-
Posts
3,369 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by pbust
-
-
Welcome to the forum gaia.
Reboot and login as administrator. Then please follow the steps outlined here:
https://forums.malwarebytes.org/index.php?/topic/171634-anti-exploit-not-started-under-windows-10/
-
Welcome to the forum dirla.
It looks like a valid detection of an OS security bypass attempt (ROP gadget detected).
You probably encountered some malvertising while navigating a normal site. There is a lot of that going around nowadays. You can learn more about it in our blog:
-
Hi Scoutt,
there's a few answers to your question:
1- The user can only stop protection if they are an admin user. If they are running as a limited user account (LUA) they cannot stop it.
2- If you deploy MBAE from the Malwarebytes Management Console, even if the user stops MBAE, the Management Server will overrule it and turn it back on.
3- Yes we are working on adding more protection so that even admin users on the endpoint cannot stop it.
-
Hi Boyd,
Which model do you need?:
1- Install a Malwarebytes Server and deploy to all your machines through a centralized management console.
2- Just install on the Windows Server 2012 R2 to protect it (and maybe some other business computers).
(1) is recommended if you have more than 10 or 20 PCs and you want to manage them from a central console.
(2) is recommended if you have less than 10/20 machines and you don't mind installing on each manually one-by-one.
If you want to do (2), simply open the ZIP, go to the "Standalone" subdirectory and run the mbae-setup-1.08.2.1045.exe file. It will ask you for your license key during installation.
-
You are correct hake, no need for old-school methods like these. With MBAE you don't need to worry about allowing active content.
-
Hi Webbie1,
please provide MBAE logs and we'll be able to troubleshoot further. Instructions can be found in my signature.
Thanks!
-
We were able to replicate this problem.
We are working on a fix.
Thanks for reporting!
-
Turbo.net launcher is disabling the Chrome sandbox. This is insecure and not recommended.
-
AMP basically waits for the file to be known at VirusTotal and scanned by 50+ scanners before AMP can detect it.
Malwarebytes is the company proactively discovering the zero-days with an actual Research lab manned by reverse engineers and sending zero-minute malware to VirusTotal so that "VirusTotal query scanners" like AMP can catch up to us and don't lag too far behind.
Also AMP does not include any proactive technologies like Anti-Exploit or Anti-Ransomware.
If I had to rank AMP with all the endpoint products on the market, it would be towards the end next to ClamAV and other similar ones like that.
-
Sorry scoutt, been out for a while. Can we try again early next week?
-
Hi CeeMcGee,
You might want to contact us directly instead of CDW if you want a more expedited approach:
https://www.malwarebytes.org/business/breachremediation/
Thanks!
-
Moving this to Questions sub-forum since it's not supported by default.
-
It's an update that is applied automatically to all users. No fresh build needed.
-
Then you probably have system tray notifications disabled in general.
-
Hello and welcome to the forum.
Currently MBAE does not have this feature. We are working on it.
In the meantime you can check for your purchase confirmation email to see the validity of your license, or contact our Customer Service department to have someone look it up.
-
Thanks for reporting @sman. Fixed by whitelisting the VLC upgrade.
-
MBAE Free does not protect Word, only MBAE Premium.
-
It might be that Chrome.exe is already running in the background after you close the visible window. So after running it again you don't see the notification since it was already running and protected by MBAE. Test with other applications like Word, Acrobat, etc. to see if you see the notifications.
-
Hi Michael. Can you please attach your FRST logs?
Thanks!
-
This is prevented by MBAE Premium only.
The Office, PDF and other shields are only available in Premium.
-
Anytime!
I will close this thread as solved but feel free to create a new thread whenever you need.
-
Everything seems in order. Maybe due to some corruption of the data file.
Simply click the clear logs option in the UI and let me know if it happens again.
Thanks!
-
Beta5 solves this. Download and install beta5 from the forum announcement and reboot.
-
Welcome to the forum. This is weird. Probably due to a missed version upgrade as MBAE only keeps/upgrades the data format for one version prior to the last.
I think you forgot to attach the MBAE logs. Can you please try it again?
Thanks!
MBAE blocked exploit code. Nothing shows up on log
in Anti-Exploit Beta
Posted
It seems the malvertising in this case loaded from smart-ads.gr which in turn was loaded by enikos.gr or (less likely) frontpages.gr.
MBAE blocked the malvertising exploit from executing so you are safe.