Jump to content

analyzer

Members
  • Content Count

    3
  • Joined

  • Last visited

Community Reputation

0 Neutral

About analyzer

  • Rank
    New Member
  1. Application with error- Application Error cat 100 Event ID 1000 - assetion failure C++ on asserts, windows firewall notification could not be delivered in time, mbae.exe, version 0.9.2.1200 time stamp 0x51c4e00a, module MSVCR100D.dll, version 10.0.30.319.1 process.id 0x119c1 following an Audit Failure in Microsoft_Windows_Security_Auditing cat. 1229 EventID 5032 record length 156. Just wanted to report the interaction with windows firewall notifications in this way caused mbae,exe to close down and a new session had to be started manually. Analyzed the incident following reports from MyEventvi
  2. The application executable mbae.exe had to be closed and started anew, because of this error. I give the according details windows event viewer logs came up with. See attached error.txt
  3. I have some questions about code used with exploit shield. KeStackAccesProcess has a strange kernel-mode bug, that should be addressed. Some PoSIX functions are deprecated and the use of other functions are being advised, for instance the use of wscat etc.. This should be addressed by the developing team as well. Strong security code however is the use of ZwQueryInformationProcess API, available in NTDLL.dll depending on the undocumented function. There is also a debug proposition with link to test given. In the hope this advances the further deveopment of the code used. For all this see attac
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.