• Content count

  • Joined

  • Last visited


About Rsullinger

  • Rank

Recent Profile Visitors

5,829 profile views
  1. Hey MarkTM, I want to have you try a debug build to get me more information. I am going to send you a PM to send it to get that data. Along with this, do you mind getting me a screenshot of the addon's in word or possibly try launching word in safe mode? I want to eliminate the possibility this is caused by an addon.
  2. Hey Slitzinger, I moved this to a new thread as the other one is a bit old and may be outdated for anything right now. I want to confirm what is going on, do you mind collecting the logs from this link: Go ahead and attach it here and I can see why that is happening.
  3. The program will install in the x86 directory that is correct. If it is doing it on numerous machines, then I would like to take a look further into it. I want to see if something in particular is causing this during the upgrade. Can you please collecting the logs from this post and attachthem here: Thank you, -Ron
  4. Hey StroTech, That looks like it may have just left behind the un-install entry from the upgrade. If you open up the program and it is showing the correct version there, then it is just something that got left behind for some reason. If you want to clean it up, you can do it manually or run our clean tool to remove everything and install the latest version. If you want to do that, here is the clean tool: This is where you can find the latest version of mbae that you have upgraded to: Let me know if you have any issues!
  5. Hey SBulla, I am going to send you a PM with the link to get it. Normally you can find the latest updated packages (of all the mbes products) from the purchase link that is sent. This one should activate automatically after installed!
  6. Hello Texgal, Can you please collect the logs found here and attach them to this thread: I should be able to use those to see what is happening. Thank you!
  7. Hey, sorry for the delay. Here is the link for the latest mbmc: In the mean time, see if you can change the setting on the user side (as long as you are an admin you should be able to change it) and see if it works. I would hate to have you go through all of that work for it to not ultimately fix it.
  8. Thank you for the logs! So I reviewed it and it may be due to a setting we have that causes cmd to not be ran if Java calls it. Sometimes infections use this vector so we have that setting to block it on by default. However, you can disable this setting if you know for sure this script is good. To do this, open up the mbae UI on the users machines (or go into the mbae tab in the policy if you are using mbmc) and go to the settings tab. Click on the advanced settings button and go to the java protection tab. Disable that first option for 'prevent web-based java command line' and test to see if it works. If you are pushing it from the console, it may take a bit to be pushed down to the client.
  9. Hey MLAP, Exclusions are usually only done if there is an md5 of the file that can be excluded. I am not 100% sure why that block is occurring so I will need to see the full logs for the product. Do you mind collecting the logs from the instruction here: You can send me the data in a PM if you do not wish to post it in the forum.
  10. Heap Memory Blocked

    Hey Sheend111, No problem! It may be trying to call something that could have been malicious. If you notice anything else like that, feel free to reach out and I can confirm what is happening!
  11. Heap Memory Blocked

    Hey Sheend111, So like i thought, that application is not protected normally so I think it was just a false positive on our side. If you don't know how you triggered it then it may have just been something was trying to launch it and we monitored it at that point. Unfortunately, it looks like the logs over wrote the information about what happened during that time so I can't check. If it happens again, can you try collecting those logs again? I don't think it will happen based on what I was able to see in the logs. However, since I am not sure what triggered it, It is is hard to say for certain.
  12. MBAE Startup on Win XP 32bit SP3

    Hey Scut1, Thank you for the logs. It does look like it is hooking a bit abnormally. To be on the safe side, can you run the clean tool found here: and then re-install using this link: That should resolve the issues I am seeing.
  13. MBAE Startup on Win XP 32bit SP3

    Hey Scut1, That does not sound right. While there is way to hide the GUI, mbae.exe should still be running. Do you mind collecting the logs from here so I can confirm there is no issue with the downgrade:
  14. Heap Memory Blocked

    Hey Sheend111, Do you mind collecting the logs from this article: That block is a bit strange since it looks like that Jriver application is the process getting blocked. I want exactly it is getting blocked for in the logs.
  15. Firefox and Chrome Issue

    Hey Iam-Mike, I want to assist further with the ROP block issue you are having in chrome/firefox. I am going to shoot you a PM to collect some additional information and get this fixed!