CloaknDagr

Members
  • Content count

    6
  • Joined

  • Last visited

About CloaknDagr

  • Rank
    New Member
  1. That is one heck of a good idea, beings as this Beta is throwing so many false positives. It should at least be an option in "Settings" of some sort. I can understand, with the devastating effect of Ransomware, why someone might not want to delay blocking it -- but for the purposes of this Beta it is essential. MBAR is just blocking AND quarantining too many legitimate programs. Clearing a false positive requires a reboot and at least on my system that's a serious issue. I know we're testing a beta and should not be using it on a "live" system in a production environment, but without real-world use the Beta will never get enough testing to move on to a stable release. If MBAM/MBAR wants a good Beta test they need to allow us to clear false positives BEFORE a reboot and before a quarantine action occurs.
  2. Here's the files you asked for, plus a screen shot of what I've had to exclude so far.logs.zipMalwarebytes Anti-Ransomware.zip
  3. That issue was prior to the release of 0.9.14.361. When the previous version expired I updated to 0.9.14.361 but I'm still getting false positives on Media Browser (EMBY) files with the newer version.
  4. Since filing the above false positive MBAM AR has also quarantined and broken TWO MORE MEDIA PROGRAMS. It doesn't seem to like media programs for some reason. Those two were the installation file for Kodi (XBMC) and ServerWMC which is a PVR back end. Being as it's been days since I reported the first false positive and no one appears to have replied to this issue so far, I can't be bothered to upload files for people who can't be bothered to check their forums for Beta issue reports. I've disabled MBAM AR on the test system. It's too unreliable to use in its current release.
  5. MBAM Anti-Ransomware false positive report. The beta broke my Media server program, which is called "Emby", presumably an alliteration of "MB" for Media Browser. Attached are the files you asked for when reporting a false positive. I have used this MediaBrowser.ServerApplication.exe or it's predecessors for many years. While it is possible the servers that the program comes from are compromised with ransomware, I do not think it's likely. So please check this out and advise. Thanks logs.zip Malwarebytes Anti-Ransomware.zip MediaBrowser.ServerApplication.zip
  6. This is weird, bear with me while I explain. I love website blocking, I use it all the time. When I have website blocking on but I do not have Mozilla Firefox running I get a lot of lag in the system, mouse stutters and jumps, and general degradation of performance. When I launch Firefox it all goes away and everything runs normal. This does not happen with any browser but Firefox. If I have IE or Chrome running but no Firefox I get the performace hit. If I have them all running, no performance hit. If I shut them all down except Firefox no performance hit. If I shut down Firefox the degradation comes back immediately. When website blocking is active Core 0 of my 8350 Vishera octo-core is pegged at 100%. The other 7 cores operate normally. Core 0 (the first core) stays pegged at 100% no matter if a browser is running or not. Performance does not seem to be degraded noticably as long as Firefox is running even though Core 0 is maxed out. When I disable website blocking all the performance issues disappear and the system runs exactly as it should. With website blocking disabled Core 0 goes back to a normal, variable state and is no longer pegged at 100%. Another strange aspect is that nothing of MBAM or it's website blocking module shows up in Task Manager as using a lot of clock cycles. So it was a real pain to isolate the culprit and determine where the problem was coming from. With everything off (browsers and any other programs) and the computer idling Task Manager would show the system at 99% free with nothing spiking any processor clock cycles at all. Yet Core 0 would be pegged at 100% and the laggy performance degradation would still be occurring until Mozilla was launched. Then Core 0 would still be pegged but everything seemed to work as it should. It's like the website blocking module is looking for a browser to work against and not finding one it loops hard. But again, ONLY with Firefox, starting any other browser had no effect one way or the other. The system is running an ASUS Sabertooth 900FX motherboard, an AMD 8350 eight core processor and 16 GB of RAM. So it's got plenty of available resources. The OS is Win7 x64. I'm using CoreTemp and the CoreTemp desktop gadget to monitor the processor state and temperatures. I just turn off website blocking when I don't have Firefox running and turn it back on when I use any browser but I have to launch Firefox as well as whatever other browser I want to use if I want website blocking active. Usually I don't bother because I don't surf with anything but Firefox due to add-ons like ABP and No-Script. I use the other browsers for HTML controlled local nodes like routers, firewalls, cameras, etc. so they're not really a threat. It's not a big deal and as soon as I close Firefox the lag reminds me to disable website blocking. It's an easy workaround and I'm not complaining- I'm describing the situation to you to help you diagnose these lag issues that website blocking seems to be causing. If my efforts aren't helpful then feel free to ignore them.