Jump to content

DeanAnderson

Members
  • Content Count

    5
  • Joined

  • Last visited

About DeanAnderson

  • Rank
    New Member
  1. Arthi and Jason, I started to do that on one of our VMs, but the box is greyed out. I believe I will have to check that box on our "parent VM" and recompose our VM pools. I will reply here with an update tomorrow afternoon. Thank you.
  2. Apologies... I forgot this: The clients also have Malwarebytes Anti-Exploit for Business 1.09.2.1291
  3. We will obviously be replacing these Windows Server 2008 R2 computers in the near future with computers with newer OS. These are non-persistent VMs, by the way.
  4. We have: Malwarebytes Endpoint Security Malwarebytes Management Console 1.9.0.3671 The managed client computers where the false positive appeared have: Windows Server 2008 R2 Malwarebytes Anti-Malware (MEE) 1.80.2.1012. Malwarebytes Anti-Exploit.zip
  5. For the last couple of months or so, we have been getting these alerts every week or two regarding a few computers when they attempt to update VLC Media Player. I removed irrelevant information about our computers. Is this a true exploit or a false positive? How can we address it? Malwarebytes Management Server Notification -------------------------------------------- Alert Time: 2/24/2020 3:23:55 PM Server Hostname: ***** Server Domain/Workgroup: ***** Server IP: ***** Notification Catalog: Client Description: Exploit threat detected, see details below: 2/24/2020 3:22:25 PM ***** ***** Exploit payload process blocked BLOCK C:\Users\*****\AppData\Local\Temp\1\vlc-3.0.8-win32.exe ***** VLC Player C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Attacked application: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe; Parent process name: explorer.exe; Layer: Application Behavior Protection; API ID: 205; Address: ; Module: ; AddressType: ; StackTop: ; StackBottom: ; StackPointer: ; Extra: 2/24/2020 3:22:25 PM ***** ***** Exploit payload file blocked BLOCK C:\Users\*****\AppData\Local\Temp\1\vlc-3.0.8-win32.exe ***** VLC Player C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Attacked application: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe; Parent process name: explorer.exe; Layer: Application Behavior Protection; API ID: 205; Address: ; Module: ; AddressType: ; StackTop: ; StackBottom: ; StackPointer: ; Extra: Total count: 2.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.