Malwarebytes Anti-Exploit

Discussion in 'other anti-malware software' started by ZeroVulnLabs, Oct 15, 2013.

  1. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    5,016
    https://forums.malwarebytes.com/topic/136424-frequently-asked-questions/?tab=comments#comment-846352
    ----------------------
    How to verify that MBAE is working correctly
    https://forums.malwarebytes.com/topic/139368-how-to-verify-that-mbae-is-working-correctly/
     
    Last edited: Dec 6, 2017
  2. cyberlost24

    cyberlost24 Registered Member

    Joined:
    Mar 11, 2004
    Posts:
    84
    I,m wondering why you posted a link to Hitman Pro about exploits...did you read the last post by Anon,explaining how to test if MBAE is workingo_O
     
  3. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    867
    Location:
    Italy
    Watch the video below:

    http://sendvid.com/iq904y0w
     
  4. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    867
    Location:
    Italy
  5. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,432
    Just got this update, to v1.11.1.45 a little while ago.

    MBAE_updated to v1.11.145_01.JPG
     
  6. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,432
    But, ReHIPS did tell me it was coming, initially. I allowed it: "Only in This Session".

    MBAE_updated to v1.11.145_02.JPG

    Then VoodooShield popped up, and I allowed that, too! :)

    MBAE_updated to v1.11.145_03.JPG

    MBAE_updated to v1.11.145_04.JPG
     
  7. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,238
    Location:
    USA
    Sir, this link has a trojan on it. I just had Eset block it, and it's no false positive. My browser was immediately hijacked, and redirected to a scam page that locked my browser after that. I'm using the latest build of Firefox. The infection may not run for everyone, but believe me, it's there.

    Time;Scanner;Object type;Object;Threat;Action;User;Information;Hash;First seen here
    12/6/2017 5:12:03 PM;Real-time file system protection;file;C:\Users\achilles\AppData\Local\Mozilla\Firefox\Profiles\zd2s79wq.default\cache2\entries\95845F8BC2CAB5A3158A5A8309D4AC9F0A4FEB69;HTML/FakeAlert.HG trojan;cleaned by deleting:DESKTOP-HITL62R\achilles;Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\firefox.exe (84B6E75B69D0E459C0D72088BC92786E13114D29).;121B034DD79216985FB1CC869DC838CD1A11F2A6;12/6/2017 5:12:00 PM

    Edited 12/6/17 @ 5:29 That page also shows signs of having an exploit on it, but I don't have time to verify if there is one. I have to take a huge Cisco Final in an hour. Basically my browser began to alert me that content from that page was still running in the browser (even though I closed that page about 20 minutes ago), and slowing down the browser. I then attempted to shut down the browser, and run ccleaner, but the browser would not shut down. I ended up having to kill it from the task manager.
     
    Last edited: Dec 6, 2017
  8. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    867
    Location:
    Italy
    ~Virus total results removed as per Wilders policy

    I can not delete the post.
    If a moderator thinks it is necessary to delete it, he has my approval.:thumb:

    My pc (XP) is clean.
    (Scan Hitman Pro + Zemana Antimalware portable + log Hijackthis + adwcleaner)
     
    Last edited: Dec 7, 2017
  9. fblais

    fblais Registered Member

    Joined:
    Jul 31, 2008
    Posts:
    1,040
    Location:
    Québec, Canada
    No problem watching the video here.
    I'm on Windows 7 pro and using Chrome.
     
  10. cyberlost24

    cyberlost24 Registered Member

    Joined:
    Mar 11, 2004
    Posts:
    84
    Not wanting to risk going to that site for the video----What exactly is the video showing/telling you about??...Is it proving anything good/bad?
     
  11. fblais

    fblais Registered Member

    Joined:
    Jul 31, 2008
    Posts:
    1,040
    Location:
    Québec, Canada
    It shows what Sampei wrote in post referenced by post#3679.
     
  12. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    867
    Location:
    Italy
    The video shows the correct intervention of MBAE ver.24.
    With the ver 45 there are all the problems that I have described in the Malwarebytes forum.
     
    Last edited: Dec 7, 2017
  13. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    867
    Location:
    Italy
  14. cyberlost24

    cyberlost24 Registered Member

    Joined:
    Mar 11, 2004
    Posts:
    84
  15. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    867
    Location:
    Italy
  16. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    2,323
    some1 dropped the ball for xp already, so why? :p

    if a program like this also supports xp its codebase is outdated, it has to carry ancient routines which are vulnerable in itself.
     
  17. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    867
    Location:
    Italy
    Also HPA3..................:rolleyes:
     
  18. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    867
    Location:
    Italy
Loading...