Jump to content

Recommended Posts

I have tried to exclude a server from being blocked. unblocked on the work station and on the malware server counsel. But when she tries to open it again it is blocked. i go into exclude it and it tells me it is already exclude. if it is why is it blocking it? If I shut down the software works fine. Have been using this for over a year with no problem now in the last 3 weeks it is not working right.

Link to post
Share on other sites

  • Staff

Hello Tmorse,

 

This may be due to a new version of the program that was updated with the timeline you gave. I want to have you collect me some logs from the computer so I can look into this further for you. All you would need to do is go to the computer and collect this directory:

C:\ProgramData\Malwarebytes Anti-Exploit

 

Just zip up that directory and attach it here for me. 

 

Link to post
Share on other sites

  • Staff

Hello Tmorse,

 

That is odd. I am not seeing that block at all in the logs. Our team is looking into an issue like this with UNC exclusions, but I would like to see the alert file so I can send it to them. Can you try to collect the logs from that computer again? Or, if possible, have them reproduce it right before you collect it to make sure it creates the alert on the client side. 

Link to post
Share on other sites

  • Staff

Hello Tmorse,

 

Alright, in the mean time then. Can you go back to that alert in the console. On the area where it says 'object scanned' can you extend that column so I can see the entire path and take a screenshot of that? That is mainly one of the information I want to see and I can send that to our team. 

Link to post
Share on other sites

  • Staff

Hello Tmorse,

 

Good to hear! We are planning on pushing out an updated version of anti-exploit soon that includes that fix. So all of your clients should get the new version when that happens. In the mean time, you can use that build on machines that need this fix while we get the GA build finalized. 

Link to post
Share on other sites

  • 1 year later...

Just an FYI, but I had the same problem when using IE on my personal PC. Turning off Exploit Protection from the system tray plus turning off IE protection under Settings > Real-Time Protection > Manage Protected Applications did nothing at all until I shut down IE and restarted it. Once restarted the "Exploit" was unblocked.

Link to post
Share on other sites

On 2/14/2018 at 12:49 PM, MBride said:

Just an FYI, but I had the same problem when using IE on my personal PC. Turning off Exploit Protection from the system tray plus turning off IE protection under Settings > Real-Time Protection > Manage Protected Applications did nothing at all until I shut down IE and restarted it. Once restarted the "Exploit" was unblocked.

Yes, that's most likely because the way exploit protection functions is by loading a DLL into protected processes, a technique called hooking, and therefore cannot unload from a protected process often times without the protected process being shut down/restarted.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.