Jump to content

MBAE 1.08 Beta Preview


Recommended Posts

I also had problems with Slimjet not starting (though MBAE signalling starting protection) and after many unsuccessful attempts, uninstall/reinstall, reverting to old versions, finally with a full uninstall (removing all traces) and reinstall did the trick..

 

further, if one were to change Boot option (Media boot, Safe mode etc.) - not all the time, but can say 80% of the time, this disturbs MBAE, with services not running, no UI and only MBAE.exe running. Then have to try variations to get MBAE back..

Link to post
Share on other sites
  • Replies 388
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Posted Images

@Skunk1966, I see in the logs that the balloon is shown for Slimjet Browser. But only the first time it is executed. Subsequent executions of Slimjet don't show a balloon since the process is still in execution in the background.

 

Try the following:

1- Close all running applications (browser, Office, etc.)

2- From TaskManager or ProcessExplorer verify that there are no processes running from these applications (slimjet exe, iexplore.exe, etc.). If they are, kill them.

4- Run an application protected by MBAE. Do you get a balloon notification now?

after checking with proces explorer and making sure no processes related to Slimjet are running I still can't get MBAE to show balloon notifications.

The weird thing is that you say that the balloon for Slimjet has been shown when SJ was executed the first time but I haven't seen it

Link to post
Share on other sites

Let's try the following 2 tests:

 

TEST 1

1- Close all running applications (browser, Office, etc.)

2- From TaskManager or ProcessExplorer verify that there are no processes running from these applications (slimjet exe, iexplore.exe, etc.). If they are, kill them.

3- Delete the file C:\ProgramData\Malwarebytes Anti-Exploit\mbae-default.log.

4- Run an application protected by MBAE. Do you get a balloon notification now?

5- Post or PM me the resulting new mbae-default.log.

 

TEST 2

1- Close all running applications (browser, Office, etc.)

2- Uninstall MBAE from Control Panel

3- Delete the directory C:\ProgramData\Malwarebytes Anti-Exploit\

4- Download and install MBAE 1.07 (I will PM you the link)

5- Run an application protected by MBAE. Do you get a balloon notification now?

6- Post or PM me the resulting new mbae-default.log.

Link to post
Share on other sites

I installed the latest version on another Windows 10 Home pc (x64). Installed just fine and balloon notifications are working without any problem.

I guess that the balloon notifications not working on my Windows 10 Pro pc is indeed somehow related to my custom system settings. Sofar I haven't been able to find out what's causing the problem.

Link to post
Share on other sites

Hi Skunk,

 

I reviewed the logs for the 2 tests above and in all cases the logs show that it displayed the balloon message. It seems as if something else in your system is preventing the balloon notifications from showing. As this is the only case we have of balloons not showing when they should, we can discard this as being a problem with MBAE itself.

Link to post
Share on other sites

guess what I found the problem lol.

app notifications was deactivated in Window settings for Anti-Exploit and I haven't got a clue how that happened

 

I call it case closed because balloon notifications are working again!

 

I really am sorry for not checking this first

Link to post
Share on other sites

Has there been any cooperation from Comodo to cure the incompatibility with MBAE, or any new development version which avoids the problem?

No cooperation whatsoever. We already reported one bug which is basically due to the same underlying problem, which is that Comodo's hooking mechanism does not take into full consideration that other products on the system may also hook the same APIs. Typically if the product is well designed/coded it will allow/respect other hooks to the same API. So even if we managed to add an exception to MBAE to deal with Comodo's buggy hooks, this only works when Comodo injects first and MBAE second (i.e. MBAE is able to correctly manage multiple hooks). This new bug happens when MBAE injects first and Comodo second. This is when Comodo's injection process crashes. Since this is a bug in Comodo I would venture to say that they probably have other similar conflicts with other third-party products that do API hooking due to the same bug.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.


Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.