Jump to content

Pharaohs

Members
  • Content Count

    5
  • Joined

  • Last visited

About Pharaohs

  • Rank
    New Member
  1. Thanks shadowwar, In general, is there a best practice for configuring MBAM to work with Steam? I would imagine a significant percentage of MBAM customers use that software but I'm having trouble finding data on it (particularly for MBAM 3+). Steam does use a Chromium build as it's web browser overlay while running games or watching media - and it's a full fledged browser without extension support -- so vulnerable to Javascript Exploits, etc. It's tricky tho because it also has Anti-Cheating mechanisms that may or may not work with MBAM's hooks. It also constantly installs Visual Studio Redistribs and DirectX so that might be False-Positive hell. Any ideas? Or could you point me in a good direction where this has been discussed?
  2. I'll get the logs but here are the files in question. Note: scanning didn't turn up anything only upon executing it for it's initial launch does it trigger a Generic Exploit alert. (Which is why I was wondering if I should change or remove the steam protection in mbam - due to its nature of installing DirectX and Microsoft Redistribs) EDIT: The file's too large, going to PM it to you.
  3. Okay thanks for moving it. I'm still having the issue and have ran the MB-CLEAN utility and reconfigured MBAM - exploit still found while installing Nier Automata D:
  4. I'm not sure I follow. Was I not clear in my original post? Are you saying it is a false positive and I should create an exclusion (even tho it won't work due to a bug)? I'd basically like to know if I had steam + steam components configured correctly in MBAM application settings AND/OR if the exploit warning is anything to worry about...
  5. Hello, For starters I wanted to know if it's advisable to add the steam.exe and steamwebhelper.exe to the list of protected applications in MBAM Premium real-time protection list. I did just that and added steam as a "media player" (??) and steamwebhelper.exe as a Chromium based browser. Last night I purchased Nier: Automata and upon executing it for the first time (triggering its install process) MBAM blocked the nierautomata.exe saying it was a generic exploit agent. Subsequent attempts after verifying the game's integrity reproduces the same behavior. Most importantly I would like to know if adding STEAM and STEAMWEBHELPER to the protected applications list, as I have, is recommended -- or should I change the program type from MEDIA PLAYER to OTHER? If not a config issue then perhaps I'm just reporting a false positive. (I hope) How should I proceed? Here are the two relevant log notes: -Software Information- Version: 3.2.2.2029 Components Version: 1.0.188 Update Package Version: 1.0.2903 License: Premium -System Information- OS: Windows 10 (Build 15063.632) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, [0], [392684],0.0.0 -Exploit Data- Affected Application: steam Protection Layer: Application Behavior Protection Protection Technique: Exploit payload file blocked File Name: D:\Games\SteamLibrary\steamapps\common\NieRAutomata\NieRAutomata.exe URL: -Software Information- Version: 3.2.2.2029 Components Version: 1.0.188 Update Package Version: 1.0.2903 License: Premium -System Information- OS: Windows 10 (Build 15063.632) CPU: x64 File System: NTFS User: System -Exploit Details- File: 1 Malware.Exploit.Agent.Generic, D:\Games\SteamLibrary\steamapps\common\NieRAutomata\NieRAutomata.exe, Quarantined, [0], [392684],0.0.0 Exploit: 0 (No malicious items detected)
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.