DecisionModels

log was submitted by customer - malwarebytes is not an AV we use to test with. What surprises me is that it looks like in this case just using a VBScript Dictionary object seems to trigger this warning - probably the majority of Excel VBA Addins use Dictionary. if this really is the cause then Malwarebytes needs to create a much smarter algorithm

InstallV4Bundle.zipA cusstomer has reported that MalwareBytes reports a malicious attempt to execute a VBScript when using our FastExcel product (an Excel addin) This is a false positive. The product (like thousands of others) uses a reference to the VBScript DLL to create and use a VBScript Dictionary object. I have verified that the installed XLAM files that use VBScript are correctly digitally signed. The installer for fastExcel is attached Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 8/22/22 Protection Event Time: 9:36 AM Log File: 62857e64-221f-11ed-b597-2816a80a2f10.json -Software Information- Version: 4.5.13.208 Components Version: 1.0.1740 Update Package Version: 1.0.58999 License: Premium -System Information- OS: Windows 10 (Build 19044.1889) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, C:\Windows\System32\vbscript.dll, Blocked, 0, 392684, 0.0.0, 7605F07418C880F209C3C09136F9B278, 1D7C82F9A0DC4F05FAD2BEEB7BA524401BAF541CBE1FA36ACB6DC85100E33B8C -Exploit Data- Affected Application: Microsoft Office Excel Protection Layer: Application Hardening Protection Technique: Attempt to execute VBScript blocked File Name: C:\Windows\System32\vbscript.dll URL: (end) InstallV4Bundle.zip