Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by Tinstaafl

  1. Then I suggest that you actually visit the site and learn what is going on there, rather than making unsupported claims. They have a test section devoted to "Real-World Protection Tests". The March 2017 test results are posted here: https://www.av-comparatives.org/dynamic-tests/ "This section contains full product long-term dynamic test reports. These tests evaluate the suites “real-world” protection capabilities with default settings (incl. on-execution protection features). It is our aim to do these tests rigorously. Due to that, these tests are time and resource expensive, so only products chosen for the yearly main test-series are included." The March 2017 test report states: "The results are based on the test set of 329 live test cases (malicious URLs found in the field), consisting of working exploits (i.e. drive-by downloads) and URLs pointing directly to malware. Thus exactly the same infection vectors are used as a typical user would experience in everyday life. The test-cases used cover a wide range of current malicious sites and provide insights into the protection given by the various products (using all their protection features) while surfing the web."
  2. It may be time for Malwarebytes to take down this page ... seems a bit silly now ... https://www.malwarebytes.com/ "MAKES ANTIVIRUS OBSOLETE"
  3. I have been following AV-Comparatives test reports for years. They have several distinctive tests, from the file detection test, the real world detection test, malware cleanup, performance, retroactive, etc. Very interesting stuff ... I have also been a fan of Malwarebytes for many years. I think the direction that Malwarebytes are currently taking as far as malware detection reflects well the direction that malware has taken in recent years. I believe that the real world test at AV-Comparatives would reflect that the majority of exploits are web based now, and Malwarebytes is well positioned to contain those threats. At the same time, I feel it would be negligent to ignore the so called "flat file, dormant code" that malware can be distributed as. A prudent PC user should keep a signature based file scanner running as a baseline detection scheme, along with layered defenses that are signatureless and behavior detection oriented. The files that we download, the email attachments we save, all could contain dormant malware code. Why should we wait until this executes to deal with the threat? Better to scan the files and quarantine the known threats, at least!
  4. Try this. Install Malwarebytes 3.0 as a trial, then turn turn off the trial. Malwarebytes 3.0 then reverts to the free edition without premium protection. Install MBAE free from a previous installer for real-time browser exploit protection.
  5. This does sound strange, and I have installed and uninstalled MBAE several times without any adverse effects. However if this was me I would just restore my system from a backup disk image that I took before making any major changes to my system. Trying to figure out what may have happened would not be a very productive use of time. If any recent image was not available, the second best thing would be to use Windows 7 System Restore. You mentioned that the problem persisted after doing a restore. You may need to either go back to an earlier restore point, if available, or undo the restore point that you used and reboot. Then continue with the method below. After highlighting the chosen restore point in the list, Look for the button "Scan for affected programs" and click on that. You will get two lists. 1-Programs and drivers that will be deleted, and 2- Programs and drivers that might be restored. The message there states that the items in the 2nd list may not be restored correctly and may need to be reinstalled. I recommend taking a close look at this 2nd list and reinstalling everything in it if necessary. Good luck! Reference: http://www.howtogeek.com/howto/11238/using-system-restore-to-recover-your-windows-7-computer/
  6. Just wanted to add that I am running MBAE Free, version, on Windows 7 Professional SP1, 32-bit. Have been running 1044 trouble free, even with RET-ROP detection enabled. No false detections yet on any of my browsers, Chrome 46, Firefox 42, and IE11. Only ended up here because I was trying to figure out why 1045 was being pushed (prompted to update today) and what it fixed. Ran a google search on RET-ROP, and now I think I will keep this feature enabled!!! Is there any other benefit to updating to 1045 besides just unchecking this troublesome detection?
  7. As I stated above... A reboot was all that was needed to fix the issue. No re-install of MBAE was necessary.
  8. Greetings! I just updated to Firefox 40, which was released today, and discovered that the MBAE protection was not activating ( logs & traybar notifications) when the browser was started. It was working fine earlier this morning with Firefox 39. After a reboot (Windows 7) all is well.
  9. Yup, this sounds like a question for Kafeine :-) http://www.sfgate.com/technology/article/Dark-Net-reveals-how-hackers-exploit-5585720.php
  10. I just saw another article referencing this study on HTML5 exploit obfuscation. I was wondering what Malwarebyte's Anti-Exploit detection ability is (or is planned to be) for this type of exploit? http://news.softpedia.com/news/html5-can-be-used-to-hide-malware-in-drive-by-download-attacks-486974.shtml "While all exploits were detected without using obfuscation, when researchers applied their HTML5-based techniques, both in 2013 and in 2015, very few to none antivirus engines were able to detect them." "All these techniques were successful against static and dynamic analysis detection engines."
  11. Good to know, thanks! And thanks to your team for a great product ... hated to think I might have to run without for a while ... especially with all those hacking team zero-days in the wild... Also use MBAM scans weekly :-)
  12. Hmmm... well now I cannot get it to crash again on 1011. Maybe it was content related and something updated the page element that was creating the crash. Hard to tell, there are like nearly 100 articles on that Verge home page, so I have no idea what might have changed. But it definitley did crash on 1011 earlier. Like I said, it was a rare thing that occasionally caused a crash, and just so happened to do it consistently on this one site today so I dug into the details of the Mozilla crash log. If I can find another site that causes same error, I will try the 1014, which I assume is "beta"? Thanks again!
  13. Thanks... I noticed that 1011 was available after my previous post. Have already tried it, with the same result, same crash error: mbae.dll; EXCEPTION_STACK_BUFFER_OVERRUN
  14. Update: have uninstalled, rebooted, and re-installed MBAE 1.07 and still getting the same crash in Firefox, normal or safe mode. In Tools; Advanced; have disabled: "Use Hardware Acceleration". In about:config I have also disabled this option: "layers.offmainthreadcomposition.enabled" This crash is limited to just one known website at this time, otherwise Firefox is performing well. No problems with Chrome 43 or Internet Explorer 11. Additional crash output from the Firefox crash dialog: Problem Event Name: APPCRASH Application Name: plugin-container.exe Application Version: Application Timestamp: 55934d06 Fault Module Name: mozalloc.dll Fault Module Version: Fault Module Timestamp: 55933a83 Exception Code: 80000003 Exception Offset: 00001aa1 OS Version: 6.1.7601. Locale ID: 1033 Additional Information 1: 0a9e Additional Information 2: 0a9e372d3b4ad19135b953a78882e789 Additional Information 3: 0a9e Additional Information 4: 0a9e372d3b4ad19135b953a78882e789
  15. Firefox Crashing thread: mbae.dll; EXCEPTION_STACK_BUFFER_OVERRUN; signature: mbae.dll@0x423d I have been troubleshooting an ongoing crash problem with Firefox 39.0 on Windows 7 SP1 32-bit. It only seems to crash certain web sites, mostly the more modern ones such as Flipboard.com, qz.com, or theverge.com. Not having any problems with Chrome, but Firefox is my preferred browser on Windows ... Today I was able to reproduce the error consistently both in Firefox Safe Mode (no addons, graphic acceleration disabled), as well as normal mode when going to www.theverge.com. I submitted a crash report to Mozilla at: https://crash-stats.mozilla.com/report/index/58590532-24de-468b-bdef-a951e2150722#frames I was surprised to see that the crashing thread was mbae.dll. I disabled my MBAE protection and the website worked ok in Firefox, no more crashes. Re-enabled MBAE protection and the crashes started again, just like flipping a switch on/off. I could not find any related threads. MBAE has not indicated any errors, and seems to be running just fine. Malwarebytes Anti-Exploit version: Firefox 39.0 Avira Free 2015 Windows 7 SP-1 32-bit Pro Intel Core i3-3240 4 GB ram Intel HD graphics 2500
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.