Jump to content

drdas

Members
  • Content Count

    28
  • Joined

  • Last visited

Everything posted by drdas

  1. One more crazy idea...could this be part of the windows update process trying to clean itself up that MWB is blocking? It did start after I applied updates on wednesday......
  2. Fixes applied as per request. Firefox reset. Still getting the exploit block popup though. Fixlog attached. Fixlog.txt
  3. It is the DASCHUL account that I regularly use. The others are setup by my work IT folks. Will apply recommended fixes and let you know.
  4. And in case it helps, I have also determined that signing out and signing back in to my profile also elicits the exploit pop up. As long as I stay signed in...l no problems.
  5. A couple of things: i dont see an attachment. i am not syncing Firefox with any other devices. Is there a reason to believe that Firefox would be causing the issue in question? thanks again!
  6. And here's the most recent full scan by MWB, in case it is helpful threatscan.txt
  7. as requested. Thanks for your counsel! Addition.txt FRST.txt
  8. After applying updates to my computer overnight, each time I reboot, I am getting the warning below from Malwarebytes. It has occurred with each of two reboots, but I've never seen it before (i'll admit that I only reboot about once per week, unless updates are being installed though). No filename listed as you can see below. Doesn't seem to recur after the reboot, even if the computer remains on for hours and engaging in normal activity. Unclear if this is related to the most recent windows update, but I'm having no other problems, and full MWB scans are coming back clean. Happy to provide any additional logs requested. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 1/16/19 Protection Event Time: 11:18 AM Log File: 6141610c-19aa-11e9-9acc-847beb2bb294.json -Software Information- Version: 3.6.1.2711 Components Version: 1.0.508 Update Package Version: 1.0.8818 License: Premium -System Information- OS: Windows 10 (Build 17134.523) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, [0], [392684],0.0.0 -Exploit Data- Affected Application: Windows Script Host Protection Layer: Malicious Memory Protection Protection Technique: Exploit code executing from Heap memory blocked File Name: URL: (end)
  9. Thanks. Seems like more trouble than its worth. Might be worth passing along to the devs allowing an option to clear the popup without going through this process... something like "always block......."
  10. Team MWB: I'm wondering if there is a way to get rid of the "Add Web Exclusion for....." line item on the menu that pops up when you right click the MWB icon in the taskbar. I have found that whatever item was detected most recently (even if it is weeks or more beforehand) stays there indefinitely. The only way I have found to get rid of that line item is to add the web exclusion and then remove it using the application. Is there something else that I am missing, or a way to turn off this option so that whatever item is blocked is not routinely added to this menu? Thanks for your consideration of this topic.
  11. I just got this same thing. The exact same detections. The file itself is from April, so it must be a new detection scheme. But I wonder if it is a false positive; I uploaded the file to virustotal and only Malwarebytes lists it as malware. I await input from the experts.
  12. Thanks. I'll pass this along to the college and perhaps they can take it up with technolutions
  13. I am also having this problem; I interview applicants for my college alma mater and cannot access the site we use to submit evaluations. Log of the blocked attempt attached. export.txt
  14. Have been having a problem of late where my computer boots fine, everything running well, then five minutes (or so) after boot, I get a popup from McAfee "issue detected". Digging further into McAfee shows the following error: "McAfee Endpoint Security Issue: Exploit Prevention is not responding. Issue: On-Access Scan is not responding. Issue: ScriptScan is not responding." Only way to fix it (as best as I can tell) is to reboot. This happens about 75% of the time when I boot. Notably, on the occasion that I pass the five minute mark and everything continues to work well, I can leave the computer on for hours and there aren't any issues.... this seems to be something specific to that five minute mark. Have reinstalled McAfee without change. Any chance this could be an MWB issue? I've already put two of the main .exe files from McAfee on my MWB exclusion list. Thanks!
  15. Confirmed when I moved back home to problem stopped. Suspect it is related to the need for the hotel wifi to authenticate your computer when you connect. You know when you initially connect and your browser opens to the login screen so you can accept their terms and login before you get access to the extranet? I suspect that your background programs that attempt to call in before you have accepted the hotels terms are redirected to this 123 address. I don't think it's malicious anymore, but could be wrong. #stillnotanexpert
  16. I just had this pop up for the first time, just after I booted up my computer and connected to a network. The text website addresses that my computer was trying to contact, according to the pop up, were actually addresses associated with the university for which I work (wpad.yale.edu, as one example). However, I am connecting through a hotel wifi where I just checked in. I suspect that something about the particular wifi network was causing a redirect to a different IP address. But of course, I'm no expert on this. am going to try to reboot and connect through my wifi hotspot on my phone to see if problem recurs. I suspect it will not.
  17. will do. thank you for your prompt reply! You folks are the best.
  18. This morning, many benign sites to which I browse are associated with a popup from MWB blocking a connection to s1.symcb.com. As best as I can tell, this is a similar problem that occurred after a database update in December 2016 that resolved quickly (presumably after another database update) Is this a dangerous site? If not, can we update the database to whitelist it again?
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.