Jump to content


  • Content Count

  • Joined

  • Last visited

About pal1000

  • Rank
    Regular Member
  1. I installed this new beta and I noticed it still comes with Anti-exploit component from January 8 which is a bit dated considering standalone Anti-Exploit has been around since April 22 and there hasn't been any real issues and regressions reported with it according to anti-exploit beta thread. I personally used anti-exploit beta and MBAM at the same time despite not being a supported configuration as I have the necessary tech skill to avoid the startup race condition between Malwarebytes Service and Malwarebytes Anti-Exploit Service that can happen at boot time in this unsupported configuration.
  2. This issue actually started in Sorry for not reporting it sooner. I thought this was caused by MBAE becoming a bit more unforgiving after the new chromium based browsers protection with the clever tricks I am using in my project to spawn an elevated Command Prompt from a standard one passing a parameter in the process to "transfer" a variable in the elevated context if UAC prompt is accepted and keep the standard cmd open waiting for user action even after the elevated cmd finishes and it is closed. I use Powershell to accomplish all this. Elevated cmd spawn calls with a variable value as parameter https://github.com/pal1000/mesa-dist-win/blob/master/buildscript/modules/pythonpackages.cmd#L59 https://github.com/pal1000/mesa-dist-win/blob/master/buildscript/modules/pythonpackages.cmd#L71 Code that runs with admin rights: https://github.com/pal1000/mesa-dist-win/blob/master/buildscript/modules/pywin32.cmd It first receives the variable from the standard user context before proceeding any further.
  3. - manually allow the domain (and subdomain) listed in alert. I said manually because temporary and permanent allow links from alert are broken as well.
  4. Workarounds (pick at least one): - Install a stand-alone download manager (not a browser extension) and activate its browser integration for Firefox. It works on most cases. One obvious limitation is downloads from popup windows (ex: Windows update catalog), those may still fail. You can overcome even that if you activate Context menu element for the download manager integration extension and use it for downloads from popups. I personally use Free Download Manager v5 and it has all these features. - disable Malware/Scams protection on webpage with the download. DO NOT re-enable until the downloaded file is already launched otherwise Malwarebytes extension deletes it on completion. This also is unable to prevent blocking downloads from popups,
  5. No more crashes with with Firefox 59.0.1 x64 on Windows 10 1709, It also fixed a false positive with JPCSP running under JRE 10 with Malicious outbound shell protection enabled.
  6. This Firefox crashes uptick has been noticed at Mozilla's end as well. Someone opened this bug report: https://bugzilla.mozilla.org/show_bug.cgi?id=1444019
  7. This doesn't seem to be an issue anymore. Tested with v3.2.2.2029 CU 1.0.212. I compiled a few small projects and 2 very large ones with no issues. Validated everything with Process Explorer.
  8. Fixing this is very tricky if not outright impossible or very risky. Context (e.g. how Windows behave on shutdown when Fast startup is enabled): - Kernel space memory is hibernated; - Only user-mode memory content is discarded. Other facts - Windows services run in kernel mode; - Malwarebytes Anti-Malware is a Windows service. From these 4 facts results Malwarebytes Anti-Malware thinks a fast startup is the same thing as a resume from hibernation. Issue fixing requirements: - Malwarebytes Anti-Malware should distinguish between fast startup and hibernation; The big dilemma is how. For kernel mode code these 2 events are intended to be indistinguishable. - It should honor the "Not Start with Windows" setting for fast startup but not for hibernation.
  9. Sorry for posting an invalid issue. This doesn't seem to happen 100% of the time. Apparently, I didn't test this without Anti-Exploit long enough.to witness it happening even without Anti-Exploit protection.
  10. Steps to reproduce: - Using either MBAE 1.10 beta or MBAM 3.2 beta, enable all mitigations in Advanced Settings; Don't know if MBAM 3.1.2 is affected. - Update Firefox to 55.0 if it's not already; - Visit any website then press the home button. Only the address bar gets updated, the web page you where on remains on display until you visit other website or mash the home button a few times. This doesn't happen with default settings and it doesn't happen at all with Firefox 54.0.1. I am running Windows 10 Version 1703 (15063.502). Attached a video with issue in action. 2017-08-08 18-30-41.mov
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.