bartonphelps

Just to be clear, the fix was, still is, to uncheck prevent loading of VB Script library?

Thank you for the update and explanation.

I agree with TSBG. My Evil Manager says this is an acceptable short term fix only. Anyway to get us back to a version that doesn't soften?

Hi Arthi, requested log files have been uploaded as per Chris' instructions. I'll try to reach out to him as well. Thanks to you and the MBAE team working on this.

I am seeing this again, Exploit attempt blocked BLOCK C:\windows\system32\VBScript.dll

Unchecking that setting appears to have quieted things down. Any idea what changed?

Thank you, GDN. I was able to confirm with a user that printing through a web-based application seemed to trigger the block, however printing was successful.

It looks like MBAE is catching this, C:\windows\system32\VBScript.dll, about 50 unique workstations in the last hour. Not sure if I want to exempt it.

Thank you.

C:\Program Files (x86)\Cisco Systems\Cisco Jabber\Plugins\HubWindowPlugin\HubWindowPlugin.dll detected as Adware.DLAssistant.Generic. Multiple production systems affected. MBAM-log-2018-08-15 (09-05-21).txt HubWindowPlugin.zip

Will do. Thank you.

Attached is the Threat View and System Log export. 219596 Threats.csv 219596 SystemLogs.csv

Yes, received another alert for a different system this morning.

Possible false positive found on AcSceneRes.dll which is part of the Bentley PowerInRoads Software - Affecting 187 systems. AcSceneRes DLL.zip SecurityLogs.txt SystemLogs.txt

8A874AF5C543A7FA5A4BEF61E7A1C842 https://www.virustotal.com/en/file/8209a46dcafd75ee941898bb82418237cfd6bc9ab954b6160313d5457e9f3348/analysis/1505318253/ nssm.zip