Jump to content

Search the Community

Showing results for tags 'exploit'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






  1. I just purchased mbam 3 because I was getting malware everyday and it was hitting my browser (firefox) and my overdrive/libraries. I tried the trial ver and it started blocking viscous websites that are outbound from my windows/syswow64/regserv32 files plus others I can't catch because it moves to fast for me to memorize. it seems to work fine but it will not keep the exploit protection to stay on. I hit the button, it comes on then immediately goes back to off. I have run full scans to find the infected files with no luck. i have run defender and microsoft scan with no luck. i don't know if the infected files are stopping the exploit protection or if it the program itself. mb-check-results.zip Addition_04-06-2017 11.13.51.txt FRST_04-06-2017 11.13.51.txt
  2. Hi! A few days ago, when doing a Vulnerability scan with my Kaspersky IT security, I was warned multiple times by a critical vulnerability in Chrome impacting all versions BEFORE 58.0.3029.96. A step by step solution was not provided, just to update to the latest stable version. To quote their warning (one among many, because when I checked today, several warnings have been already removed but this one I could still find): "Update to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk." The whole description can be found under the link: KLA11015 RACE CONDITION VULNERABILITY IN GOOGLE CHROME The impact (or exploit there) is shown to be: ACE - Arbitrary Code Execution (though others were also mentioned in the posts, which I can't find today anymore); This is way above my level of knowledge, but I just wanted to ask, if Anti-Exploit Beta can block this and similar threats. I find this very important, because hundreds of millions of people are using this browser (including me), not knowing, that there are several critical vulnerabilities in it and no definitive solution is provided by Google. I tried to attach a cropped screenshot from Kaspersky vulnerability report, that contains some info about which files in Chrome app are impacted by all this, but was unsuccessful (received error code -200) Thank you in advance for a more detailed explanation and also a possible solution. Regards. Denis
  3. Hi. How are you? I write to you because I have a very rare problem. It turns out that MalwareBytes Premium 3.1.2 detects as Exploit the videos of windows media player and vlc media player. When I have Action Mirillis open (capture program), the generated videos are automatically closed by MalwareBytes detecting them as Exploit. Other videos not created by Action are also closed. But if I have Action Mirillis closed, the videos are not detected as Exploit and they open without problems. What is happening? It is very rare because it has never given problems of this type. Thanks in advance. (Copy of report) Spanish Malwarebytes www.malwarebytes.com -Detalles del registro- Fecha del evento de protección: 23/5/17 Hora del evento de protección: 12:10 Archivo de registro: action.txt Administrador: Sí -Información del software- Versión: Versión de los componentes: 1.0.122 Versión del paquete de actualización: 1.0.2001 Licencia: Prueba -Información del sistema- SO: Windows 10 CPU: x64 Sistema de archivos: NTFS Usuario: System -Detalles de exploit- Archivo: 0 (No hay elementos maliciosos detectados) Exploit: 1 Malware.Exploit.Agent.Generic, , Bloqueado, [0], [-1],0.0.0 -Datos de exploit- Aplicación afectada: Windows Media Player (wmplayer) Capa de protección: Protection Against OS Security Bypass Técnica de protección: Exploit ROP gadget attack blocked Nombre de archivo: URL: (end)
  4. I've tried and tried, but it refuses to turn on! I've re-booted twice, turned the program off and back on, with the same results... I click the button to turn it on, it turns green and says Starting for a few seconds, then reverts to off...
  5. When I try to open a word file I get a pop up message from Malwarebytes. The information in the pop-up is as follows: Exploit automatically blocked Malwarebytes detected and blocked an exploit. It is no longer a threat to your computer. Affected Application: Microsoft word I am not able to open any word file. What should I do? Following is the log file for the same Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 3/28/17 Protection Event Time: 9:02 PM Logfile: Administrator: Yes -Software Information- Version: Components Version: 1.0.75 Update Package Version: 1.0.1618 License: Premium -System Information- OS: Windows 10 CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, [0], [-1],0.0.0 -Exploit Data- Affected Application: Microsoft Office Word Protection Layer: Application Behavior Protection Protection Technique: Exploit payload file blocked File Name: C:\Users\divya\AppData\Roaming\Grammarly\Updates\GrammarlyAddInSetup6.6.97.exe URL: (end)
  6. Hi. I'm running Windows 7 and MB Premium 3.0.6. I think there was an update recently after which Firefox has been crashing at start up. Firefox tell me that it's MB Exploit Protection (or a conflict between it and Norton Internet Security) that's causing the crash. From info on another thread, I've tried adding various mb*.exe and mb drivers to Norton's ignore list but the only thing that stops Firefox crashing is switching off MB Exploit Protection. Any ideas? TIA Dave
  7. Hi Guys, I have an issue with the Exploit Protection function. I was recently advised to install malware protection. I decided I'd first test a few free services and decide on the best one. I installed Malwarebytes, and shortly after uninstalled to try Microsoft's malware protection service. I had difficultly with the uninstall in that I was unable to remove the mbae64.dll file ("access denied"). I used the Malwarebytes Anti-Malware Complete Removal Tool to remove the file, success! I was able to delete the file and folder. I later decided I'd prefer to use Malwarebytes 3.0.6., after the reinstall, I've noticed that the Exploit Protection service is off. When I attempt to start the service manually, it goes from "Starting" back to off. Any advice please? My system is: Windows 10 Version 1607 (Build 14393.693). In conjunction with Malwarebytes, I am also using AVG AntiVirus Free Edition, vers. 16.141.7998; and SmadAV 2017, vers. 11.2. Cheers!
  8. Hi Guys, I am testing MMC for awhile now and I really like it but at times, on few of the users, the Anti-exploit Shield turns off automatically. I don't know what triggers it or how to solve it. I went over to the machine/client and saw that the shield was off and saw that the anti-exploit service was off whereas anti-malware was running just fine and had no issues what so ever. Please see the photo to see what I'm talking about (in the photo I'm hovering the mouse on top of the first client hence the grey shield, not red). Any update from you guys about this issue would be really appreciated.
  9. hello, when i add GTA V in exploit protection list ( other ) then start game i get exploit detection error ! is this real exploit & i should uninstall my GTA V game or remove GTA V from exploit list and continue game? i try on other system & Malwarebytes detec exploit
  10. I keep getting this almost every second: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 1/27/17 Protection Event Time: 9:44 AM Logfile: Java Exploit.txt Administrator: Yes -Software Information- Version: Components Version: 1.0.50 Update Package Version: 1.0.1111 License: Premium -System Information- OS: Windows 10 CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, [0], [-1],0.0.0 -Exploit Data- Affected Application: Java Protection Layer: Application Behavior Protection Protection Technique: Java malicious inbound socket detected File Name: URL: (end) I am pretty certain this is related to the UniFi controller that I have running on my computer. Need to track it down and get more info then what the report and log in Malwarebytes is providing, to make sure that is the correct program. Also, how come there is no ability to grant an exception when the pop-up comes up?
  11. Hi When Internet Download Manager (IDM) from http://www.internetdownloadmanager.com is installed, and when trying to use "Download with IDM" right click menu item in Internet Explorer 11, your new feature (Application Hardening) blocks VB script in a static html page stored on local drive. Specifically it blocks C:\Program Files (x86)\Internet Download Manager\IEExt.htm and C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm files, and it names this action as blocking an exploit May you please clarify when it became an exploit, and how it can be exploited? How a malefactor can use this exploit on a customer computer? These script files are a part of IDM distribution, and they call ActiveX components, which were installed by IDM installer during IDM installation. It’s not possible for a malefactor to change these VBscript files or ActiveX components without administrative rights. If he has such rights, he will not need to modify or use these scripts and files. Regards, Charles Jones Tonec Inc.
  12. Hi Whenever I try to run certutil command to calculate hash of files, or even certutil only, cmd closes and malwarebytes exploit protection comes up. Here is the video of it: 2016-12-29_17-07-48.mp4 Thanks, -CKing
  13. Hello Usually, I use Firefox browser. Yesterday, I noted that Internet Explorer, than Chrome, were unable to start, instead Firefox. I searched and searched and searched the reason for this failure... I even desinstall and reinstall IE and Chrome several times, as I thought it was a browser problem or a connection problem (while I had no problem with firefox !!!)... This morning, I decided to try with my security softwares disabled, and I was amazed to note that it was Malwarebytes Anti-Exploit free which prevented browsers to run ! Did you know that ? I have (had) Anti-Exploit free What have I do to not have this problem again ? Is it a bug or a maladjustment ? Thank you for your help. I'm on Windows 7 family premium 64 bits edition...
  14. Hi, We have a user who's Malwarebytes Anti-Exploit keeps blocking an object scanned at "C:\Program" as it shows in the Malwarebytes Management Console. On his PC's Anti-Exploit logs, it shows that "C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE" is being blocked. His Excel opens up fine by itself but when he uses a program called "Cash Suite" which has a feature built into the program to use Excel, it doesn't successfully open Excel. Any ideas on what is causing this? Thanks!
  15. Hi guys, Hoping you could assist we me with an issue that we've been having with our MalwareBytes Anti-Exploit installation in a Server 2008 environment. It's been fine for the past couple of months, but this morning we found that the Malwarebytes Anti-Exploit service had stopped, when we tried to start it again we receive the below error message: Most recent log files read "2016-11-04T11:49:59.561+00:00";"SYSTEM";"1";"";"";"" I've disabled our anti-virus temporarily and tried launching the service again but with the same result. Could anyone advise on the possible cause/solution?
  16. User receiving error message via MBAE "Exploit Code Executing from HEAP Memory Blocked". I have attached contents of MBAE folder on users PC. Malwarebytes Anti-Exploit.zip
  17. Purchased and successfully set up Anti-Exploit (and Anti-Malware Premium). Purchased and set up another application (Nuance PaperPort Pro 14, v14.5), but first exited all security (e.g. MalwareBytes: Anti-Exploit and Anti-Malware Premium, Kaspersky Anti-Virus, too), only for purpose of running the PaperPort set up. After running PaperPort set up, I restarted my PC. The Anti-Malware started normally and automatically at windows start up (Kaspersky, too)... but NOT Anti-Exploit. *Please advise what to do to ensure Anti-Exploit runs just as it did when I 1st installed. Thanks.
  18. Hi there, I just wanna make sure that my PC is absolutely virus free. I was playing a computer game (Witcher 3) when my character started doing actions that I wasn't inputting in my keyboard. I closed the application, and removed my ethernet cable for internet access. However, in my desktop random files were being opened and attempted to run on their own- without stimulus from my own mouse. I think it's probably a virus (seeing that my internet connection was severed, thus ruling out the possibility of a remote attacker), and would like to see if it's still there. Attached are the FarBar logs. Thanks FRST.txt Addition.txt
  19. I have a new exploit, and after testing all antiviruses on the web, Malwarebytes is the only one vulnerable. I am willing to sell this exploit for $400, so that the software can be fixed. Feel free to contact me.
  20. Hi, We are using trial for antiexploit before we purchase the endpoint version for business, have noticed that cerain php based exploit scripts which were used to infect our websites based on wp and joomla platform were not detected, have tried copying the script manually on different systems but still antiexploit or antmalware dont detect the same, i have forwarded the script to Mr.Ron of your support team to check further. Also we are running SmarterMail Server, do is it required to add mailservice.exe to exclude list to avoid false positive for any inbound or outbound mail traffice, what is the best practise here to get optimum results. If needed let me know and shall happy to share the script or logs. Thanks Hemens
  21. Hello, I read an old forum post (2009) saying: "We do not focus so much on vulnerabilities in third-party software, such as Adobe Acrobat, like the PDF exploits you mentioned. That is something that antivirus vendors are usually quite good at. However, we certainly do detect the payloads and remote code execution that such exploits lead to." Is this still true, or has MalwareBytes Anti-Malware changed meanwhile? I am interested to know about the free version of MalwareBytes Anti-Malware. Is MalwareBytes Anti-Malware Free capable of detecting malicious code inside PDF and Microsoft Office files, just by scanning them (before opening the files with the reader like Adobe Reader, Microsoft Office, etc.). Thanks.
  22. I have a user I'm working with that uses Turning Point to do her job; however, Anti-Exploit keeps triggering a false positive and not allowing PowerPoint to load the plugin. This is a plugin for PowerPoint that allows users to survey student input with clickers. This is a legitimate piece of software used by a lot of colleges. I looked in the logs and see that the software has blocked it, but I cannot exclude it, the block doesn’t generate a hash (Exclude is grayed out and can’t in the management console without a hash). I have been deactivating the shield on PowerPoint to get around this, but it doesn’t remember this setting after a reboot… at this point I’m just going to uninstall the software for now. Is there anything that can be done to allow PowerPoint to use the Turning Point software and still have Anti-Exploit on the system?
  23. I just received a notice that "An Exploit code has been blocked in Mozilla Firefox (and add-ons)." That's all. If Anti-Exploit can block something why isn't there more info about what exactly was blocked? Do I have an Add-on that should be removed? I have always been amazed that whether it's a notice from Windows or some 3rd party software the scarcity of information that is provided when some intervention is made. If the software knows that something is wrong it should be able to be verbose about what it is.
  24. Hello I have two questions about MBAE (free version). 1. Could MBAE technically prevent a program from working correctly? e.g. say if you were running Google Chrome for example, could MBAE stop it from updating correctly if it thought it was an exploit? Or maybe the way it tries to prevent exploits, could it hinder a program's operations in any way? 2. Can MBAE conflict with other anti-virus programs? e.g. say if Bitdefender Internet Security is running and detects an exploit/malware, who would stop it first? As won't they both be fighting to try and stop the exploit/malware? Won't this cause any problems/crashes? Thanks very much, Transformers
  25. Look this file please. I got a suspicious file from this site. Currently (404) Mbae wasn't worked (v1.05) File uploaded
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.