sman

I also had problems with Slimjet not starting (though MBAE signalling starting protection) and after many unsuccessful attempts, uninstall/reinstall, reverting to old versions, finally with a full uninstall (removing all traces) and reinstall did the trick.. further, if one were to change Boot option (Media boot, Safe mode etc.) - not all the time, but can say 80% of the time, this disturbs MBAE, with services not running, no UI and only MBAE.exe running. Then have to try variations to get MBAE back..

If one can come out of dependancy on Windows and it's resource hogg, and embrace "Live-CD", will see a sea of change to computing and Online Security.. Find usage to even outdated/old hardware, to make the best use/lifetime of hardware on hand.. All forms of crypto threats a thing of the past.. I see Home users to benefit the most of this "Live-CD" approach...

Kudos and Great work, @pbust and Malwarebytes team on 1.08 release. Another step towards a hacker free world and all the credit to Malwarebytes..

More on erratic behavior - - Open say FF at 12.00 hrs, MBAE UI icon comes out of hiding from Systray but no balloon alert of protection - Close browsing session by 12.10 hrs - at 12.15 hrs get balloon alert that FF is being protected (15 mts after opening and long after closing of browser) - UI log shows protection as from 12.00 hrs.. Have no idea, why this happens?..

So, only mbae.exe to be killed to re-run MBAE and get UI.. Tks. @pbust..

I will also have to kill all protected apps (due to stopping protection for re-run).. Tks @pbust..

So, if UI goes, need to either do a over the top reinstall (after killing all protected apps) or do a reboot, to get UI back in action, to keep track of MBAE's activity.. Tks..

Yes @pbust, it's true that protection will remain, but sans UI alerts/logs essential to act upon it.. On RPC failure, I'm all at sea as to what is causing it, some suggest it could be some shell call or so, but not sure.. Now, w/o UI in place, will I still be alerted of any threat blocking/any action by MBAE??.. Tks..

Of late, when at times try to access Right click context menu in start, taskbar hangs and then get "remote procedure call failed" error, followed by disapperaing of some of the systray icons (MBAE amongst them).. Though all MBAE services r running, the absence of UI then is akin to working in the dark with a false sense of security (as any action/threats will no longer be alerted or logged).. This then , forces one to reboot, to get the UI back.. Being very much integral to MBAE working, UI's functioning is a cause of concern...

For the past 3-4 boots, no alert/logs for startup item - Eagleget, download manager, though it is OK in process explorer (mbae.dll).. it was OK in all old builds and is unique only to 1044.. Alerts/logs r OK for other apps launched/run subsequently (though at times the alert is even delayed by 5 mts, from log time).. To quote, open browser, do a quick browse, close and sometime after browser is closed, get alert that the browser is protected (when it is no longer running and log shows protection had started much earlier abt . 5 mts before balloon/alert).. So, though protection is OK, it is the UI which is erratic..

Whwn in doubt, I do check up with Process explorer, to calm myself. Nowadays I rarely use Chrome and more of Slimjet which is fast (than all other browsers).. So, if irritants r due to many upgrades, will a uninstall and reinstall to latest put an end to it? Tks..

Actually it wasn't a multi-upgrade, since on boot-up found mbae.exe only riunning (no icon in systray, no run of mbae64,exe, mbae-svc.exe).. So killed mbae.exe and went for over the top to go back to 1043, during installation was alerted abt incomplete prev. activity and for RESTARTing windows (akin to alert for multi-grade in same session), which was really puzzling and did the re-start of windows, which surprisingly brought up 1044 running.. Don't know what caused the hiccup? Must say, after this 1044 upgrade, icon disapperaing from systray, protection logs/alerts skipping instances r on the rise and a bit of concern.

There seems to be problem with 1044.. Services did not start in an earlier boot and after several unsucessful re-boot, tried again the 1043 over the top, which alerted for a restart, which came up with 1044 running again.. Something strange..

No help.. Ignore

Here, this may help .. http://www.tenforums.com/tutorials/5662-notification-area-icons-reset-windows-10-a.html

Notifications is unique to Win 10 and I have many uninstalled apps still showing/listed in Notification setting.. So, just relax..

Struggle is an understatement to 1044.. Many over the tops, forced reboots, uninstall/reinstall, msconfig, restart, fine tuning of AV all to no effect.. When giving up and tried to go back for 1043 over the top, install gave error for a forced restart and this finally settled it.. Unsure, whether today's Win 10 update, just after 1044 was setup, has anything to do with the Struggle to 1044.. However other problems remain viz., disapperaing UI at times (only reboot bringing it back), skipping protection alerts/logs (though it's ok in Process explorer), Teamviewer (teamviewer.exe) though shielded it's service at sartup Teamviwer_service is not covered (undecided whether need a separate shield for this too)..

Enable EPM in IE (turned off by default by Microsoft), "Protected Mode" in Adobe Reader and enhance exploit protection.

Concluding msg's with Quarri : - Quote It's not necessarily that they can't co-exist on the same system. It's just that MBAE is protecting the entire system, while Quarri will cut out it's own space on the system and protect only that space and what's done inside it. No other processes are allowed inside, including MBAE, unless allowed in the Quarri policy that can be tuned within the Quarri Management console. Tuning the policy, however, is not a feature offered to MyPOQ users. As far as what security product to use (for something like your online banking session), I would highly recommend Quarri as we provide a vast number of protections from data leakage. Regards, Eric Wells Quarri Technologies ----- Hello Eric Wells, As any user, I only understand that it is the question of whether IE requires Quarri & MBAE for exploit protection (prior to release of patches against vulnerabilities).. The question of conflicts in functionality may also warrant turning off the functionality that conflict (probably by Quarri) if they r to work alongside.. MBAE will anyhow be protecting/shielding other apps in its cover against exploits and is only prevented to cover IE by Quarri, So, it may go beyond white listing and if the IE session is under robust protection with Quarri in action, MBAE's protection may not be required. Pl. correct me if I'm wrong. Thanks.. -------------- That sounds correct. Is there anything else I can help you with? Would you like to be put in touch with a sales rep? Please let me know if this is resolved and we can close this support ticket. Regards, Eric Wells Quarri Technologies ---------- Thank you Eric Wells.. I think we have come to conclusions on the aspects of interest and may well may be treated as final & closed. Thanks once again. -------------- - Unquote

Fine with 1043 over the top..

The ROP gadget block alert keeps cropping (from the time of TRusteer installation), whenever IE11 is started and Home page opens up, nothing serios but casusing closing and recovery of the page. If there is anything else, will let know..

Fine with 1040 ober the top..

Quarri has replied to my further queries, - Quote To answer your follow up questions: 1. Yes, Quarri prevents from ANY attempt to inject into our space, regardless of whether it's from a legitimate source or not. We can allow processes into our sandbox via a "whitelisting" method built into the management of the program as well. This can be accomplished via several different methods. 2. We don't protect system software outside the sandboxed session. However, our keylogger defense does extend out of our protected session. We do have exploit mitigation within our protected space, but how it compares to EMET I am unsure of. However, we do a very good job at blocking 0days. 3. The only software that we actually protect are Microsoft Office products and Adobe Reader. Regards, Eric Wells Quarri Technologies Senior Client Services Engineer - Unquote On this, my questions to Quarri were, - Quote 1. Now, "Protect any attempt to inject into process space", does this mean that IE will be protected from all forms of exploit attempts, not only running process but also from any change to its executable associated files in storage? 2. Does Quarri have in-built EMET or other exploit mitigation functionality to protect process (software) against vulnerabilities? 3. What happens if other apps . programs are called during the session (say opening some mail attachment say word/excel doc, pdf, media files etc.). Are these processess also protected? - Unquote So, with Quarri also having exploit mitigation functionality, it would be conflicting with MBAE working.. So, probably, for online banking and related activity Quarri may be suited for with it's protection features. Tks..

The question is, whether MBAE & Quarri are doing the same funcrion in protecting IE from exploits, when Quarri says it will prevent any attempt to inject into the process space ie IE process? Pl. confirm..

This is the reply from Quarri.. - Quote Let me answer your questions below: Q: My problem is when IE11 launches as Protected session with Quarri Agent, MBAE is prevented from protecting the IE11 Browser against exploit threats, (which it does in normal IE11 run).. A: Quarri actively sandboxes an encrypted IE11 session and protects that session from anything attempting to inject into our process space, or even debugging it. If anything were to enter our process space, the protected browser would be forced to terminate and restart the session to a new clean session. Q: Now, is it possible to include some white list for MBAE protection cover also in Quarri Protected browser session? A: Yes, if you purchase our product you obtain the ability to define "policies" for running Quarri that allow you to whitelist software, and includes many other security controls/options. Hopefully this answers your questions. Let me know if you need any further assistance. Regards, Eric Wells Quarri Technologies Senior Client Services Engineer - Unquote Any views, please..