Jump to content

pbust

Staff
  • Content Count

    3,372
  • Joined

  • Last visited

Posts posted by pbust


  1. The VLC update alert is expected as it performs upgrades in similar manner as how exploits work. We are working to improve this in a generic manner.

    However if you replicate it you should be able to choose the block event from the LOG tab and choose "Exclude" to exclude it from further blocks. Then you will be able to run the update again and it will work ok.


  2. That's weird.... we will have to try to replicate it.

     

    Just to verify, I know this is a basic question, but can you check this is not part of Win7's automatic traybar icon hiding feature? Click on the doble-up arrows on the traybar and see if it shows up on the balloon with the rest of hidden icons.


  3. I've seen this occur without a restart and without explorer.exe crashing. I've also seen it with previous betas of ExploitShield.

    You mean as in it is there in the traybar and then suddenly disappears? The restart and explorer.exe crash are just two examples. There are other situations where it might happen, such as switching user sessions.


  4. The issue is that it will not let me open the program itself, I do not have firefox or chrome installed on this box.... but so far it happens with IE10 and Opera on this computer.  I can install firefox to test if you like me to.... (not a fan of firefox to be honest)

    Your sig banner threw me off there re: firefox fan ;)

     

    We are preparing a new 0.9.2.1100 release which we think will fix this issue. Please stay tuned for updated news on this release in the next few days.


  5. The exclusion system is working correctly. To see how it works try to upgrade an older version of VLC for example. This should set off a false positive. Then from the LOG tab you can see the block event, select it, and choose "Exclude". After that you should be able to upgrade the older VLC without a false positive.

     

    In regards to the Add Exclusion button to manually add files to the exclusion list, this is something we will take out completely until the new GUI is finished.


  6. Btw, when explorer.exe is killed by some reason and restarted the program icon is no longer shown in the system tray (the process is still running in the background).

     

    Yes this is known issue. In the future as we develop the GUI and service from scratch this should be fixed. For now its just an annoying bug. You can kill the process and run it again to recover the traybar icon.


  7. Plays well with others?

    (I run KIS on my 3 rigs, and KL products can be a bit finicky about other real-time security apps.)

    In the vast majority of the cases it should play well with others. We've done some testing over the last year and only found incompatibilities with Webroot, Comodo and Trusteer. The Webroot and Trusteer issues were fixed and Comodo issue still remains if I'm not mistaken. If you find other incompatibilities please let us know so we can get them fixed!


  8. I have mixed emotions about this being integrated into MBAM Pro, but I understand why. It would be great if there was a standalone version even after it is integrated as the amount of computers that are made vulnerable by Java, Adobe Reader, flash, shockwave etc

     

    Sorry I should have been clearer in my response above. When I said integrating into Malwarebytes GUI I meant as a stand-alone "Malwarebytes Anti-Exploit" application with Malwarebytes look-and-feel, not integrating into MBAM (at least not for the short or mid term).


  9. Thanks for the welcome Marcin!

     

    @salmon, the technology is based on the concept of application shielding. It monitors the behaviour of certain applications (Internet Explorer, Firefox, Chrome, MS Office, Adobe Reader, Java, etc.) and prevents the successful exploitation of vulnerabilities by detecting exploit-like behaviour. The product itself provides real-time protection and it's not required to run any type of manual scans... simply install and forget.

     

    Since it does not rely on blacklisting it does not need to be updated with new signatures. New versions will be released in the future but a simple uninstall/install will suffice for now to upgrade to the newer versions (which don't happen that often). In the future when we integrate with Malwarebytes GUI and advanced features one of the things we need to look at is hot upgrading to new versions.

     

    During beta we've made the full version available for free. Once out of beta it will follow the same approach as MBAM Pro.

     

    I hope this helps clarify things a bit.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.