Jump to content

MBAE 1.08 Beta Preview


pbust

Recommended Posts

  • Replies 386
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Posted Images

  • Staff

This message popped up when surfing common web site using IE 11. Have not been able to replicate. Noticed that just prior to message the web page was slow to respond. 

 

 

                                                                       attachicon.gifCapture9.JPG

Can you please attach or PM me your MBAE logs directory? Instructions in the "readme first" link in my signature.

 

@tony321, what you are saying means that you are protected correctly.

Link to post
Share on other sites

Have another thing to add i activated Logs in the logging section of Malwarebytes anti  exploit  and chrome is not logged there as well, it's like its broken i would go back to chrome stable but i have a issue on win 10 with it were it stops accepting kyb input chrome beta does it sometime but not as bad. 

Link to post
Share on other sites

  • Staff

Hmmm, can you check something for me @tony321?

 

I seem to recall that some versions of Chrome by default keep a running chrome.exe process in the background even if you close the Chrome windows. Check in your TaskManager or Process Explorer for chrome.exe processes after closing all the Chrome windows. If you find any, that's probably the reason why you are not seeing balloons and log entries as chrome never actually closed. If this is the case, simply kill the background chrome.exe process and then start Chrome again. You should see the balloon and event log then.

 

I believe this is a default chrome option that it stays in the background. In the chrome settings you can turn that off.

Link to post
Share on other sites

I have seen an alert for 'Detection of Anti-Exploit fingerprint attempts'.  This arose with Windows XP and Firefox ESR 38.3.0.  I attempted to open a file in a local folder and MBAE killed Firefox.  Unchecking the 'Detection of Anti-Exploit fingerprint attempts' option in MBAE's Advanced settings stops the behaviour.

 

I am unable to get the dds.txt and attach.txt files as DDS.com will not run to completion.  Windows XP locks up and I am forced to restart.  I can only PM the MBAE application folder contents to you.  The alert screenshot is in this post.

post-150292-0-77524300-1443039728_thumb.

Link to post
Share on other sites

Regarding my Fingerprinting detection issue, the affected Windows XP system runs Panda Security free antivirus 2016 (my other systems all run AVG free 2015).  The issue has ONLY occurred when Firefox is instructed to load a local file, i.e. from the local Windows XP file system.  Internet access by Firefox did not trip the MBAE alert.

Link to post
Share on other sites

Hello All:

 

I did not see build 1029 soon enough before the following build 1030 was released. I installed 1.08.1.1030 over-the-top of 1.08.1.1025 Premium. At the conclusion of that install, I received the pop-up for the mandatory restart and did so immediately.

 

At the first appearance of the Windows 10 Pro desktop after restart, a balloon message announced that MBAE was stopped. I checked the MBAE system tray icon to confirm that indeed it showed the black edged icon of a stopped MBAE. I single left-clicked Start Protection and the system tray icon changed, without delay, to the orange edged running MBAE.

 

I can hold this startup/session of W10Prox64 if anything volatile is to be captured for your analysis.

 

Thank you.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.