Jump to content
yigido

[SOLVED] Slowdown/FPs with Java-based apps

Recommended Posts

Hello,

 

I was trying Spotflux Free VPN software. I got 2 alert from Malwarebytes Anti-Exploit BETA. first one is from installition.

Second one is when I want to open Spotflux VPN. It says "Exploit attempt blocked"..

What is malicious in Spotflux Free VPN ? Can you infrom me about this issue ?

 

Thanks

yigido

Share this post


Link to post
Share on other sites

What version of MBAE are you running? Can you please post or PM me your mbae-default.log logfile?

Share this post


Link to post
Share on other sites

I just got a mail this morning from support center of Malwarebytes. It is very helpful and problem was solved. Thanks for your answer here is the answer.

 

 

we designed it to install to a randomized
temporary directory on each launch, along with a randomized filename,
to ensure no one can locate it, and thus crack it (while it's running,
it contains your login information and binds your local IP, which
would be a major security risk if it became visible externally; thus
why we randomize it's name and location, so it can't be found by
automatic scripts/etc). However, this randomization causes security
software to be unable to recognize it.

because this action is exactly the same behavior as malware and viruses there is no way for us to effectively stop blocking it.

The only way to use the two together is to turn off this feature while using the VPN

 

Regards

yigido

Share this post


Link to post
Share on other sites

Hi yigido, the email you received from Support was related to Malwarebytes Anti-Rootkit. However if you are still getting popup notifications saying "Exploit attempt blocked" then it is an issue with Malwarebytes Anti-Exploit. Please attach your file C:\Program Files\Malwarebytes Anti-Exploit\mbae-default.log here.

Share this post


Link to post
Share on other sites

From MBAE LOGS tab that you posted, select the event that says "file XYZ has been blocked" and choose "Exclude". Does it still get blocked after that?

Share this post


Link to post
Share on other sites

From MBAE LOGS tab that you posted, select the event that says "file has been blocked" and choose "Exclude". Does it still get blocked after that?

Yes still blocked. I just tried it and again blocked by MBAE latest version.

Share this post


Link to post
Share on other sites

Weird, the exclusion doesn't show up. Can you post screenshots of both the LOGS and EXCLUSIONS tabs?

Share this post


Link to post
Share on other sites

OK I see the problem. We'll try it here internally to see if we can find a solution for this. In the meantime simply stop MBAE when dialing the VPN and then start it again.

 

Thanks for reporting!

Share this post


Link to post
Share on other sites

OK I see the problem. We'll try it here internally to see if we can find a solution for this. In the meantime simply stop MBAE when dialing the VPN and then start it again.

 

Thanks for reporting!

You can check this problem yourself install and run Spotflux with MBAE. It looks bug then. Please inform me about this issue.

 

Regards

yigido

Share this post


Link to post
Share on other sites

I'm able to reproduce an issue where the latest MBAE 0.10.0.1000 causes a performance issue in the older (but popular) Minecraft version.1.6.4. It does not occur with the latest Minecraft version 1.7.5. Specifically, Minecraft is very slow to load and slow to access menu items from within the game (ESC or E key). Once the game is loaded game play is normal (other than accessing menu items and inventory). I only had time to verify that I don't see a spike in CPU, disk, or memory utilization. Windows 7 Ultimate x64 w/latest 64 bit Java 1.7.0 51 b13, MBAM Pro 1.75.0.1300, Bitdefender Antivirus Plus "New Version" a.k.a. 2014. Obviously disabling MBAE resolves the issue. Let me know what else I may provide. Thx.

Share this post


Link to post
Share on other sites

Can you please zip all the files in the MBAE logs directory and either post them or PM them to me? You can find them in C:\ProgramData\Malwarebytes\Malwarebytes Anti-Exploit

 

Thanks!

Share this post


Link to post
Share on other sites

Running the latest version of MBAE alongside with MP3 Rocket (mp3rocket.me) causes the latter to run slow as molasses. It's a java heavy application, so I'm guessing that's where the issue lies.

 

The program does execute normally when MBAE's protection is stopped.

 

Logs are attached. EMET is not installed.

MBAE logs.rar

Share this post


Link to post
Share on other sites

Thanks Dan. We do have a few things in mind to fix this but it's still in the backlog.

Share this post


Link to post
Share on other sites

Thanks, Pedro. I'm not worried about it, was just thinking that other heavy java use programs may suffer the same sluggishness. Minecraft comes to mind.

Share this post


Link to post
Share on other sites

We did have problems with Minecraft long time ago but those were fixed. Now if there are problems they are normally with high-activity java-based desktop products.

Share this post


Link to post
Share on other sites

Dear Pedro,

 

I like very much the latest release of MBAE, having almost no problems with it, except some icon disappearing issues, but the icon always shows up after another reboot, so nothing very important.

 

However, today I have came up against a problem cause by MBAE when using software needed for signing electronically documents in Poland, needed e.g. in some cases while using our e-government platforms (when you need to submit electronically verified document and so on). To make such signature, you need to have such software, distributed by (in our case) Unizeto Technologies. They use Java to run this software.

 

The problem is, that when I run this software (proCertum Smart Sign), I get HUGE lags, which makes application almost useless. And as soon as I stop MBAE protection (by context menu on tray icon), and start the application again, I get NO lags and the application works in a normal way.

 

You can find the software I am talking about at: https://www.certum.eu/certum/cert,offer_smart_sign.xml (there is latest version available, 6.0.0.2088). For signing documents you would actually need USB certificate cards and a certificate card issued by Unizeto, but the lags are visible just after running proCertum, even with no card attached, so you should see what I'm talking about. I am also attaching 7z'ed logs from MBAE and will PM the password for it to you.

 

Greetings,

Piotr.

logs.7z

Share this post


Link to post
Share on other sites

Hi pkolasa, this is a known issue with Java-based desktop applications. We have a fix in mind and it is in our backlog. We will try to apply it as soon as possible after the next release.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.