Jump to content

Ransomware protection interferes with Roboform extension


Recommended Posts

With Ransomware protection turned on, the RoboForm Password Manager extension does not properly install in Google Chrome.  It appears to install correctly, but it isn't working correctly.  It shows the wrong interface and produces some error messages.  No detection is logged by Malwarebytes.

When Ransomware protection is turned off, the extension installs correctly and shows the correct interface and no errors are produced.  The RoboFrom Password Manager version 8.6.2.2 is found in the Chrome Store.

I am now on the Malwarebytes beta, 1.0.782,  don't know if this works correctly in the released version (although I have never had any problems in the past).

Bill

Edited by BillH99999
Link to post
Share on other sites

Greetings,

Thanks for reporting this issue.  I will be sure to inform the Product team about this problem and hopefully they will be able to address it in a future update.

What happens if you disable Ransomware Protection while installing the extension, does it work then if you re-enable Ransomware Protection after that or does it interfere with it still?

Please let us know.

Thanks

Link to post
Share on other sites

@exile360

OK... I spoke too soon.

The problem is more widespread than I thought.  I closed Google Chrome and re-opened it and had the same problem.  So it is not just on the install of the Roboform extension so I wonder if the title of this thread should be changed to something like "Ransomware protection interferes with loading of Roboform extension". 

When closing and re-opening Chrome, the Roboform extension fails to load successfully which results in getting the wrong interface.  To correct the problem I had to turn off Ransomware protection, disable the Roboform extension, re-enable the Roboform extension and then it loaded successfully.  At his point I could turn Ransomware protection back on and all worked fine until the next time Google Chrome was closed and re-opened.  This problem of course also happens anytime I reboot the system and Chrome starts up.

Interestingly, the same problem does not occur with the Roboform extension for Firefox.

According to Roboform support, the interface I get when the problem happens is a limited interface with only partial functionality.  After correcting the problem I get the real full functioning interface.

For me this is a show stopper.  I use Roboform many times during the day.  I never had this problem with MB 1.0.770.

Thanks,
Bill

Edited by BillH99999
Link to post
Share on other sites
16 hours ago, ITC23 said:

Pretty much the same issue with 1Password in any Chromium based browser. 

I can confirm this. We do have a fix for a related issue in our current in-test version of Malwarebytes Anti-Ransomware standalone, but it will be a while before it gets into Malwarebytes for Windows. That fix also addresses the issue with 1Password.

EDIT:

I have been able to reproduce the issue with Roboform @BillH99999 - and I can also confirm the issue is mitigated with the same version of the Ransomware Protection component as fixes the issue with 1Password. Similarly, it will be a while before this fix gets into MB4.

Edited by tetonbob
Link to post
Share on other sites

@tetonbob

I never had this problem with 1.0.770.  So it must be something that was added to the beta.  Is that correct?

When you say it will be "awhile", how long do you think it might be? Days, weeks, months?

Will the fix you are talking about be added to the beta before it is generally released?  If not you might break a lot of people's systems.

Otherwise I guess I'll have to go back to 1.0.770 and not do any updates until the fix is added to MB.

Thanks,
Bill

Edited by BillH99999
Link to post
Share on other sites
13 minutes ago, BillH99999 said:

@tetonbob

I never had this problem with 1.0.770.  So it must be something that was added to the beta.  Is that correct?

Yes

When you say it will be "awhile", how long do you think it might be? Days, weeks, months?

I don't set schedules but as I look at our current schedule, the earliest would be late January. Subject to change.

Will the fix you are talking about be added to the beta before it is generally released? 

I will check with the teams, but not likely.

If not you might break a lot of people's systems.

I'm not sure I'd categorize a compatibility issue as breaking people's systems, but I do acknowledge it will cause issues that will need to be worked around.

Otherwise I guess I'll have to go back to 1.0.770 and not do any updates until the fix is added to MB.

Thanks,
Bill

 

Hi Bill. I replied inline.

Link to post
Share on other sites

@tetonbob

To be honest this makes me a bit disappointed in Malwarebytes.  You release a beta that causes problems for people.  They report the problem.  You acknowledge the problem exists.  Then you say it is unlikely that the fix will be added to the beta before it is released.

This is admitting that you will release a flawed product for general use and then people will have to work around the problem.

I was in IT for over 30 years and was in charge of a lot of projects and we would have never released a program with a known bug like this.

Bill

Link to post
Share on other sites
55 minutes ago, BillH99999 said:

@tetonbob

I never had this problem with 1.0.770.  So it must be something that was added to the beta.  Is that correct?

When you say it will be "awhile", how long do you think it might be? Days, weeks, months?

Will the fix you are talking about be added to the beta before it is generally released?  If not you might break a lot of people's systems.

Otherwise I guess I'll have to go back to 1.0.770 and not do any updates until the fix is added to MB.

Thanks,
Bill

Thank you very much for the confirmation. Took me a little to figure out what was going on. 

Is there a certain aspect of MBAM that's causing this? I'd prefer not to downgrade or totally turn it off, is there any element that can be disabled to prevent this?

Is there anything on the 1Pass or Roboform side that can be done to resolve the issue, or is this exclusively on the MBAM side? Beta is beta, but this has to be impacting a signifant number of users. 

Thanks again for the update.

Link to post
Share on other sites
35 minutes ago, tetonbob said:

Hi @ITC23 - it's the Ransomware Protection component which is causing the issue. From our testing, there is nothing to be done on the side of the extension to resolve the issue, it's on our side.

Thanks for the clarification. This same issue also seems to prevent proper syncing with iTunes and iOS devices for syncing/backups, just to add that to the list of what I have noticed to be impacted. 

I can live with turning off Ransomware protection for now. I think. 

Link to post
Share on other sites
35 minutes ago, ITC23 said:

Thanks for the clarification. This same issue also seems to prevent proper syncing with iTunes and iOS devices for syncing/backups, just to add that to the list of what I have noticed to be impacted. 

Another reason to maybe wait to release the beta until this bug is fixed.

Bill

Edited by BillH99999
Link to post
Share on other sites

You can keep Ransomware Protection disabled.  It is by far the least proactive/protective component in Malwarebytes because all it does is monitor memory/active processes and threads for ransomware behavior to catch ransomware in the act.  This means that if the other components of protection are doing their jobs of actually preventing infections from ever installing/becoming active on the system you will never see a detection from the Ransomware Protection component.  It is a secondary layer of defense that functions as a last resort should the system become infected with ransomware, however most ransomware uses methods of infection that are well covered by the other components in Malwarebytes such as exploits which are very well covered by Exploit Protection.  Ransomware Protection tends to cause the most conflicts and drags down system performance more than any other component or module in Malwarebytes and is simultaneously the least proactive in actually preventing infection so I keep it disabled at all times.  I would advise anyone having the issues described in this thread to do the same until this issue is resolved.  You won't be missing out on much protection frankly just because of the way this module works.

Link to post
Share on other sites

@exile360

I'm not sure I would want to do that.  I think I want to stick with all the functionality enabled.  I am OK with sticking with 1.0.781 until a fix comes out for this problem.  I kind of feel like I shouldn't have to disable part of the functionality in a product just to workaround a bug in the product.  I'll have to keep thinking on this.

Thanks
Bill

Link to post
Share on other sites
1 minute ago, BillH99999 said:

@exile360

I'm not sure I would want to do that.  I think I want to stick with all the functionality enabled.  I am OK with sticking with 1.0.781 until a fix comes out for this problem.  I kind of feel like I shouldn't have to disable part of the functionality in a product just to workaround a bug in the product.

I suppose it depends on the features and changes in the new version vs the value of the module being disabled.  In my experience typically the new detection capabilities, heuristics enhancements and engine improvements in new betas/releases is well worth the sacrifice of one particular component, especially this component in particular since, if Malwarebytes is doing its job, should never detect anything (it's the same reason that I would never expect a manual scan to detect any active threats, because the real-time protection should have detected and prevented any such threats before they ever got the chance to install and become active).

Link to post
Share on other sites
  • 3 weeks later...

I am also having this issue and am appalled at the attitude that it's a bug in a beta version and we aren't going to fix it until production. I agree to beta testing knowing that there may be the odd issue such as this one but would expect an update to be rolled out fairly quickly. I run a dev team and would never in a million years treat one of my beta testers like this, especially as they are helping to prove the product.

Have now turned off beta updates and will remain off.

Link to post
Share on other sites

@GrahamW

I also disabled automatic installation of new releases.  If this bug remains in the beta when it is released then I don't want it to get installed on my system and break Roboform.  I'll do a manual update to a new release of MB once I know the new release includes a fix for this bug.

Bill

Link to post
Share on other sites
  • tetonbob changed the title to Ransomware protection interferes with Roboform extension

Greetings, all. We've just released another Beta Component package, 1.0.793, which addresses the issue with Roboform, 1Password and another extension, IE Tab.

This does not address the reported issue with iTunes sync/backup. That issue is still under investigation.

Please give this Beta a try and let us know your results. Thanks for your patience, continued feedback and participation.

Link to post
Share on other sites

@tetonbob

I just installed the 1.0.793 beta and it seems to have fixed the problem.  I am now getting the correct Roboform UI when I close and reopen Google Chrome.

I'll keep an eye on it and let you know if I experience any other issues with Roboform.

Thanks,
Bill

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.