Malwarebytes Anti-Exploit

unchecked all from stackpiviotong and same results

 

Try completely disabling Cylance and rebooting to see if the problem persists.

 

that would mean uninstalling cylance and I am not ready to do that so for now I will either leave antiexploit disabled or go back to the previous version.

 

I detest "combinations". I went to the hardware store yesterday to buy a shovel. The only one they had in stock was a combination shovel/can opener/FM radio, with an optional enema bag attachment. I fear that that is the sort of thing that MBAM is headed toward.

 

Bellgamin bought 2 of them shovels, just what he was looking for.Ha Ha....

 

I echo your feeling. But we're not trying to bundle unnecessary crap like traditional Security Suites. From the perspective of a regular joe blow user that's not security conscious, they really need a good proactive security product (anti-malware + anti-exploit + anti-ransomware + etc). For folks like us, we'll still be able to layer different components and different products. We're designing it in a way that will allow you to do that. Plus you'll always be able to keep your MBAE standalone. So you'll really have two ways with the new MBAM to keep your setup as is.

 

Great news, I'm making a screenshot of this in case I need to remind you of that statement later.

 

Now I understand why you are sticking to XP, you detest combinations.

Windows 10 Home version got a 2-way Firewall, a Sandbox (AppContainer), HIPS (UAC and Protected processes), Anti-executable (Parental control and ACL), Anti-exploit (DEP, Sehop, ASLR, EMET and Control Flow Guard), Whitelist (Smartscreen) and a Blacklist (Windows Defender). You just wanted an OS.

 

zero I am wondering why all of a sudden antiexploit stopped working with cylance after the last beta install? it always worked before that.

Edge still opened with antiexploit active.

update: I went into advanced and unchecked one by one while clicking on IE until all were unticked. IE would still not open. then went into shields and deactivated IE then tried opening IE and it worked.

 

Trying the beta 1.09

For Office apps I enabled RET ROP Gadget Detection 32 bits and protection message box payload, Office WMI abuse and Office VBA7 abuse. Seems to run fine with Office 2007 with hardened Trustcenter settings (block macro's, active X and plug-ins)

regards Kees

 

Kees I know you don't use IE but if you still have it, could you try open it with this new beta please? I only have edge and ie on this windows 10 machine so my ie is 11

 

Are you completely closing IE between changes to the advanced settings? A change of advanced setting only applies after the application has been completely closed and then re-opened again.

 

yes I close IE after each one. I check a box click apply then try open IE. repeat, repeat ect.
even look at task manager to make sure it is not running
only thing that works is deactivating IE in shields.

should I try reinstalling over this build?

update: I uninstalled the last version and installed 1.08 and now antiexploit does work again.

 

We'll add Cylance to our QA test process.

Any idea where I can get a Cylance trial/test product?

 

why do you think it is cylance? you can get a demo from their site.
when I go back to 1.08 everything works again. what did you YOU do different?

 

It's the one from the items in your sig that's the best candidate for a conflict since AFAIK it includes some basic anti-exploit. But if you send me your complete FRST I'll have a better idea.

Btw, no download from Cylance website, just request for sales people to contact you. Is the product available for download somewhere?

 

A waste of time and resources. The source of this opinion? The "Ever heard of Cylance?" thread and the waste of bandwidth regarding it in this thread.

 

LOL

As for me I like DIY layered approach. That's why still having Windows 7, MBAE, 3-d party FW etc.

 

So you have no problems or other negative side-effects with enabling all checkboxes with the old version?
I'm using only default-settings at the moment, but i think about to harden MBAE a little bit.

 

Actually there's persistent problem in my Windows 7 SUA when all advanced settings are checked:

The same is for "Advanced settings" button and some others.

There's no "shading" in Admin account. I can tweak MBAE in Admin account.
No other problems when I set MBAE at maximum.

 

Exploit Test Tool
http://dl.surfright.nl/hmpalert-test.exe

 

=
https://www.wilderssecurity.com/threads/malwarebytes-anti-exploit.354641/page-67#post-2458888

-----
https://www.wilderssecurity.com/sear...Test Tool&t=post&o=relevance&c[thread]=354641

 

I have MBAE on my Windows 10 Pro 32 bits, also disabled IE11. On my Asus transformer I run Office 2013 without outlook.

 

" But if you send me your complete FRST I'll have a better idea.

I reinstalled the new beta and now cylance ark grrrrrr

still appears to be running after reboot though.

where should I send the FRST file to?

 

Maybe choose Cylance or MBAE