did, it seems to be a work-around until this gets fixed: 1. Quit MWB from the taskbar 2. Go to "services", and set the "Startup Type" for "Malwarebytes Service" to "disabled" 3. Reboot Once malwarebytes fixes the issue, then just reverse the above. We will see if malwarebytes is as good at telling us when they're server is healthy again as they are at telling us about the new things we can buy. I hope I don't have to poll forums like this to discover when this is resolved.

I had to disable malwarebytes in order for my PC (windows 7 pro) to be usable at all. In order to do that, I did the following (not all steps may be needed, this is just a quick list of what I did): 1. Quit mwb from the taskbar 2. Go to "Services", and set the "Startup Type" for "Malwarebytes Service" to "disabled". 3. Restart Thankfully, this seems to have stopped the runaway. I hope that Malwarebytes (the company) is as good at notifying me when this issue is resolved as they are at spamming me while everything is working fine. I'm disappointed that their "support" site is down. I guess I understand why, though.

In order to get my PC back, I opened "services" and set the "Startup Type" for "Malwarebytes Service" to "disabled". I clicked "quit" in the task bar icon for Malware Bytes Then I restarted. It looks as though I've got my PC back (though of course with no MalwareBytes proection).