Jump to content

bhabel

Members
  • Content Count

    25
  • Joined

  • Last visited

About bhabel

  • Rank
    New Member

Recent Profile Visitors

1,072 profile views
  1. Would you be able to check this install media? InternationalPrimoPDF 050815.exe – PUP.Optional.OPENCandy InternationalPrimoPDF042712.exe – PUP.Optional.OPENCandy \AppData\Local\Temp\nseE698.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> No action taken. [c9c3073a6d4c90a6be29bdb950b32fd1] MBAM-log-2018-11-06 (08-38-17).txt Primo.zip
  2. Exploit payload file blocked BLOCK C:\Users\****\AppData\Local\Temp\vlc-3.0.4-win32.exe **** VLC Player C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Attacked application: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe; Parent process name: SpillmanClient.exe; Layer: Application Behavior Protection; API ID: 205; Address: ; Module: ; AddressType: ; StackTop: ; StackBottom: ; StackPointer: ; Extra: Malwarebytes Management Console > Policy > ***** (Default) > Right Click > Edit > Anti-Exploit > Advanced > Application Behavior Protection We do not have Application Behavior Protection enabled for Media Players. Object Scanned: C:\users\****\AppData\Local\vlc-3.0.4-win32.exe I can't add the scanned object to Anti-Exploit Exclusion List: Selected threat does not contain a valid payload checksum, it cannot be added into exclusion list. The alert only occurs if we try to pay a video from the Spillman application with VLC. Playing the videos directly does not seem to be affected. This issue started after the update on 9/20/2018.
  3. Howdy Arthi, any updates on this? It is being flagged by Malwarebytes Anti-Exploit.
  4. We are still receiving alerts that VLC 3.0.4 is being blocked. Exploit payload process blocked BLOCK C:\Users\****\AppData\Local\Temp\vlc-3.0.4-win32.exe **** VLC Player C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Attacked application: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe; Parent process name: SpillmanClient.exe; Layer: Application Behavior Protection; API ID: 205; Address: ; Module: ; AddressType: ; StackTop: ; StackBottom: ; StackPointer: ; Extra: Exploit payload file blocked BLOCK C:\Users\***\AppData\Local\Temp\vlc-3.0.4-win32.exe **** VLC Player C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Attacked application: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe; Parent process name: SpillmanClient.exe; Layer: Application Behavior Protection; API ID: 205; Address: ; Module: ; AddressType: ; StackTop: ; StackBottom: ; StackPointer: ; Extra:
  5. VLC is still being flagged. vlc-3.0.4-win32.exe vlc-3.0.4-win64.exe Exploit payload process blocked BLOCK C:\Users\jhay\AppData\Local\Temp\vlc-3.0.4-win32.exe jhay VLC Player C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Attacked application: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe; Parent process name: SpillmanClient.exe; Layer: Application Behavior Protection; API ID: 205; Address: ; Module: ; AddressType: ; StackTop: ; StackBottom: ; StackPointer: ; Extra: Exploit payload file blocked BLOCK C:\Users\jhay\AppData\Local\Temp\vlc-3.0.4-win32.exe jhay VLC Player C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Attacked application: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe; Parent process name: SpillmanClient.exe; Layer: Application Behavior Protection; API ID: 205; Address: ; Module: ; AddressType: ; StackTop: ; StackBottom: ; StackPointer: ; Extra: Let me know what you need
  6. Atribune, our management server still hasn't gotten v2018.08.31.05 yet.
  7. Express Scribe essetup.exe is being flagged as Adware.DLAssistant.Generic Database Version v2018.08.31.04 MBAM-log-2018-08-31 (13-07-25).txt False Positive.zip
  8. Password Safe Version 3.17 pws_at.dll is being flagged as Adware.DLAssistant.Generic Database Version v2018.08.31.04 False Positive.zip MBAM-log-2018-08-31 (12-45-41).txt
  9. Is this list of known issues still current? Malwarebytes Management Console 1.8.1 Malwarebytes Anti-Malware for Business 1.80.2 Malwarebytes Anti-Exploit for Business 1.12.2.90
  10. Is this still an outstanding issue with MBAM 1.80.2 and Kaspersky? https://support.malwarebytes.com/docs/DOC-2324
  11. Thanks, my confusion was the line " To mitigate delays, reinstall your managed clients". I wasn't sure if this meant uninstall then reinstall or simple push the client install and it would upgrade the version.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.