p060477 Posted September 2, 2023 ID:1586677 Share Posted September 2, 2023 same big issue to me...: Malwarebytes www.malwarebytes.com -Dettagli log- Data evento di protezione: 02/09/23 Ora evento di protezione: 21:38 File di log: 4097964e-49c8-11ee-b7dd-74d435bb1f97.json -Informazioni software- Versione: 4.6.1.280 Versione componenti: 1.0.2117 Aggiorna versione pacchetto: 1.0.74775 Licenza: Premium -Informazioni sistema- SO: Windows 10 (Build 19045.3324) CPU: x64 File system: NTFS Utente: System -Dettagli exploit- File: 0 (Nessun elemento nocivo rilevato) Exploit: 1 Exploit.PayloadProcessBlock, C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\cmd.exe \S \D \c type da.txt, Bloccato, 701, 392684, 0.0.0, , -Dati exploit- Applicazione interessata: cmd Livello di protezione: Application Behavior Protection Tecnica di protezione: Exploit payload process blocked Nome file: C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\cmd.exe \S \D \c type da.txt URL: (end) this is a real bug...how to solve it...??.... Link to post Share on other sites More sharing options...
p060477 Posted September 3, 2023 Author ID:1586786 Share Posted September 3, 2023 this is a very big BUG issue for MB...isn't it...??... :( Link to post Share on other sites More sharing options...
Porthos Posted September 3, 2023 ID:1586788 Share Posted September 3, 2023 My unofficial opinion, this is not a bug it is intended. The way malware is currently exploiting CMD and Powershell, the aggressive protection is needed to protect users. You are always free to disable exploit protection when you are doing a trusted activity. Link to post Share on other sites More sharing options...
p060477 Posted September 5, 2023 Author ID:1587154 Share Posted September 5, 2023 it was definetively a BUG cause with new malwarebytes definition updates the issue disappeared.... so it was a real -false positive MB Bug issue-.... :( Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted September 5, 2023 Root Admin ID:1587208 Share Posted September 5, 2023 Just for clarification. An FP is not considered a program bug. It is a rule that either misses or detects inaccurately Thank you Link to post Share on other sites More sharing options...
Staff Arthi Posted September 5, 2023 Staff ID:1587336 Share Posted September 5, 2023 Hi, Thanks for posting. The hourly definition updates are not for the exploit protection module. Exploit protection module updates are more at a "once a month" cadence, sometimes even longer. It is a coincidence that the blocks disappeared with the def update. I would like to take a deeper look at your logs to figure out what causes this FP. Can you please Turn on "Even log data" toggle Refer the below screenshot: Reproduce the block and then grab the below files: Please get us the following two files C:\ProgramData\Malwarebytes\MBAMService\logs\mbae-default.log C:\ProgramData\Malwarebytes\MBAMService\logs\MBAMSERVICE.log Link to post Share on other sites More sharing options...
p060477 Posted September 6, 2023 Author ID:1587428 Share Posted September 6, 2023 the BUG issue is coming back...: Malwarebytes www.malwarebytes.com -Dettagli log- Data evento di protezione: 06/09/23 Ora evento di protezione: 10:40 File di log: 05585836-4c91-11ee-a664-74d435bb1f97.json -Informazioni software- Versione: 4.6.1.280 Versione componenti: 1.0.2117 Aggiorna versione pacchetto: 1.0.74897 Licenza: Premium -Informazioni sistema- SO: Windows 10 (Build 19045.3324) CPU: x64 File system: NTFS Utente: System -Dettagli exploit- File: 0 (Nessun elemento nocivo rilevato) Exploit: 0 (Nessun elemento nocivo rilevato) (end) this is a real NIGHTMARE.....pls FIX it for heaven sake.... Link to post Share on other sites More sharing options...
Porthos Posted September 6, 2023 ID:1587439 Share Posted September 6, 2023 @p060477 This is your topic. Please post the requested info here and stop posting on the other topics. Link to post Share on other sites More sharing options...
Staff Arthi Posted September 6, 2023 Staff ID:1587616 Share Posted September 6, 2023 Hi p060477, I have sent you a DM. Please check. Thanks. Link to post Share on other sites More sharing options...
p060477 Posted September 7, 2023 Author ID:1587777 Share Posted September 7, 2023 On 9/5/2023 at 8:36 PM, Arthi said: Hi, Thanks for posting. The hourly definition updates are not for the exploit protection module. Exploit protection module updates are more at a "once a month" cadence, sometimes even longer. It is a coincidence that the blocks disappeared with the def update. I would like to take a deeper look at your logs to figure out what causes this FP. Can you please Turn on "Even log data" toggle Refer the below screenshot: Reproduce the block and then grab the below files: Please get us the following two files C:\ProgramData\Malwarebytes\MBAMService\logs\mbae-default.log C:\ProgramData\Malwarebytes\MBAMService\logs\MBAMSERVICE.log hi, just turned on, also if it is clearly written : not recommended.... anyway now the issue has disappeared again.... it comes in and out randomly.... it really seems a joke...a very ugly and very upsetting one.... :( Link to post Share on other sites More sharing options...
p060477 Posted September 14, 2023 Author ID:1588915 Share Posted September 14, 2023 @Arthi hi, first thxs so much could you pls so very kind to write here when it will : "The fix will be rolled out into this product in the next few weeks ".... i ask if you ,when it will be done , make an advice writing it here. thxs again cheers Link to post Share on other sites More sharing options...
p060477 Posted September 15, 2023 Author ID:1589203 Share Posted September 15, 2023 Hi, issue comes again...this is a real nightmare.... i just sent the files Arthi asked directly to @Arthi pls solve this BUG thxs cheers Link to post Share on other sites More sharing options...
Staff Arthi Posted September 15, 2023 Staff ID:1589217 Share Posted September 15, 2023 Hi, Thank you to everyone who reported this issue and worked with us in providing logs, etc. We have now fixed this issue and it is going through internal testing. If everything goes well, we should be releasing the fix in the next 2 weeks or so. Please bear with us. Thank you. Link to post Share on other sites More sharing options...
p060477 Posted September 17, 2023 Author ID:1589479 Share Posted September 17, 2023 we are very very upset weeks in digital era are a to huge quantity of timre.... and what about the data logs you asked...?? they are more then 13mb of data...text data...so a very huge quantity... what you do with our so personal data...?? what about our privacy pls reply clearly and stop simply cancelling posts you dislike... thxs Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted September 18, 2023 Root Admin ID:1589744 Share Posted September 18, 2023 (edited) Good day @p060477 I'm sorry to hear that you're upset, but without being able to duplicate on our own we do need logs in order to attempt to track down the root cause. Then work on a solution to correct the issue without possibly causing other unexpected issues. In the future if you do not wish to provide logs for any type of issue, that's perfectly fine. Submitting logs is voluntary. I'm sure there are others that may be willing to provide logs. There is not a day that goes by that Microsoft does not automatically collect data from all Windows systems as they need it to help improve their products too. The complexity of software today is completely different than it was just a few short years ago and quick fixes are not always possible. In some cases there can be hundreds of thousands of lines of code or in more complex software there can be millions of lines of code and it only takes one or two characters to be written wrong to possibly cause issues. Finding and correcting that, can be like finding the proverbial needle in a haystack some times. Other times one can quickly spot what is going wrong in the code and you can work on a better solution pretty quickly. Thank you Edited September 18, 2023 by AdvancedSetup Updated information 2 Link to post Share on other sites More sharing options...
Porthos Posted September 28, 2023 ID:1592070 Share Posted September 28, 2023 The beta that was released today has the anti-exploit fix included. You may get the beta by enabling BETA updates and checking for updates. This is the version with the fix. 2 Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now