aroberge

Thanks for the solution; it was too obvious.

Recently, I joined my computer to my employer's domain. As a result of doing so, a Group Policy Option has changed the style of the control panel to the classic style (which I prefer anyway). However, MalwareBytes flags this as a malware which needs to be quarantined. Is there any way I can prevent MalwareBytes from flagging this registry change as an indication of malware?

For the past 3 week or so, the problem has gone away. I had assumed it was an updated malware definition that took care of it ... Sorry, but I cannot reproduce it.

Rsullinger, Please find the files attached. mbae-default.log MBAMSERVICE.LOG exploit.txt

After "Exclude a previously detected Exploit", I am presented wth a menu which asks me to select and identified exploit with two fields in which I cannot enter anything (one for an exploit hash and the other for an application). However, there is a "Select" button. If I click on it, there are exploit shown that I can select. I did try to add an exclusion for cmd.exe (which seems rather broad ... but just to see what would happen) and nothing change. Note that I can run the exact same script many times in a row and that sometiems it runs correctly, and sometimes it is prevented to run by Malwarebytes.

I'm trying to run some simple npm run scripts (https://www.npmjs.com/). How do I exclude such events? Here's the output Malwarebytes www.malwarebytes.com -Détails du journal- Date de l'événement de protection: 10/12/2016 Heure de l'événement de protection: 12:22 Fichier journal: Administrateur: Oui -Informations du logiciel- Version: 3.0.4.1269 Version de composants: 1.0.39 Version de pack de mise à jour: 1.0.680 Licence: Premium -Informations système- Système d'exploitation: Windows 10 Processeur: x64 Système de fichiers: NTFS Utilisateur: System -Détails de l'exploit- Fichier: 0 (Aucun élément malveillant détecté) Exploit: 1 Malware.Exploit.Agent.Generic, , Bloqué, [0], [-1],0.0.0 -Données de l'exploit- Application concernée: cmd Couche de protection: Application Behavior Protection Technique de protection: Exploit payload process blocked Nom du fichier: C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\cmd.exe \S \D \c tape tests\unit_tests\**\*.js URL: (end)