maxamillion Posted September 14, 2021 ID:1479697 Share Posted September 14, 2021 (edited) I use mkvirtualenv https://virtualenvwrapper.readthedocs.io/en/latest/command_ref.html to create virtual environments for Python development. mkvirtualenv creates a symbolic link to python to the environment folder when creating the environment. I have tried adding the file (symbolic link) to the ignore list but this has no effect. If I replace the symbolic link with the real file I have no further problems, but this defeats the purpose of the Virtual Environment. The only other option is to turn of Exploit Protection in fact I usually just Quit Malware bytes completely. 'Malware.Exploit.Agent.Generic, , Blocked, 0, 392684, 0.0.0, , ' Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 9/7/21 Protection Event Time: 3:11 PM Log File: 0afb2eb6-0f9a-11ec-92ea-08d40cec9aa4.json -Software Information- Version: 4.4.4.126 Components Version: 1.0.1413 Update Package Version: 1.0.44716 License: Premium -System Information- OS: Windows 10 (Build 19043.1202) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, 0, 392684, 0.0.0, , -Exploit Data- Affected Application: C:\Users\xxxxx\Envs\sensorenv\Scripts\python.exe Protection Layer: APT Behavior Protection Protection Technique: T1003 - Credential Access File Name: URL: (end) Edited September 14, 2021 by AdvancedSetup disabled live hyperlink Link to post Share on other sites More sharing options...
Staff cli Posted September 14, 2021 Staff ID:1479701 Share Posted September 14, 2021 (edited) This is an exploit detection. Can you post in the Exploit Section? Thanks. Edited September 14, 2021 by cli Link to post Share on other sites More sharing options...
Porthos Posted September 14, 2021 ID:1479720 Share Posted September 14, 2021 I moved your post to the correct section 🙂 Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted September 14, 2021 Root Admin ID:1479722 Share Posted September 14, 2021 Hello @maxamillion Can you please open Malwarebytes and go to Settings, General and enable enhanced logging. Then duplicate the block. Then gather logs for us. Then turn off the enhanced logging. To begin, please do the following so that we may take a closer look at your installation for troubleshooting: NOTE: The tools and the information obtained are safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Download the Malwarebytes Support Tool In your Downloads folder, open the mb-support-x.x.x.xxx.exe file In the User Account Control pop-up window, click Yes to continue the installation Run the MBST Support Tool In the left navigation pane of the Malwarebytes Support Tool, click Advanced In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine A zip file named mbst-grab-results.zip will be saved to your desktop, please upload that file on your next reply Thank you Link to post Share on other sites More sharing options...
maxamillion Posted September 29, 2021 Author ID:1481987 Share Posted September 29, 2021 Hi, I came back today to see if there was any info on this topic. I have included the zip file as requested. TIA mbst-grab-results.zip Link to post Share on other sites More sharing options...
Porthos Posted September 29, 2021 ID:1481988 Share Posted September 29, 2021 13 minutes ago, maxamillion said: I have included the zip file as requested. Quote Version Installed: Malwarebytes version 4.4.4.126 Your logs show you are several program versions behind. Please update Malwarebytes. Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now