Jump to content

Sorr

Members
  • Content Count

    30
  • Joined

  • Last visited

About Sorr

  • Rank
    New Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Sorr

    Steam.exe

    Oh, okay; no problems then. Thank you!
  2. Sorr

    Steam.exe

    Good Evening! I just noticed my Malwarebytes blocked Steam a couple times while I was away from my PC doing chores. Is this a False Positive, or did funky things actually go down with Steam while I was away? If I could get an expert or someone to verify these were both F.P.'s, that's be great; MBam isn't currently flagging Steam right now, but I figured it's better to be safe than sorry. Sorry if this was already resolved/redundant. Thank you! -Sorr steam.txt steam 2.txt
  3. Hello! I just received an alert by my Malwarebytes 4.0 that it blocked an outbound connection to a Steam website. I just wanted to know if this is a false positive, or a legitimate threat. I've attached my log and screenshots below. If I could get a fast response by a staff member/expert, that would be greatly appreciated as this occurred on my work computer. Thanks, and I hope to hear from you soon! steam report.txt
  4. I see what you mean about that IP having multiple domains, got two more popups from Mbam today, but this time on my desktop. Funny thing is, they're both urls I've asked for clarification on before in separate threads lol; one linked to Steam's webpage & the other to Microsoft. I checked both reports and both incidents shared the same IP address that keeps being flagged. Makes me wonder if these legitimate websites can even do anything to change their IP to something dissociated with fraudulent domains entirely.
  5. Okay! So it's not related to the actual web domains insomuch as the actual IP addresses tied to them? I haven't noticed Mbam pop up anymore since early this morning, so it must've been resolved.
  6. This just seems strange to me that Mbam is blocking two urls tied to Microsoft. Maybe both shared an IP address that an old malicious domain shared?
  7. Hello! I just booted up my laptop after two days, and my Malwarebytes is blocking connections that appear to be associated with Microsoft Office 2016, listing the reasons as fraud. I haven't installed anything new since my last time using my laptop, and the last time I've scanned my PC, the report came back negative. I've attached the reports for both blockings below. Can I get a Staff member/expert to verify this & advise me what to do next. Thank you for your time & I hope to hear from you soon. Office Fraud.txt Office Fraud 2.txt
  8. Just restarted my PC, restored all quarantined items back to their regular locations, updated Malwarebytes to the latest update, did a threat scan, and no threats were found; everything seems to have been fixed on my end.
  9. Okay, thank you and I hope you have a good evening!
  10. I have the same thing happening; same files, locations, threat type, & ID numbers too.
  11. Do they involve any files that have "pid.dll" in the filename?
  12. I also Checked the file on Virustotal and Malwarebytes is the only one flagging this file as malware/Trojan.Emotet.Generic.
  13. I just did a threat scan on my computer and I wanted to make sure if this scan was accurate. I had done a full scan last night and didn't get any results, nothing flashed earlier on my real-time protection, and I haven't gone to any unsecured/ non-HTTPS sites (I've been to Zillow, Indeed, and Great Schools.org; literally the only websites I can think of where this trojan may have come from), so I'm not sure if this is a legitimate threat or not.The threat is labeled as Trojan.Emotet.Generic , found under the C:\WINDOWS\SYSWOW64\PID.DLL and found in the HKLM\SOFTWARE folders. I've attached the log file and screenshot of the report below. May I please get some help on this? Thank you! Results 2.txt
  14. Okay, no problem. Have a nice weekend Ron!
  15. Here you are: ActionSuccess : True AdditionalActionsBitMask : 0 AMProductVersion : 4.18.1806.18062 CleaningActionID : 3 CurrentThreatExecutionStatusID : 0 DetectionID : {9017505B-A0DD-4B66-B8A1-201B131AE3F8} DetectionSourceTypeID : 1 DomainUser : DESKTOP-QCM0VIU\Stephen InitialDetectionTime : 7/4/2018 4:26:03 PM LastThreatStatusChangeTime : 7/4/2018 4:27:29 PM ProcessName : Unknown RemediationTime : 7/4/2018 4:27:29 PM Resources : {file:_C:\Users\Stephen\AppData\Local\Packages\windows.immersivecontrolpanel_cw5n1h2tx yewy\LocalState\Indexed\Settings\en-US\ControlPanel.settingcontent-ms, file:_C:\Window s.old\Windows\ImmersiveControlPanel\Settings\ControlPanel.settingcontent-ms, file:_C:\ Windows.old\Windows\WinSxS\amd64_microsoft-windows-s..ngs-searchdataother_31bf3856ad36 4e35_10.0.14393.0_none_91dae98fc47b5ff8\ControlPanel.settingcontent-ms} ThreatID : 2147727924 ThreatStatusErrorCode : 0 ThreatStatusID : 4 PSComputerName : Sorry it's so discombobulating!
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.