Jump to content

drdas

Members
  • Content Count

    28
  • Joined

  • Last visited

About drdas

  • Rank
    New Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Will do. Thanks so much for your advice!
  2. One more crazy idea...could this be part of the windows update process trying to clean itself up that MWB is blocking? It did start after I applied updates on wednesday......
  3. Fixes applied as per request. Firefox reset. Still getting the exploit block popup though. Fixlog attached. Fixlog.txt
  4. It is the DASCHUL account that I regularly use. The others are setup by my work IT folks. Will apply recommended fixes and let you know.
  5. And in case it helps, I have also determined that signing out and signing back in to my profile also elicits the exploit pop up. As long as I stay signed in...l no problems.
  6. A couple of things: i dont see an attachment. i am not syncing Firefox with any other devices. Is there a reason to believe that Firefox would be causing the issue in question? thanks again!
  7. And here's the most recent full scan by MWB, in case it is helpful threatscan.txt
  8. as requested. Thanks for your counsel! Addition.txt FRST.txt
  9. After applying updates to my computer overnight, each time I reboot, I am getting the warning below from Malwarebytes. It has occurred with each of two reboots, but I've never seen it before (i'll admit that I only reboot about once per week, unless updates are being installed though). No filename listed as you can see below. Doesn't seem to recur after the reboot, even if the computer remains on for hours and engaging in normal activity. Unclear if this is related to the most recent windows update, but I'm having no other problems, and full MWB scans are coming back clean. Happy to provide any additional logs requested. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 1/16/19 Protection Event Time: 11:18 AM Log File: 6141610c-19aa-11e9-9acc-847beb2bb294.json -Software Information- Version: 3.6.1.2711 Components Version: 1.0.508 Update Package Version: 1.0.8818 License: Premium -System Information- OS: Windows 10 (Build 17134.523) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, [0], [392684],0.0.0 -Exploit Data- Affected Application: Windows Script Host Protection Layer: Malicious Memory Protection Protection Technique: Exploit code executing from Heap memory blocked File Name: URL: (end)
  10. Thanks. Seems like more trouble than its worth. Might be worth passing along to the devs allowing an option to clear the popup without going through this process... something like "always block......."
  11. Team MWB: I'm wondering if there is a way to get rid of the "Add Web Exclusion for....." line item on the menu that pops up when you right click the MWB icon in the taskbar. I have found that whatever item was detected most recently (even if it is weeks or more beforehand) stays there indefinitely. The only way I have found to get rid of that line item is to add the web exclusion and then remove it using the application. Is there something else that I am missing, or a way to turn off this option so that whatever item is blocked is not routinely added to this menu? Thanks for your consideration of this topic.
  12. drdas

    Not sure if a false positive pid.dll

    So confirmed false positive?
  13. drdas

    pid.dll

    I just got this same thing. The exact same detections. The file itself is from April, so it must be a new detection scheme. But I wonder if it is a false positive; I uploaded the file to virustotal and only Malwarebytes lists it as malware. I await input from the experts.
×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.