Malwarebytes Anti-Exploit

Great! Thanks
I use Sumatra Portable, can I add that as well?

 

Of course Overkill

 

Are the default advanced settings good enough for media players?

 

I did. Works OK if opening a PDF from the File menu or double clicking a PDF if it's set as the app in the Default Programs\Set Associations Control Panel. As well when opening PDF links from a Mozilla browser if set in Options > Applications. Can't say for any other browser.

 

I see nothing is ticked under media players for application hardening, can this be tweaked without any problems?

 

@ZeroVulnLabs
running 1.07.1.1015 try to install MBAE 1.08 Beta Preview .installer show me this error

 

I had some problems with Anti-Exploit not starting with Qihoo 360 Total Security, but they are solved with the new beta 1.08.1.1016.
Probably I will go tomorrow to my parents and see if the problems with Kaspersky 2016 are also resolved.

 

Can you repro this consistently? Does the problem continue after a reboot? If so please send me FRST logs.

 

No, it is not gone forever. We're looking into alternatives.

 

Beta 1.08.1.1016 works fine, installed over previous.

New options =)

 

Ok then.

 

@ZeroVulnLabs

I added Thunderbird.
I have to add to the list also shield its plugin container.exe?
TH.

 

No. If you try, MBAE will tell you it already exists. All plugin-container.exe is shielded by default no matter which Mozilla app opens it. The shield goes active even for Cyberfox64 Portable on my D: partition. Impressive.

 

I have installed MBAE 1.08 Beta and when I try to start Opera v12, I get this:
http://postimg.org/image/llnj0ba97/

Same false positive happens with QtWeb. K-Meleon works fine. I am using XP.

 

@ZeroVulnLabs Sorry to report that I still have the problem that Anti-Exploit will not start with 360 Total Security 7.2.0.1053.
Anything I can do to help to resolve this problem?

 

check pm.i can install 1.07.1.1015 but not this test version

 

Try once again.

 

@Pliskin can you please PM me your MBAE logs directory in a ZIP? (C:\ProgramData\Malwarebytes Anti-Exploit)

@Gandalf_The_Grey & @co22 please do a fresh re-install as per this. If that still doesn't work, please send me your FRST and MBAE logs. Also check your 360 settings to make sure they are not disabling the MBAE startup entry.

 

@ZeroVulnLabs Reinstalling did not solve my problem. Here are the requested files.

 

TH.

 

@Gandalf_The_Grey I see that the MBAE service is installed, but not running. Can you try to start it manually from "services.msc"? Also check to make sure the service is set to Automatic.

If the service starts, then run mbae.exe manually (double clicking on it).

 

That works, but why the service is not running while set to automatic I don't know. As far as I can see it is not blocked by 360TS.

 

Maybe they blocked it from running right after install but didn't report it?

 

Anyway to see or solve that?

 

Try enabling auditing on that directory/registry or find a util that will audit access to those startup locations (services and reg run key). Windows has a built-in auditing but it sucks. Try NirSoft. Their tools rock.