Jump to content

Rsullinger

Staff
  • Content Count

    538
  • Joined

  • Last visited

2 Followers

About Rsullinger

  • Rank
    Staff

Recent Profile Visitors

6,271 profile views
  1. Rsullinger

    MBAE 1.12.1.124 has removed default Chrome shield.

    Hey Spritesprint, The google chrome shield was the only one we touched due to this issue. So any other browser we currently protect will not be affected unless the other chromium browsers get the same treatment. I can see if we can see about Vivaldi. Ill send that feedback to the team to consider going forward.
  2. Rsullinger

    MBAE 1.12.1.124 has removed default Chrome shield.

    Hello Spritesprint, Unfortunately it is not a mistake. We removed protection for Chrome due to Google’s new policy against code injection into Chrome. Because of this policy, we would not be able to protect chrome in that same way going forward. This blog from them explains as to why they are doing this: https://blog.chromium.org/2017/11/reducing-chrome-crashes-caused-by-third.html
  3. Rsullinger

    False positive? Excel 2010

    Hey REGITDept, The team thinks it may be a FP but we want to collect some additional logging on this. I am going to send you a PM to collect these logs so look for that soon.
  4. Rsullinger

    Process Hollowing - Excel - Potential False Positive

    Hey Oscars, I am going to reach out to you in a PM to get some information. Let me know if you have any questions. Thank you,
  5. Hey Everyone, We have a test build we would like you to try. Can you please try this version and let us know if it fixes the adobe issue you are running into: https://malwarebytes.box.com/s/b3gu0vewughayu63sus1y8dbainqiqzp If you run into any issues, let me know asap!
  6. Rsullinger

    v1.12.1.100 clash with Acrobat Reader DC.

    Hey Nukecad, I am going to send you a PM to try and get some debug logs for our team. Thank you,
  7. Hey JeffreyB, Can you collect these logs for me so I can confirm if it is the same issue as above:
  8. Rsullinger

    Exploit payload process blocked - JAVA.exe

    Hey Jaws98, What is causing it is hard to say, but our program is blocking it because java is attempting to run a cmd/script of some sort. We don't care what it is running, just that it is trying to make that type of call. Just from that piece of code it doesn't look malicious. Just to be safe, you may want to try re-installing the java software and get it on the latest to see if it still occurs.
  9. I am going to send you a PM to collect some debug information for the team so we can get this fixed.
  10. Rsullinger

    MBAE

    Hey everyone, I am going to reach out to you to collect some debug logs on this issue. The development team wants to see how this is triggering. You should see a PM from me with some instructions on how to do this. Thank you, Ron
  11. Hello Everyone, Can you please try the version that is posted here: Want to make sure the newest version is tried to ensure this is not due to a fix we made currently.
  12. Hey Sandy, It will not affect them. The log we write to will overwrite itself after a certain amount of data (this prevents it from being a huge file). It will not affect the user and they will never see it. Just need to make sure that when the alert happens, we collect the logs as it will overwrite if to much time has passed.
  13. Hey Sandy, I want to send you some instructions in a PM to collect me some debug logs. The block looks strange in that it shouldn't be blocking it in that way. We want to see exactly why that is occurring.
  14. Hey MarkTM, I want to have you try a debug build to get me more information. I am going to send you a PM to send it to get that data. Along with this, do you mind getting me a screenshot of the addon's in word or possibly try launching word in safe mode? I want to eliminate the possibility this is caused by an addon.
  15. Hey Slitzinger, I moved this to a new thread as the other one is a bit old and may be outdated for anything right now. I want to confirm what is going on, do you mind collecting the logs from this link: Go ahead and attach it here and I can see why that is happening.
×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.