Jump to content

eduardokbb

Members
  • Content Count

    19
  • Joined

  • Last visited

About eduardokbb

  • Rank
    New Member
  1. After upgrading from Windows 18346.1 to 18348.1 I ran CleanMyPC (software like CCleaner) and it messed up the Path variables. The %windir%/system32 was missing, but all logs (except the ones Posted Thursday at 07:13 PM) I attached here were generated with correct variables. Sorry for delay, it's Carnaval here in Brazil, haha!
  2. @LiquidTension before turning off the feature I executed once more the debugging tool and it zipped a lot of minidumps. That's why I'm posting it here. Hope it can be useful! mbae-logs.zip
  3. I figured the problem, debugging the batch I find that some system variables were missing. It's fixed now. Thank you.
  4. I could reproduce the error again. I just reinstalled MB and Office. When I opened Word the anti-exploit blocked it again. I tried to run the Anti-Exploit debugging but it closes itself before finishing (I changed Windows to english to avoid the problem I had earlier). The Anti-Exploit debugging swapped the DLLs and backed up the non-debugging in my Desktop. After that I tried to open Word again (to reproduce the exploit) and Word got closed again. So I ran the support tools to gather logs and I'm uploading it here for you. This time there's not a minidump at %programdata%, but inside %Programdata%/Malwarebytes theres an AeDetections containing 2 .json files I'm uploading too. Hope this can help with something. mbst-grab-results.zip AeDetections.zip
  5. I'm not being able to reproduce it anymore. It seems to be intermittent. I checked the programdata and inside the MBAE_minidumps there's a WINWORD minidump. I don't know if it can be useful, but I'm attaching it here. MBAE_minidumps.zip
  6. I'm not able to run this tool. It gives an error before asking me to trigger the anti-exploit. Tried to restart my computer and running again, but I got the same error. mbae-debugging.txt
  7. I'm aware. Also, I'm on Office Insider. I'm just asking help because perhaps MS changed something on Office engine and analyzing it now can be helpful for future MB builds.
  8. Hello. I'm having the same issue again. Here are the logs I generated right after Word have been blocked. mbst-grab-results.zip
  9. I reenabled before restarting to test. Anyway, the logfiles could give a clue of what happened.
  10. Restarted computer and it stopped detecting the exploit. Although I don't know what triggered that, it's not happening anymore.
  11. Hello. I'm having problems (started today) with Malwarebytes blocking Microsoft Word due to exploit detection. I can't find how to ignore that, so I had to disable BottomUP ASLR Enforcement for MS Office programs. I'm running Office 365. Any help would be appreciated. Thank you.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.