Jump to content

Mbam 3.0.6 finds Opera browser as Exploit.

Kippykip

By Kippykip
in Exploit

 Share

Recommended Posts

Kippykip

Kippykip

Posted
Posted

There's been this very annoying bug in a recent update (when I say recent I mean since a few months ago)
Where when clicking the "Show in folder" button on the downloads tab/mini menu, malwarebytes will close all instances of Opera running, making you lose everything you were doing which is seriously annoying.

WzoESvq.png

4aEs9EU.png

I've been turning off real-time protection for this reason but it has this irritating popup upon rebooting the machine reminding me to turn real-time protection back on.

I'll post a 2nd picture of what pops up in MBAM after clicking (as I'm currently writing this from opera and don't want to lose all this text)

 

Link to post
Share on other sites
  • Staff
Rsullinger

Rsullinger

Posted
  • Staff
Posted

Hey Kippykip,

 

I want to have you collect me a couple of logs so I can look into this issue further. 

 

Can you please collect the files in this folder location:

C:\ProgramData\Malwarebytes\MBAMService\logs\

and

C:\ProgramData\Malwarebytes\MBAMService\mbae-default.log

Along with that, I want to have you run a tool called FRST to collect some information on the computer. To do this:

 

1: Please download FRST from the link below and save it to your desktop:

FRST 32-bit version: https://downloads.malwarebytes.com/file/FRST

FRST 64-bit version: https://downloads.malwarebytes.com/file/FRST64


2: Double-click the purple FRST icon to run the program. Click Yes when the disclaimer appears.

3: Click the Scan button

4: When the scan has finished, it will make 2 log files in the same directory the tool is run, FRST.txt and Addition.txt. Please attach both files in your reply.
 

 

Link to post
Share on other sites
Kippykip

Kippykip

Posted
  • Author
Posted

Here mah boi, also I just had a theory what it could be.

There's an addon for Windows Explorer called "QtTabBar" which adds multiple tabs to Windows Explorer, the way it captures windows themselves though is through some ShellHook etc etc.

So maybe when Opera opens the file location, MBAM sees that the window is getting captured by QtTabBar's ShellHooking mechanism or something.

Wn6IFV8.png

Haven't tested this on another machine thus far, but it's a possibility.
Also if the logs complain about modified windows files, that's me modding the crap out of them (which is why I try to avoid using fix tools, as it usually reverts things back), so don't worry there.

logs.zip

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.