Jump to content

Recommended Posts

***This is an automated reply***

Hi,

Thanks for posting in the Malwarebytes for Windows Help forum.

 

If you are having technical issues with our Windows product, please do the following: 

Spoiler

If you haven’t already done so, please run the Malwarebytes Support Tool and then attach the logs in your next reply:

NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

  1. Download Malwarebytes Support Tool
  2. Once the file is downloaded, open your Downloads folder/location of the downloaded file
  3. Double-click mb-support-X.X.X.XXXX.exe to run the program
    • You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
  4. Place a checkmark next to Accept License Agreement and click Next
  5. You will be presented with a page stating, "Get Started!"
  6. Click the Advanced tab on the left column

    mbst_get_started.jpg
     
  7. Click the Gather Logs button

    mbst_advanced_gather_logs.jpg
     
  8. A progress bar will appear and the program will proceed with getting logs from your computer

    mbst_getting_logs.jpg
     
  9. Upon completion, a file named mbst-grab-results.zip will be found on your Desktop. Click OK

    mbst_log_saved_desktop.jpg
     
  10. Please attach the file in your next reply. Before submitting your reply, be sure to enable "Notify me of replies" like so:

     notify me.jpeg  

Click "Reveal Hidden Contents" below for details on how to attach a file:
 

Spoiler

To save attachments, please click the link as shown below. You can click and drag the files to this bar or you can click the choose files, then browse to where your files are located, select them and click the Open button.

mb_attach.jpg.220985d559e943927cbe3c078b
 

One of our experts will be able to assist you shortly.

 

If you are having licensing issues, please do the following: 

Spoiler

For any of these issues:

  • Renewals
  • Refunds (including double billing)
  • Cancellations
  • Update Billing Info
  • Multiple Transactions
  • Consumer Purchases
  • Transaction Receipt

Please contact our support team at https://support.malwarebytes.com/hc/en-us/requests/new to get help

If you need help looking up your license details, please head here: https://support.malwarebytes.com/hc/en-us/articles/360038523934

 

 

Thanks in advance for your patience.

-The Malwarebytes Forum Team

 

Link to post
Share on other sites

Greetings,

I just replicated this, however I was able to work around the issue by entering the EXE names manually (I created one for both the main WinRAR.exe GUI/process as well as the UnRAR.exe component which I believe is what does the actual work, though I was able to add the latter entry the normal way via the browse function to point to the EXE which is the method that fails when attempting to add WinRAR.exe).

My guess is that the issue has something to do with the naming and that it prevents the file being added when selected through the browse function but I'm not a Developer so I don't know for certain.

Either way I will report it to the Product team for analysis and confirmation.

Please let us know if you encounter any further issues.

Thanks

Link to post
Share on other sites

By the way, this has the added benefit of generally making the shielding in Exploit Protection fully functional for applications installed in non-default locations as well as the portable versions of many of them (including web browsers, which is especially important for protection).

Link to post
Share on other sites

Also please keep in mind that in all likelihood Malwarebytes Anti-Exploit component has not been designed to shield against known and unknown vulnerabilities for WinRAR and other archiving/compression applications, and in fact most of its protection seems centered around browsers and their plugins/extensions, office/document type applications which often use plugins and extensions, media players and the like along with some protections for common general OS/system level vulnerabilities and exploit types so any protection provided by adding WinRAR as a protected application will likely be very limited and I do not know what level of protection will be provided by adding it as a shielded application or which category would be best to choose (though I would suspect browsers might be a good choice since it has the potential to open and launch EXE's, DLL's and other executable file types similar to how browsers are often used in attacks for exploit drops and downloaders).

Link to post
Share on other sites

Both RAR and UnRAR are command line executables, not GUI executables so perhaps that has something to do with it, unless there is some specific application/executable blacklist being used to prevent adding certain apps to the shielded apps list.

Link to post
Share on other sites
6 minutes ago, exile360 said:

Also please keep in mind that in all likelihood Malwarebytes Anti-Exploit component has not been designed to shield against known and unknown vulnerabilities for WinRAR and other archiving/compression applications, and in fact most of its protection seems centered around browsers and their plugins/extensions, office/document type applications which often use plugins and extensions, media players and the like along with some protections for common general OS/system level vulnerabilities and exploit types so any protection provided by adding WinRAR as a protected application will likely be very limited and I do not know what level of protection will be provided by adding it as a shielded application or which category would be best to choose (though I would suspect browsers might be a good choice since it has the potential to open and launch EXE's, DLL's and other executable file types similar to how browsers are often used in attacks for exploit drops and downloaders).

Okay, I'll leave it as it is.  Thanks.

Link to post
Share on other sites

Thank you for the report.

Please note that winrar.exe is added as a protected application by default (albeit, it is not included in the "Default" list displayed within the user interface). The expected behaviour here is for an error message to be displayed indicating the application is already protected. A defect has been filed to correct this.

Link to post
Share on other sites
2 hours ago, LiquidTension said:

Thank you for the report.

Please note that winrar.exe is added as a protected application by default (albeit, it is not included in the "Default" list displayed within the user interface). The expected behaviour here is for an error message to be displayed indicating the application is already protected. A defect has been filed to correct this.

@LiquidTension   Thanks for the info.

Link to post
Share on other sites
3 hours ago, LiquidTension said:

Thank you for the report.

Please note that winrar.exe is added as a protected application by default (albeit, it is not included in the "Default" list displayed within the user interface). The expected behaviour here is for an error message to be displayed indicating the application is already protected. A defect has been filed to correct this.

Oh wow, that explains why we had trouble adding it but also managed to via alternate names/paths etc.

Thanks

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.