Jump to content
Kiwinoel

ANSWERED [ RESOLVED ] How do I get rid of this Malware.Exploit.Agent.Generic, , Blocked, [0], [39

Recommended Posts

Hi guys

This has been bugging me for a couple of days now. Hoping someone can help.

Actions:

Running Chrome Browser
Right Click to save current tab
Save As
Go to Windows Explorer - navigate
Right Click in Windows Explorer to create a new Folder - BAM.

Report is below,

Thanks in advance for any help.

Noel

==========
Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 11/5/19
Protection Event Time: 1:51 PM
Log File: 7220f044-ff66-11e9-b1a8-1062e58fcdd3.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.629
Update Package Version: 1.0.13179
License: Premium

-System Information-
OS: Windows 10 (Build 18362.418)
CPU: x64
File System: NTFS
User: System

-Exploit Details-
File: 0
(No malicious items detected)

Exploit: 1
Malware.Exploit.Agent.Generic, , Blocked, [0], [392684],0.0.0

-Exploit Data-
Affected Application: Google Chrome (and plug-ins)
Protection Layer: Protection Against OS Security Bypass
Protection Technique: Exploit ROP gadget attack blocked
File Name: 
URL: 

(end)

Share this post


Link to post
Share on other sites

***This is an automated reply***

Hi,

Thanks for posting in the Malwarebytes for Windows Help forum.

 

If you are having technical issues with our Windows product, please do the following: 

Spoiler

If you haven’t already done so, please run the Malwarebytes Support Tool and then attach the logs in your next reply:

NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

  1. Download Malwarebytes Support Tool
  2. Once the file is downloaded, open your Downloads folder/location of the downloaded file
  3. Double-click mb-support-X.X.X.XXXX.exe to run the program
    • You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
  4. Place a checkmark next to Accept License Agreement and click Next
  5. You will be presented with a page stating, "Get Started!"
  6. Click the Advanced tab on the left column

    mbst_get_started.jpg
     
  7. Click the Gather Logs button

    mbst_advanced_gather_logs.jpg
     
  8. A progress bar will appear and the program will proceed with getting logs from your computer

    mbst_getting_logs.jpg
     
  9. Upon completion, a file named mbst-grab-results.zip will be found on your Desktop. Click OK

    mbst_log_saved_desktop.jpg
     
  10. Please attach the file in your next reply. Before submitting your reply, be sure to enable "Notify me of replies" like so:

     notify me.jpeg  

Click "Reveal Hidden Contents" below for details on how to attach a file:
 

Spoiler

To save attachments, please click the link as shown below. You can click and drag the files to this bar or you can click the choose files, then browse to where your files are located, select them and click the Open button.

mb_attach.jpg.220985d559e943927cbe3c078b
 

One of our experts will be able to assist you shortly.

 

If you are having licensing issues, please do the following: 

Spoiler

For any of these issues:

  • Renewals
  • Refunds (including double billing)
  • Cancellations
  • Update Billing Info
  • Multiple Transactions
  • Consumer Purchases
  • Transaction Receipt

Please contact our support team at https://support.malwarebytes.com/community/consumer/pages/contact-us to get help

If you need help looking up your license details, please head here: https://support.malwarebytes.com/docs/DOC-1264 

 

Thanks in advance for your patience.

-The Malwarebytes Forum Team

 

Share this post


Link to post
Share on other sites

Please follow the directions from the following topic and let us know if that corrects the isssue

 

Thanks

Ron

 

Share this post


Link to post
Share on other sites

Hi @Kiwinoel,

Please carry out the "technical issue" instructions in post #2 and attach the generated log file.
 

12 hours ago, Kiwinoel said:

Running Chrome Browser
Right Click to save current tab
Save As
Go to Windows Explorer - navigate
Right Click in Windows Explorer to create a new Folder - BAM.

Are you right-clicking the page contents and clicking Save As? Or clicking elsewhere?
Where are you attempting to create a new folder?
When did this issue first start occurring? Did it coincide with any significant changes to the computer?

Share this post


Link to post
Share on other sites

Thanks for getting back to me. 

I have attached two messages (1 before updating, one after), plus the Grab.zip file. Hope these help.

Questions/Answers below:

1. Are you right-clicking the page contents and clicking Save As? Or clicking elsewhere?

<<Right-Clicking the Page Contents and then Clicking on Save As

2. Where are you attempting to create a new folder?

<<On my D:Drive but it does not seem to matter where,

3. When did this issue first start occurring? Did it coincide with any significant changes to the computer?

<<Several days ago - cannot recall any major changes. I just replicated the message - text is below

Malwarebytes

www.malwarebytes.com

-Log Details-
Protection Event Date: 11/6/19
Protection Event Time: 11:10 AM
Log File: 1cc8aa70-0019-11ea-a1a3-1062e58fcdd3.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.629
Update Package Version: 1.0.13193
License: Premium

-System Information-
OS: Windows 10 (Build 18362.418)
CPU: x64
File System: NTFS
User: System

-Exploit Details-
File: 0
(No malicious items detected)

Exploit: 1
Malware.Exploit.Agent.Generic, , Blocked, [0], [392684],0.0.0

-Exploit Data-
Affected Application: Google Chrome (and plug-ins)
Protection Layer: Protection Against OS Security Bypass
Protection Technique: Exploit ROP gadget attack blocked
File Name: 
URL: 

(end)

===================

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 06/11/2019
Protection Event Time: 11:25
Log File: 292eee44-001b-11ea-af00-1062e58fcdd3.json

-Software Information-
Version: 4.0.4.49
Components Version: 1.0.717
Update Package Version: 1.0.14572
Licence: Premium

-System Information-
OS: Windows 10 (Build 18362.418)
CPU: x64
File System: NTFS
User: System

-Exploit Details-
File: 0
(No malicious items detected)

Exploit: 1
Malware.Exploit.Agent.Generic, , Blocked, 0, 392684, 0.0.0

-Exploit Data-
Affected Application: Google Chrome (and plug-ins)
Protection Layer: Protection Against OS Security Bypass
Protection Technique: Exploit ROP gadget attack blocked
File Name: 
URL: 

(end)

LogFile2.txt LogFile.txt mbst-grab-results.zip

Share this post


Link to post
Share on other sites

Hi Ron

I have also tried clearing the sync settings a few times - still getting the same problem.

Either I am not dong something right or the sync settings are not the problem.

I will check another machine I have been using to see whether it has any problems.

Hoping we can nail this issue sooner rather than pater 🙂

All he best,

Noel

 

======================

Thanks for getting back to me. 

I have attached two messages (1 before updating, one after), plus the Grab.zip file. Hope these help.

Questions/Answers below:

1. Are you right-clicking the page contents and clicking Save As? Or clicking elsewhere?

<<Right-Clicking the Page Contents and then Clicking on Save As

2. Where are you attempting to create a new folder?

<<On my D:Drive but it does not seem to matter where,

3. When did this issue first start occurring? Did it coincide with any significant changes to the computer?

<<Several days ago - cannot recall any major changes. I just replicated the message - text is below

Malwarebytes

www.malwarebytes.com

-Log Details-
Protection Event Date: 11/6/19
Protection Event Time: 11:10 AM
Log File: 1cc8aa70-0019-11ea-a1a3-1062e58fcdd3.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.629
Update Package Version: 1.0.13193
License: Premium

-System Information-
OS: Windows 10 (Build 18362.418)
CPU: x64
File System: NTFS
User: System

-Exploit Details-
File: 0
(No malicious items detected)

Exploit: 1
Malware.Exploit.Agent.Generic, , Blocked, [0], [392684],0.0.0

-Exploit Data-
Affected Application: Google Chrome (and plug-ins)
Protection Layer: Protection Against OS Security Bypass
Protection Technique: Exploit ROP gadget attack blocked
File Name: 
URL: 

(end)

===================

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 06/11/2019
Protection Event Time: 11:25
Log File: 292eee44-001b-11ea-af00-1062e58fcdd3.json

-Software Information-
Version: 4.0.4.49
Components Version: 1.0.717
Update Package Version: 1.0.14572
Licence: Premium

-System Information-
OS: Windows 10 (Build 18362.418)
CPU: x64
File System: NTFS
User: System

-Exploit Details-
File: 0
(No malicious items detected)

Exploit: 1
Malware.Exploit.Agent.Generic, , Blocked, 0, 392684, 0.0.0

-Exploit Data-
Affected Application: Google Chrome (and plug-ins)
Protection Layer: Protection Against OS Security Bypass
Protection Technique: Exploit ROP gadget attack blocked
File Name: 
URL: 

(end)

Share this post


Link to post
Share on other sites

Thanks for the logs. We're looking further into this.

Could you try disabling extensions one-by-one and check if this has any impact?

Edited by LiquidTension

Share this post


Link to post
Share on other sites

Hello,

We've identified the cause - Copernic Desktop Search. We'll be releasing an update to address this issue permanently in the future.

In the meantime, to mitigate this issue you can either temporarily uninstall Copernic Desktop Search or make the following changes below to your Exploit Settings.

  • Open Malwarebytes.
  • Click Settings -> Protection -> Advanced Settings.
  • Click Advanced Memory Protection.
  • Under the Chrome Browsers column, uncheck both rows with "CALL ROP" in.
  • Click Apply.

Share this post


Link to post
Share on other sites

Thank you for the status update and confirmation on the workaround fix

I'll go ahead then and close your topic now.

Take care and have a great weekend

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.