Malwarebytes Anti-Exploit

Okay great! Thanks

EDIT: Sorry I didn't notice that the cmd issue was already mentioned in a few posts above
EDIT#2: I just rebooted and now IE says cmd is protected (before it said IE is protected) and Chrome says Chrome and plugins are protected (before it said cmd is protected) lol. They switch back and forth it seems.

 

Can someone explain the premium settings please? Or is there any guides online?

 

@Overkill, I'd suggest starting with Browser settings as they are the most comprehensive. IF you see any issues or false positives then you might want to try another but so far I haven't had any issues with any program using the browser setting even when they aren't, while on Windows 7 x64. The best setting will be the one that works but maximizes protection. Windows 8 seems to be a bit touchier so if you're using that you might want to consider something closer to the actual program type to start with.

I notice you had a few issues (on an x86 version?) with the template and without the x64 lines but not on XP. Might I ask which x86 OS (feel free to send it via PM) you were using it on? I'd like to investigate that a bit more in case other 32 bit versions need that line I included for XP since a majority of my tests were done with my real OS (Win7 x64) and only limited instances of VM's with others...

 

I am using win 7 home premium x86

 

Win XP-SP3, working fine on v1.06, and I'm back on MBAE 1.07.1009 beta

First of all, Thank you ZeroVulnLabs, Windows_Security and Rasheed for working with me on page 88. Things are clearer now. And I understand better what SSM was telling me.

New item:
I'd like to add something to exclusions because it was flagged for submission but is safe. I did not submit.
But I can't add it because its apparent exploit did not make it into the log, in spite of a procedure described in the help file:

 

Off topic real quick

In the screenshot, What utility are you using to keep track of your temperatures?

 

Only exploit payloads blocked by Layer3 and identified in the logs tab can be excluded. If the detection is Layers 0, 1 or 2 then you won't be able to exclude it. Can you PM me the logs to see what and how was detected?

 

It was file-format detection by 1.07. See PM.

 

Core Temp Portable
The green icon next to the temps is cleanmem incase your wondering.

 

Thank you for the info, I appreciate it.

 

Likewise Thank You very much for posting those links. I D/L both of them that i didn't have.

 

Glad to help guys

 

Hello,

From Pedro's post over on the MBAM Forums here: https://forums.malwarebytes.org/index.php?/topic/169269-10711007-ok-so-far/page-2#entry972846 - An experimental build (1.07.1.1010) has just been released which will go final within a few days...

For anyone wishing to install early, the download link is available in this post: https://forums.malwarebytes.org/index.php?/topic/169216-mbae-107-beta/

 

Thank you for the heads up! lol

 

Hello Mister X,

You are most welcome !

 

Thank you!

 

Thank you for the update!

 

@ZeroVulnLabs Any plans to add a shield for Microsoft Edge? Also, Any tests that show that MBAE will currently work with Microsoft Edge?

 

Malwarebytes Anti-Exploit 1.07.1.1010 is working really well here...

 

With Edge there is actually little need for MBAE, EMET or HMPA. You will benefit from a 64-bit browser with EPM sandbox. On top of that, disable Flash and you will be fine.

 

Thank you, but I would feel much more comfortable using MBAE with Edge.

 

Is adding a custom shield yourself an option? (If that's possible with MBAE)

 

Yes, I am sure that is possible, as MBAE has an area to add custom shields.

I am currently unable to test a Windows 10 build, which is the reason for my original question

 

You have to manually add a shield for both:

Code:

C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

I am testing latest MBAE beta Premium trial with Windows 10 build 10159 and it seems to work nicely with Edge once you manually create shields. I would assume the devs will add support for it by default soon.

 

1.0.7.1.1010 behaves well on my XP-SP3. Thank you!
Wish: when something is blocked, I'd like to see the reason in the log. I presume it'll be the items checked on the Advanced tab.