Jump to content

Arthi

Staff
  • Posts

    379
  • Joined

  • Last visited

Everything posted by Arthi

  1. Hi yuriygudz1961, Can you please post logs? Thanks.
  2. Hi cpcfreak, JackDeth, Thanks for your post. In our latest release, we have enhanced some Exploit protections according to our research into the latest threat landscape as well as provide customers with granular settings so it can be turned off/on according to their working environment. If you would like Libreoffice to continue to allow execution of scripts applications but protect MS Office applications from doing so, you can always turn off Libreoffice as a protected application while keeping the above mentioned setting ON, so only MS Office applications are protected against scripting app abuse. Please let me know if you have any further questions. Thank you.
  3. Hi wdolson, Thanks for sending us the logs. Please open Malwarebytes, go to Settings -> Security tab -> Advanced Exploit protection settings->Application Behavior protection tab and turn off Malicious Return address protection for MS Office and hit Apply. Thanks.
  4. Hi JackDeth, Thanks for posting. Please open Malwarebytes and go to Settings, Security and scroll to the bottom and click the Advanced Settings button. In the next dialog box go to the Application behavior protection tab and on the MS Office column try unchecking "Office scripting app abuse protection" Hope that helps, Thanks.
  5. Hi ScotchJohn, Glad to know our recommendations worked. Are you also experiencing freezes and crashes, if so Can we please have crash dumps from your system so we can analyze further. Thanks. To do so, you need to have admin privileges, Under the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LocalDumps registry key, set DumpType to the value 2. This full memory dump will provide us useful information to analyze further. Once you encounter the problem, please collect the dump logs from %LOCALAPPDATA%\CrashDumps and send it to us. You can find more information on it from this link https://msdn.microsoft.com/en-us/library/windows/desktop/bb787181(v=vs.85).aspx
  6. Hi Torvald, Hope she recovers soon, please take care. We will be here to help out with your issue whenever you are back. Thanks for your patience.
  7. Hi ScotchJohn, Feel free to leave it disabled. It is only required for the enhanced log generation. Please go to Malwarebytes and go to Settings, Security and scroll to the bottom and click the Advanced Settings button. In the Advanced Memory protection tab, uncheck the Malicious return address Detection setting for MS Office. Please let me know if that helps. Thank you.
  8. Hi MC71, @MC71 Thanks for posting. We need additional logs to debug this issue. Can you please enable logging in the Malwarebytes product as provided in the below screenshot and grab logs again. Thanks.
  9. Hi ScotchJohn, @ScotchJohn We need some additional logs to debug this issue, can you please turn on logging in the Malwarebytes product as in the below screenshot and then grab logs again. Thank you.
  10. Hi Torvald, @Torvald Thanks for your post. We need some additional logs to debug your issue. Can you please enable the toggle in the Malwarebytes product as in the below screenshot and then generate the logs again. Also if you can please get us the crash dump as provided in the above comment by David. Thank you.
  11. Hi Andre, Thanks for reporting. Does turning off "Protection for Office WMI abuse" setting help with your issue?
  12. Arthi

    False positive

    Hi sol_amp, I apologize for the delay in our response. I am going to suggest a couple of things here. Let me send a DM to you, and we can take it from there. Thanks.
  13. Hi All, I was out on a parental leave, now back :) Thanks for your patience. I added an exclusion, hope the blocks don't come anymore. Thanks.
  14. Hi TBS, Apologize for the delayed response. Please go to Malwarebytes UI, Settings->Security Tab->Advanced Settings under Exploit Protection->Advanced memory protection Tab->uncheck "Malicious return address Detection" for Pdf reader Hope that helps. Thank you.
  15. Thanks for the log. Close Powerpoint application Please turn off the protection "Malicious return address Detection" for MS Office. You can find this setting under Exploit Protection ->advanced settings->Advanced memory protection Tab Reopen powerpoint, you should not see the block anymore
  16. Hi, Thanks for posting. Can you please provide this log file to us, will look into it and get back to you. Thanks. C:\ProgramData\Malwarebytes\MBAMService\logs\mbae-default.log
  17. Hi By sharonp, Thanks for posting. Please go to Exploit settings->Advanced settings-> and uncheck "Malicious Load Library" protection for MS Office. Hit Apply and you should not see this block again. Thanks.
  18. Hi bvanrent, Can you please turn off "Malicious return address Detection" for MS Office under Exploit Settings? That should stop the blocks from happening anymore. Thanks.
  19. Hi TBS, Thanks for posting, Please attach the following file here, so we can check what's going on and provide a resolution. C:\ProgramData\Malwarebytes\MBAMService\logs\mbae-default.log
  20. Hi DonWiss, Thanks for posting, Please attach the following file here, so we can check what's going on and provide a resolution. C:\ProgramData\Malwarebytes\MBAMService\logs\mbae-default.log
  21. Hi Zeus_Dog, If you are still experiencing this issue when you turn ON penetration testing protection, can you please attach this log. C:\ProgramData\Malwarebytes\MBAMService\logs\mbae-default.log Thanks.
  22. Arthi

    LibreOffice 7

    Thanks Granta for the log file. This bug has been fixed and is due to release in the next few days. It will be pushed out to Beta very soon. Until then the workaround is to turn off the toggle for LibreOffice in the protected application list. Thank you.
  23. Arthi

    LibreOffice 7

    Hi Granta, Can you please send us this log file C:\ProgramData\Malwarebytes\MBAMService\logs\mbae-default.log Thank you.
  24. Hi All, Can you make sure that "Block penetration testing attacks" setting is also turned OFF. You can find it near the Advanced Exploit Settings button. Thanks.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.