Jump to content

Malware.Exploit.Agent.Generic False positive or not ?


Anthony666
 Share

Recommended Posts

Hello, few minutes ago i got windows popup notification that i can change language with alt + shift, in that time i had only one language installed, after that i added eng language and i tried alt + shift to change language but it didnt worked so i opened win 10 notifications and clicked on that popup, malwarebytes instantly reported and blocked exploit from it. Is it false positive or do i have some **** in my newly installed windows 10 ? here is screen, log + mbst-grab-results

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 5/7/22
Protection Event Time: 11:26 PM
Log File: 44809178-ce4c-11ec-8d17-708bcda70544.json

-Software Information-
Version: 4.5.8.191
Components Version: 1.0.1666
Update Package Version: 1.0.54674
License: Trial

-System Information-
OS: Windows 10 (Build 19044.1645)
CPU: x64
File System: NTFS
User: System

-Exploit Details-
File: 0
(No malicious items detected)

Exploit: 1
Malware.Exploit.Agent.Generic, C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe Shell32.dll,Control_RunDLL input.dll,,{C07337D3-DB2C-4D0B-9A93-B722A6C106E2}{HOTKEYS}, Blocked, 0, 392684, 0.0.0, , 

-Exploit Data-
Affected Application: Windows Control Panel
Protection Layer: Application Behavior Protection
Protection Technique: Exploit Office loading points abuse blocked
File Name: C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe Shell32.dll,Control_RunDLL input.dll,,{C07337D3-DB2C-4D0B-9A93-B722A6C106E2}{HOTKEYS}
URL: 

(end)

report.jpg

mbst-grab-results.zip

Link to post
Share on other sites

1 minute ago, Anthony666 said:

No, i have it disabled.

It a FP, Anti exploit has been a little aggressive with with system functions for a while now.

You wont have an issue when the trial is over and you go to free mode. Since you use ESET,  I assume you are planning to use Malwarebytes as a second opinion scanner.

  • Like 1
Link to post
Share on other sites

1 minute ago, Porthos said:

Did you click apply?

yes i clicked apply. I fixed it another way, just changed combination in windows 10 settings for it. It seems like it was swapped with Ctrl + shift. Its weird, i never changed it.
well, when its false positive and all is working again(i hope) then its done i think.  I was ready to reinstall win10 again :D
Thank you for your time and help.

  • Like 1
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.