Jump to content

False Positive or Exploit?


Recommended Posts

Today when I started Firefox Developer Edition, it closed and MB popped up with this in the logs:



-Log Details-
Protection Event Date: 11/7/17
Protection Event Time: 6:37 PM
Log File: d2602d10-c42d-11e7-b8cf-4ccc6a4da6f0.json
Administrator: Yes

-Software Information-
Components Version: 1.0.212
Update Package Version: 1.0.3202
License: Premium

-System Information-
OS: Windows 10 (Build 14393.1593)
CPU: x64
File System: NTFS
User: System

-Exploit Details-
File: 0
(No malicious items detected)

Exploit: 1
Malware.Exploit.Agent.Generic, , Blocked, [0], [392684],0.0.0

-Exploit Data-
Affected Application: Mozilla Firefox (and add-ons)

File Name: 




Is this a false positive? Or should I be worried?

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Hi Combiner,

Thanks for reporting. Can you please get some logs, so we can help you out. Please follow the below instructions.

1. Exploit logs:
Please download the files from this link:

Press the Windows + R keys, type "services.msc" and hit Enter.

Find the service named "Malwarebytes service" and use the right click menu to stop the service.

Extract the contents of the ZIP to a sub-folder in your Desktop.
Copy the files mbae.dll and mbae64.dll and paste them to the C:\Program Files\Malwarebytes\Anti-Malware\ folder.
Copy the files mbae.sys and mbae64.sys and paste them to the C:\Windows\System32\drivers\ folder.

After you replace the files, start the "Malwarebytes service" service again or reboot the computer. 

Reproduce the problem and collect and send back to us these two files:

The directory is hidden by default so you might have to click on "View -> Hidden items" in Explorer to see it.   
There is also a post here from Microsoft on how to do this for the more recent OS: https://support.microsoft.com/en-us/help/14201/windows-show-hidden-files


Please download FRST from the link below and save it to your desktop:

Double-click the purple FRST icon to run the program. Click Yes when the disclaimer appears.
Click the Scan button. When the scan has finished, it will make 2 log files in the same directory the tool is run, FRST.txt and Addition.txt. Please attach both files to your reply.

I know this is a lot to do at once, so if you have any questions about the process, please let me know!



Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.