Jump to content

Casey

Members
  • Content Count

    4
  • Joined

  • Last visited

About Casey

  • Rank
    New Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I've been seeing exploit notifications at least once a day from the same machine over and over. We have scanned the machine and nothing has come up. We deleted Word/Excel documents that were reportedly causing problems, and we re-installed Office (2016/2013 32bit) on the machine. Is this a legit threat or do we need to add an exclusion? Quoted from Server Notification: "6/6/2017 8:22:04 AM XXXXXXX Exploit payload process blocked BLOCK C:\Program Files\Common Files\Microsoft Shared\OFFICE16\FLTLDR.EXE C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\PNG32.FLT XXXXX OUTLOOK.EXE C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE Attacked application: C:\Program Files\Microsoft Office\Office16\OUTLOOK.EXE; Parent process name: explorer.exe; Layer: Application Behavior Protection; API ID: 207; Address: ; Module: ; AddressType: ; StackTop: ; StackBottom: ; StackPointer: ; Extra: " Certain info has been removed for obvious reasons I have also attached a zip file of the AE folder and logs. Malwarebytes Anti-Exploit.zip
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.