watchowner
Members-
Posts
17 -
Joined
-
Last visited
Reputation
0 NeutralRecent Profile Visitors
560 profile views
-
Sorry did not really know they are US based :D
-
I ran a scan of the website on virustotal.com and it comes up clean. Can Malwarebytes check the website for malware?
-
watchowner started following Exploit popping up , False Positive on turnkeypoint.com and sysnative/cmd.exe flagged as an exploit
-
Malwarebytes flags this website Website Blocked: turnkeypoint.com Malwarebytes Browser Guard blocked this page because it may contain malicious activity. Is this a fals positive because I use this site when building new PCs.
-
All updated and keeping an eye on things. I did notice when I opened my laptop this morning, EMSISOFT was doing a missed scan. I wonder if that happened the other day and it is wjhat caused the problem?
-
Everything has been updated and I will keep an eye out for anymore issues. Thank you!!
-
No more log entries since 7am EST.
-
My trouble ticket(s) I opened were kicked back saying my email address was not found. I am using the same email for the support ticket submission as I use for the account portal. SO the forum is my only help 😁
-
Just rebooted and ran the program again. See attached. mbst-grab-results.zip
-
Attached!😁 mbst-grab-results.zip
-
Not scanning but monitoring realtime. The strange thing is that filepath and registry entry do not exist on my PC and nothing was quarantined.
-
Nothing, as soon as I opened my laptop (sitting overnight) there was the alert. My browser was opened with a few tabs but nothing else was opeen except emsisoft.
-
I have opened a Support Ticket!
-
Strange thing is, this folder does not exist on my PC C:\WINDOWS\sysnative
-
This popped up this morning and while MB shows it was quarantined, there is nothing inmy quarantine? Is this a legit exploit or false positive? Thanks ============================================================= Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/27/22 Protection Event Time: 6:56 AM Log File: 90d17b3e-6e4a-11ed-befc-000000000000.json -Software Information- Version: 4.5.17.221 Components Version: 1.0.1806 Update Package Version: 1.0.62790 License: Premium -System Information- OS: Windows 11 (Build 22621.819) CPU: x64 File System: NTFS User: System -Exploit Details- File: 1 Malware.Exploit.Agent.Generic, C:\WINDOWS\sysnative\cmd.exe, Quarantined, 0, 392684, 0.0.0, , Exploit: 0 (No malicious items detected) (end) ============================================================= Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/26/22 Protection Event Time: 5:07 AM Log File: 0ef375fa-6d72-11ed-b5f6-000000000000.json -Software Information- Version: 4.5.17.221 Components Version: 1.0.1806 Update Package Version: 1.0.62782 License: Premium -System Information- OS: Windows 11 (Build 22621.819) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Exploit.PayloadProcessBlock, C:\WINDOWS\sysnative\cmd.exe C:\WINDOWS\sysnative\cmd.exe \c C:\WINDOWS\System32\REG QUERY HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography \v MachineGuid, Blocked, 0, 392684, 0.0.0, , -Exploit Data- Affected Application: cmd Protection Layer: Application Behavior Protection Protection Technique: Exploit payload process blocked File Name: C:\WINDOWS\sysnative\cmd.exe C:\WINDOWS\sysnative\cmd.exe \c C:\WINDOWS\System32\REG QUERY HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography \v MachineGuid URL: (end)
-
since the domain or IP is not blacklisted according to hosts-file.net, why is malwarebytes still blocking it?