SomervilleTom Posted September 23, 2022 ID:1534975 Share Posted September 23, 2022 Two of our local machines here, each running Windows 10 Pro, were unable to access any Google site yesterday morning. The issue was noted here and is now marked as "resolved". I resolved both issues by rebooting and then manually updating MWB. At first, I thought all was well. That, however, is the beginning -- not the end -- of what happened to me. Chrome logged me out of all my session. When I logged back in, Chrome had reverted my bookmarks folder to its status from years ago. I've spent much of yesterday and today trying to recover. For example, credentials that I use for `auth0` (and that were cached in the browser). Amazon Prime credentials. A year's worth of notes as I find and bookmark valuable sites. Even though I'm now logged back into the same Google account on Chrome, the earliest entry in my browser history is for 2:32p yesterday. Is it just coincidence that all this happened within hours of a major failure of Malwarebytes? Did Google push a Chrome update that broke MWB? Did MWB do something beyond just blocking access to anything google? I'd like further clarification of what actually happened yesterday. As anybody who has tried to backup Chrome anything on Windows 10 Pro already knows, there is no good way to backup this information. I do NOT want to "sync" it to Google Cloud -- that makes everything vulnerable if, for example, my account is compromised. I'd like someone with insight into what happened in yesterday's failure to provide more information about what brought it about. I'd like to know if there are steps I can take to prevent a recurrence. This has been EXTREMELY painful. Link to post Share on other sites More sharing options...
Porthos Posted September 23, 2022 ID:1534977 Share Posted September 23, 2022 Just now, SomervilleTom said: I'd like someone with insight into what happened in yesterday's failure to provide more information about what brought it about. Link to post Share on other sites More sharing options...
Porthos Posted September 23, 2022 ID:1534979 Share Posted September 23, 2022 (edited) 18 minutes ago, SomervilleTom said: Did Google push a Chrome update that broke MWB? Did MWB No 18 minutes ago, SomervilleTom said: Did MWB do something beyond just blocking access to anything google? No 18 minutes ago, SomervilleTom said: Even though I'm now logged back into the same Google account on Chrome, the earliest entry in my browser history is for 2:32p yesterday. Did you have sync enabled in Chrome? If so everything should have been there when you logged back into Chrome. As little as I use Chrome, I just checked and everything was as I left it. Edited September 23, 2022 by Porthos Link to post Share on other sites More sharing options...
SomervilleTom Posted September 23, 2022 Author ID:1535052 Share Posted September 23, 2022 9 hours ago, Porthos said: When I attempt to access this link, it says the RCA for yesterday's false positive is "unavailable" and that the topic is closed. Link to post Share on other sites More sharing options...
SomervilleTom Posted September 23, 2022 Author ID:1535055 Share Posted September 23, 2022 9 hours ago, Porthos said: No No Did you have sync enabled in Chrome? If so everything should have been there when you logged back into Chrome. As little as I use Chrome, I just checked and everything was as I left it. As I wrote in my thread-starter ... " I do NOT want to "sync" it to Google Cloud -- that makes everything vulnerable if, for example, my account is compromised." Something caused Chrome clear everything -- it's history, my bookmarks, my cached credentials, everything. The timing of this disaster, coming literally on the heels of the MWB quarantining etc, makes me wonder what MWB did to my system during the failure system. When the "threat" was identified, what happened when MWB quarantined the false positive? Was there a simultaneous upgrade? Is there a reference that describes what MBW does on my system when a local app is quarantined? My system behaves as though all of Chrome's local state was cleared. Link to post Share on other sites More sharing options...
David H. Lipman Posted September 23, 2022 ID:1535056 Share Posted September 23, 2022 (edited) Please reference: September 21, 2022 - False positive with Google I alerted @msherwood to the PDF's access Permission issue. Thank you @SomervilleTom EDIT: I extracted JPEGs of the contents of the PDF in the interim. Edited September 23, 2022 by David H. Lipman 1 Link to post Share on other sites More sharing options...
David H. Lipman Posted September 23, 2022 ID:1535097 Share Posted September 23, 2022 @SomervilleTom The PDF permissions were fixed. Please see if you can download the PDF in Post ID:1534928 Link to post Share on other sites More sharing options...
SomervilleTom Posted September 23, 2022 Author ID:1535098 Share Posted September 23, 2022 7 minutes ago, David H. Lipman said: @SomervilleTom The PDF permissions were fixed. Please see if you can download the PDF in Post ID:1534928 No difference, sorry. Link to post Share on other sites More sharing options...
David H. Lipman Posted September 23, 2022 ID:1535099 Share Posted September 23, 2022 2 minutes ago, SomervilleTom said: No difference, sorry. Thank you. Feedback has been provided to the Malwarebytes forum Administrator. Link to post Share on other sites More sharing options...
SomervilleTom Posted September 23, 2022 Author ID:1535100 Share Posted September 23, 2022 It appears to me that when MWB blocked my attempts to access google, it caused google to nuke its settings on my local machine and revert to a stale version (from months or years ago) that happened to be in my account in Google cloud. I run my Windows 10 Pro as a guest VM, and I keep frequent snapshots of the entire VM. I loaded a guestVM from a snapshot of 20220905. I then opened Chrome (hoping to find my old bookmarks). No joy -- Chrome automagically updated itself and the bookmarks I wanted are gone. I've attached a screenshot from the MWB dashboard. It appears to me that this MWB failure caused a ripple effect that has damaged my access to google services. I also suspect I'm not the only one. I've been a premium customer of MWB for years. I'd like an update from someone at MWB about what happened, what the unintended consequences might have been, and how to recover (if possible). Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted September 23, 2022 Root Admin ID:1535105 Share Posted September 23, 2022 Hello @SomervilleTom Can we please get some logs from your computer before you reverted the snapshot? To begin, please do the following so that we may take a closer look at your installation for troubleshooting: NOTE: The tools and the information obtained are safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Download the Malwarebytes Support Tool In your Downloads folder, open the mb-support-x.x.x.xxx.exe file In the User Account Control pop-up window, click Yes to continue the installation Run the MBST Support Tool In the left navigation pane of the Malwarebytes Support Tool, click Advanced In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine A zip file named mbst-grab-results.zip will be saved to your desktop, please upload that file on your next reply Thank you Link to post Share on other sites More sharing options...
David H. Lipman Posted September 23, 2022 ID:1535112 Share Posted September 23, 2022 Thank you @AdvancedSetup Link to post Share on other sites More sharing options...
SomervilleTom Posted September 23, 2022 Author ID:1535114 Share Posted September 23, 2022 Attached please find "mbst-grab-results.zip". I appreciate your attention. mbst-grab-results.zip Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted September 23, 2022 Root Admin ID:1535117 Share Posted September 23, 2022 Let me send you a private message @SomervilleTom Link to post Share on other sites More sharing options...
Root Admin Solution AdvancedSetup Posted September 23, 2022 Root Admin Solution ID:1535141 Share Posted September 23, 2022 It looks like there was some type of unexpected failures with Google Chrome a few days ago. We were able to find and recover bookmarks. I'll go ahead and close this topic now Thank you everyone for the assistance Link to post Share on other sites More sharing options...
Recommended Posts