Yesterday I posted the section that follows to the Malwarebytes 3.0 forum and an Advanced Member by the username of Telos suggested to post it here. Whether this is a false exploit or not I cannot tell. Please advise.
---> Posted yesterday on the Malwarebytes 3.0 forum
Today when I open Node.js Command Prompt on Windows, Malwarebytes blocks it with the information that appears at the end of this message.
The target of the Node.js Command Prompt shortcut is: C:\Windows\System32\cmd.exe /k "C:\Program Files\nodejs\nodevars.bat"
I have used this for months and today it comes up and is blocked and closes immediately. Repeated attempts result in the same behavior.
What is the deal?
-Log Details-
Protection Event Date: 2/8/17
Protection Event Time: 4:26 PM
Logfile:
Administrator: Yes
-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.50
Update Package Version: 1.0.1214
License: Premium
-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: System
-Exploit Details-
File: 0
(No malicious items detected)
Exploit: 1
Malware.Exploit.Agent.Generic, , Blocked, [0], [-1],0.0.0
-Exploit Data-
Affected Application: cmd
Protection Layer: Application Behavior Protection
Protection Technique: Exploit payload process blocked
File Name: C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\cmd.exe \c \node.exe -p -e process.versions.node + ' (' + process.arch + ')'
URL:
(end)