Malwarebytes Anti-Exploit

Just installed the latest version, however it is missing the tray icon.

I know it is a 'known' issue.

 

Are you sure it's not hidden?

 

No, not hidden. I just terminated the process, and relaunched. OK, now.

However, it says "shielded applications: 0" That, is not correct.

 

As you said, it is a known issue. The next beta, version 0.10.0, will fix this.

 

Looks like the counter is still an issue...

 

I could close the browser, and relaunch. But, why bother.

 

The cosmetic issues are really not a priority right now. We are focused on finishing the engine so we can start on a new GUI for it, where most of these cosmetic issues will disappear since it will be a new GUI.

 

Will the new GUI follow on with a similar MalwareBytes theme as in the coming 'new look' MBAM?

 

Yes, that's the idea.

 

Installed new version, no problems.

 

I'm testing it; when you open a flash video in a browser or any other application like java applets through a browser, should it show up in the log that it's protecting them Because it doesn't!

:edit: OK, in Firefox with the plugincontainer disabled and Flash's sandbox disabled, no separate exe runs when viewing flash objects; will MBAE still protect I also tried flash objects in IE11 and nothing popped up in the log.

 

No it should not show up. Plugins/Addons that run within the browser process space will only show in MBAE as the browser as being protected.

 

I have Mb pro running. Would you recommend I install this application? Thank you!

 

Yes, you should give it a try, either MBAE or EMET.

 

Just want to give props for your due diligence in being on top of things with this app. I expect big things from it. I think it's important that you make it very compatible with EMET, so that people can use both. Since it uses different methods they should be able to co-exist together and really form a formidable layer against exploits. I plan no keeping an XP box around after it's EOL, and can't stand .NET FW as it cripples my setup with bloat. And so I can't use EMET on it. So I'm really keeping an eye on this product. And even on my Win7 box I'd like to be able to use both.

So keep up the good work. I look forward to stable releases.

 

Hello,

Just a curious question... I use the latest Opera version 19. It typically has the opera.exe parent process and then on average of 8 to 10 opera.exe child processes under it. I have checked and the the mbae.dll is injected into the parent and all of the children. Now the question... The MBAE logs will state Opera is being protected and the main page of the GUI states anywhere from 0 to 3 shielded applications (according to logs only Opera is being protected). I assume Opera is being shielded but the number of shielded applications shown is misleading. When the shielded application number is 0, am I protected? Should the number of shielded applications be with Opera a count of the parent and all opera.exe children or just 1 for the parent? I am a bit confused as to what I should be seeing...

 

Yes the counter is not terribly reliable and we've had problems keeping it accurate all along due to a multitude of reasons (unstable termination of processes, unreliable un-injection, etc.).

This does not in any way interfere with the protection, but I understand it might introduce doubts to the average user, so we will probably change this in the future and have a different way of visibly showing protected programs. For example I like the idea of the yellow outline that Sandboxie uses for sandboxed apps. Any other ideas or suggestions?

 

Hello,

The idea of the yellow outline sounds interesting. I am not totally sure whether I would like this or not. It sounds like a good possibility but I think it may be one of those things I would like to see in action before I make a definitive opinion one way or the other. If this was implemented, you may want in option to turn this feature on and off.What about process that run without an obvious window, like Java or Windows Scripting Host? Hmmm, I will think on this and post back if I think of any better ideas (IMHO of course).

 

How about a '#' in the titlebar of processes? '#' would indicate that the process is protected by MBAE.

 

It works with HP.Alert and EMET?

Can I use MBAE + Sandboxie?

This software will be free forever?

Thanks!

 

https://forums.malwarebytes.org/index.php?showtopic=136424

https://www.wilderssecurity.com/showpost.php?p=2337065&postcount=1176

On my W7 Pro x64 SP1 system, I'm running all the latest releases of EMET, Sandboxie, HitmanPro.Alert and MBAE all together - ok.

HTH

 

Thank you!

Too bad:

I don't want to pay for security anymore. Anyway, this software looks very good!

 

* Works with HP.Alert and EMET, although there are some conflicts with certain EMET configurations. See our Known Issues & Conflicts list.
https://forums.malwarebytes.org/index.php?showtopic=135127

* Sandboxie does not allow MBAE to inject into sandboxed processes.

* We have no finalized plans for the 1.0 release mode, but a free + pro approach is up there in the list.

 

Thank you!