Tinstaafl
-
Posts
38 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Tinstaafl
-
-
It may be time for Malwarebytes to take down this page ... seems a bit silly now ...
"MAKES ANTIVIRUS OBSOLETE"
-
I have been following AV-Comparatives test reports for years. They have several distinctive tests, from the file detection test, the real world detection test, malware cleanup, performance, retroactive, etc. Very interesting stuff ...
I have also been a fan of Malwarebytes for many years.
I think the direction that Malwarebytes are currently taking as far as malware detection reflects well the direction that malware has taken in recent years. I believe that the real world test at AV-Comparatives would reflect that the majority of exploits are web based now, and Malwarebytes is well positioned to contain those threats.
At the same time, I feel it would be negligent to ignore the so called "flat file, dormant code" that malware can be distributed as. A prudent PC user should keep a signature based file scanner running as a baseline detection scheme, along with layered defenses that are signatureless and behavior detection oriented. The files that we download, the email attachments we save, all could contain dormant malware code. Why should we wait until this executes to deal with the threat? Better to scan the files and quarantine the known threats, at least!
-
Try this. Install Malwarebytes 3.0 as a trial, then turn turn off the trial. Malwarebytes 3.0 then reverts to the free edition without premium protection. Install MBAE free from a previous installer for real-time browser exploit protection.
-
This does sound strange, and I have installed and uninstalled MBAE several times without any adverse effects.
However if this was me I would just restore my system from a backup disk image that I took before making any major changes to my system. Trying to figure out what may have happened would not be a very productive use of time.
If any recent image was not available, the second best thing would be to use Windows 7 System Restore. You mentioned that the problem persisted after doing a restore. You may need to either go back to an earlier restore point, if available, or undo the restore point that you used and reboot. Then continue with the method below.
After highlighting the chosen restore point in the list, Look for the button "Scan for affected programs" and click on that.
You will get two lists. 1-Programs and drivers that will be deleted, and 2- Programs and drivers that might be restored. The message there states that the items in the 2nd list may not be restored correctly and may need to be reinstalled.
I recommend taking a close look at this 2nd list and reinstalling everything in it if necessary.
Good luck!
Reference: http://www.howtogeek.com/howto/11238/using-system-restore-to-recover-your-windows-7-computer/
-
Just wanted to add that I am running MBAE Free, version 1.08.1.1044, on Windows 7 Professional SP1, 32-bit. Have been running 1044 trouble free, even with RET-ROP detection enabled. No false detections yet on any of my browsers, Chrome 46, Firefox 42, and IE11.
Only ended up here because I was trying to figure out why 1045 was being pushed (prompted to update today) and what it fixed.
Ran a google search on RET-ROP, and now I think I will keep this feature enabled!!!
Is there any other benefit to updating to 1045 besides just unchecking this troublesome detection?
-
As I stated above...
After a reboot (Windows 7) all is well.
A reboot was all that was needed to fix the issue. No re-install of MBAE was necessary.
-
Greetings!
I just updated to Firefox 40, which was released today, and discovered that the MBAE protection was not activating ( logs & traybar notifications) when the browser was started. It was working fine earlier this morning with Firefox 39.
After a reboot (Windows 7) all is well.
-
Good to know, thanks!
And thanks to your team for a great product ... hated to think I might have to run without for a while ... especially with all those hacking team zero-days in the wild...
Also use MBAM scans weekly :-)
-
Hmmm... well now I cannot get it to crash again on 1011. Maybe it was content related and something updated the page element that was creating the crash. Hard to tell, there are like nearly 100 articles on that Verge home page, so I have no idea what might have changed.
But it definitley did crash on 1011 earlier. Like I said, it was a rare thing that occasionally caused a crash, and just so happened to do it consistently on this one site today so I dug into the details of the Mozilla crash log.
If I can find another site that causes same error, I will try the 1014, which I assume is "beta"?
Thanks again!
-
Thanks... I noticed that 1011 was available after my previous post. Have already tried it, with the same result, same crash error: mbae.dll; EXCEPTION_STACK_BUFFER_OVERRUN
-
Update: have uninstalled, rebooted, and re-installed MBAE 1.07 and still getting the same crash in Firefox, normal or safe mode.
In Tools; Advanced; have disabled: "Use Hardware Acceleration".
In about:config I have also disabled this option: "layers.offmainthreadcomposition.enabled"
This crash is limited to just one known website at this time, otherwise Firefox is performing well. No problems with Chrome 43 or Internet Explorer 11.
Additional crash output from the Firefox crash dialog:
Problem Event Name: APPCRASH
Application Name: plugin-container.exe
Application Version: 39.0.0.5659
Application Timestamp: 55934d06
Fault Module Name: mozalloc.dll
Fault Module Version: 39.0.0.5659
Fault Module Timestamp: 55933a83
Exception Code: 80000003
Exception Offset: 00001aa1
OS Version: 6.1.7601.2.1.0.256.48
Locale ID: 1033
Additional Information 1: 0a9e
Additional Information 2: 0a9e372d3b4ad19135b953a78882e789
Additional Information 3: 0a9e
Additional Information 4: 0a9e372d3b4ad19135b953a78882e789
-
Firefox Crashing thread: mbae.dll; EXCEPTION_STACK_BUFFER_OVERRUN; signature: mbae.dll@0x423d
I have been troubleshooting an ongoing crash problem with Firefox 39.0 on Windows 7 SP1 32-bit. It only seems to crash certain web sites,
mostly the more modern ones such as Flipboard.com, qz.com, or theverge.com. Not having any problems with Chrome, but Firefox is my
preferred browser on Windows ...
Today I was able to reproduce the error consistently both in Firefox Safe Mode (no addons, graphic acceleration disabled), as well as
normal mode when going to www.theverge.com.
I submitted a crash report to Mozilla at: https://crash-stats.mozilla.com/report/index/58590532-24de-468b-bdef-a951e2150722#frames
I was surprised to see that the crashing thread was mbae.dll.
I disabled my MBAE protection and the website worked ok in Firefox, no more crashes. Re-enabled MBAE protection and the crashes started
again, just like flipping a switch on/off.
I could not find any related threads. MBAE has not indicated any errors, and seems to be running just fine.
Malwarebytes Anti-Exploit version: 1.07.1.1010
Firefox 39.0
Avira Free 2015
Windows 7 SP-1 32-bit Pro
Intel Core i3-3240
4 GB ram
Intel HD graphics 2500
First AV Comparatives test for MBAM v3
in Malwarebytes for Windows Support Forum
Posted
Then I suggest that you actually visit the site and learn what is going on there, rather than making unsupported claims. They have a test section devoted to "Real-World Protection Tests". The March 2017 test results are posted here: https://www.av-comparatives.org/dynamic-tests/
"This section contains full product long-term dynamic test reports. These tests evaluate the suites “real-world” protection capabilities with default settings (incl. on-execution protection features). It is our aim to do these tests rigorously. Due to that, these tests are time and resource expensive, so only products chosen for the yearly main test-series are included."
The March 2017 test report states: "The results are based on the test set of 329 live test cases (malicious URLs found in the field), consisting of working exploits (i.e. drive-by downloads) and URLs pointing directly to malware. Thus exactly the same infection vectors are used as a typical user would experience in everyday life. The test-cases used cover a wide range of current malicious sites and provide insights into the protection given by the various products (using all their protection features) while surfing the web."