Jump to content

SOLVED - Malwarebytes - Exploit Blocked re Word 2010


Recommended Posts

Running Windows 10, v 20H2 (19042.1237)  & Malwarebytes 4.4.6.132

This morning, I've opened MS Word 2010 and found a document I opened y'day was open.  On trying to close, it took the PC a little while (longer than usual) and then popped up a window saying 'Exploit Blocked'  - see image

Everytime I try to open Word, I get the same

I have no idea what this is about.  Please can someone help me with sorting this. 

Many thanks

Malwarebytes - Malicious Memory Detected.JPG

Malwarebytes -Report.JPG

Edited by KingFisher
Link to post
Share on other sites

  • Root Admin

Hello @KingFisher

Sorry to hear you're having issues. Please let us get some logs and we'll see if we can help get this corrected for you.

 

To begin, please do the following so that we may take a closer look at your installation for troubleshooting:

NOTE: The tools and the information obtained are safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

  • Download the Malwarebytes Support Tool
  • In your Downloads folder, open the mb-support-x.x.x.xxx.exe file
  • In the User Account Control pop-up window, click Yes to continue the installation
  • Run the MBST Support Tool
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine
  • A zip file named mbst-grab-results.zip will be saved to your desktop, please upload that file on your next reply

Thank you

 

Link to post
Share on other sites

  • Root Admin

Okay, something definitely wrong, just not sure what. The program is not generating a default log.

Let's go ahead and do a clean removal and reinstall of the program.

 

Can you please do the following?

  • Download the Malwarebytes Support Tool or if you already have the program open the program
  • In your Downloads folder, open the mb-support-x.x.x.xxx.exe file
  • In the User Account Control pop-up window, click Yes to continue the installation
  • Run the MBST Support Tool
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, click the CLEAN button and follow the onscreen instructions to reinstall Malwarebytes
  • NOTE: Please have patience as it can take a while to remove and reinstall. The computer will restart to complete

After the restart please do the following

  • Run the MBST Support Tool
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine
  • A zip file named mbst-grab-results.zip will be saved to your desktop, please upload that file on your next reply

Thank you

 

image.png

 

Link to post
Share on other sites

  • Root Admin

That looks a bit better. Okay, let me have you do the following.

Open Malwarebytes and click on the small gear icon on the top right to go to Settings

Then on the General tab scroll down and enable the Event log data then restart the computer.

After the computer restarts please run MS Word and try to duplicate the block again.

Once you're able to duplicate the block alert again then run the MBST tool again and gather new logs.

This time it should log the cause for us.

Thank you @KingFisher and sorry for all the trouble.

 

 

Link to post
Share on other sites

  • Root Admin

Thank you for the logs @KingFisher that provided the information I was looking for.

 

Open Malwarebytes, click the small gear on the top right and go to the Security tab.
Scroll down to the bottom and click the Advanced Settings button
Click on the Advanced memory protection tab
Under the MS Office column uncheck Malicious return address detection 

 

image.png

 

Click Apply

Go back to Settings -> General and turn off the Event log data and restart the computer and let me know if you're still getting the block alert or not.

Thank you

 

Link to post
Share on other sites

  • Root Admin

Exploit protection is always an ongoing development. Bad actors that write exploits are always trying to find new ways to circumvent protections so we also work on updates to help prevent that. But in the process sometimes we may block legitimate processes so it can be a fine line.

Thanks again

 

Link to post
Share on other sites

OK, I don't totally understand how the 'bad' gets in, but appreciate that MWB has to combat this and, sometimes, might be a bit too 'efficient'  That'll do for my level of knowledge and understanding  of computers, thanks  ;)  LOL

Great that everyone has different range of knowledge re computers.  No one can grasp the whole range  LOL

Again, many thanks for your expertise :)

Link to post
Share on other sites

  • KingFisher changed the title to SOLVED - Malwarebytes - Exploit Blocked re Word 2010

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.