The file looks like it is no longer being caught on scan, but when it is run (from Excel), it is treated as an exploit and not allowed. Is there any way to avoid this? Log details below:
Malwarebytes
www.malwarebytes.com
-Log Details-
Protection Event Date: 11/30/17
Protection Event Time: 3:57 AM
Log File: 8929222f-d5ac-11e7-a0c1-74867a148120.json
Administrator: Yes
-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.236
Update Package Version: 1.0.3378
License: Trial
-System Information-
OS: Windows 10 (Build 10586.1176)
CPU: x64
File System: NTFS
User: System
-Exploit Details-
File: 0
(No malicious items detected)
Exploit: 1
Malware.Exploit.Agent.Generic, , Blocked, [0], [392684],0.0.0
-Exploit Data-
Affected Application: Microsoft Office Excel
Protection Layer: Application Behavior Protection
Protection Technique: Exploit payload process blocked
File Name: c:\MedCalc\cmd \c c:\MedCalc\MedCalc2.exe -qo c:\MedCalc\FP1.txt c:\MedCalc\SNF\SN515012.17A1
URL:
(end)
A bit of background: We have Excel-based applications which call and run the MedCalc2.exe file from within the application, as part of a government-mandated software package for Medicare-certified facilities. The MedCalc2 program generates unique encryptions for each of a text file and a pdf file, stamping the encryption code at the bottom of each. Thank you for your help!
