watchowner

Sorry did not really know they are US based :D

I ran a scan of the website on virustotal.com and it comes up clean. Can Malwarebytes check the website for malware?

Malwarebytes flags this website Website Blocked: turnkeypoint.com Malwarebytes Browser Guard blocked this page because it may contain malicious activity. Is this a fals positive because I use this site when building new PCs.

All updated and keeping an eye on things. I did notice when I opened my laptop this morning, EMSISOFT was doing a missed scan. I wonder if that happened the other day and it is wjhat caused the problem?

Everything has been updated and I will keep an eye out for anymore issues. Thank you!!

No more log entries since 7am EST.

My trouble ticket(s) I opened were kicked back saying my email address was not found. I am using the same email for the support ticket submission as I use for the account portal. SO the forum is my only help 😁

Just rebooted and ran the program again. See attached. mbst-grab-results.zip

Attached!😁 mbst-grab-results.zip

Not scanning but monitoring realtime. The strange thing is that filepath and registry entry do not exist on my PC and nothing was quarantined.

Nothing, as soon as I opened my laptop (sitting overnight) there was the alert. My browser was opened with a few tabs but nothing else was opeen except emsisoft.

I have opened a Support Ticket!

Strange thing is, this folder does not exist on my PC C:\WINDOWS\sysnative

This popped up this morning and while MB shows it was quarantined, there is nothing inmy quarantine? Is this a legit exploit or false positive? Thanks ============================================================= Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/27/22 Protection Event Time: 6:56 AM Log File: 90d17b3e-6e4a-11ed-befc-000000000000.json -Software Information- Version: 4.5.17.221 Components Version: 1.0.1806 Update Package Version: 1.0.62790 License: Premium -System Information- OS: Windows 11 (Build 22621.819) CPU: x64 File System: NTFS User: System -Exploit Details- File: 1 Malware.Exploit.Agent.Generic, C:\WINDOWS\sysnative\cmd.exe, Quarantined, 0, 392684, 0.0.0, , Exploit: 0 (No malicious items detected) (end) ============================================================= Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/26/22 Protection Event Time: 5:07 AM Log File: 0ef375fa-6d72-11ed-b5f6-000000000000.json -Software Information- Version: 4.5.17.221 Components Version: 1.0.1806 Update Package Version: 1.0.62782 License: Premium -System Information- OS: Windows 11 (Build 22621.819) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Exploit.PayloadProcessBlock, C:\WINDOWS\sysnative\cmd.exe C:\WINDOWS\sysnative\cmd.exe \c C:\WINDOWS\System32\REG QUERY HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography \v MachineGuid, Blocked, 0, 392684, 0.0.0, , -Exploit Data- Affected Application: cmd Protection Layer: Application Behavior Protection Protection Technique: Exploit payload process blocked File Name: C:\WINDOWS\sysnative\cmd.exe C:\WINDOWS\sysnative\cmd.exe \c C:\WINDOWS\System32\REG QUERY HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography \v MachineGuid URL: (end)

since the domain or IP is not blacklisted according to hosts-file.net, why is malwarebytes still blocking it?

Thanks is there a way to see why it is blocked using either malwarebytes program or a checker on malwarebytes website? Would be much more helpful then being in the dark as to what something is blocked.

Can someone tell me why www.faberusa.com is being blocked by malwarebytes? The site comes up clean on every site scanner I could find. Malwarebytes seems to keep this information secret as I cannot find the reason as to why the block in either the program or on the website. Any info would be helpful Thanks Watch