baker_eliz

No new alerts! Great! Thanks, again.

I assume we are finished here. Thank you so much for all your help, Porthos.

Okay, reinstalled successfully.

Having trouble with internet right now--painfully slow. We are at the end of a rural internet connection and it drops out and/or slows down a lot. Got the exe downloaded but will not run it at the moment. Will try again in a little while.

I did? Your instructions said: Please say no and close the X button on the top right for Privacy. I interpreted this to mean no to reinstalling. The last entry in the clean-up log says I clicked no. Was it reinstalled anyway?

Odd, I don't know how that got set to 300 days. Certainly doesn't sound like something I would do intentionally! So, I gather I am to reinstall now?

Done. There was a scary moment when I restarted and received messages about setting up my computer, but all was well. I am attaching the cleanup log in case you want it. mbst-clean-results.txt

Thanks. Porthos. Here's the file. mbst-grab-results.zip

Hi, Porthos. I went to MILs home for dinner and left browser open while I was gone. Came home, closed three tabs on my browser (Firefox) and exploit blocked message came up again.

I wasn't doing anything special, or even doing anything at all at the particular moment the notification popped up. I *think* it is coming up after Malwarebytes runs on opening the browser. I'll pay more attention next time.

Hi, Porthos. No, I do not have it enabled. Thanks. --elizabeth

I am having the same problem as in the topic referenced above, beginning on 2/2/23 and still continuing. Notification below. Is there any way to stop this? Thanks. --elizabeth Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 2/6/23 Protection Event Time: 9:11 AM Log File: 35f06c14-a641-11ed-bf6d-ccf9e4675876.json -Software Information- Version: 4.5.20.230 Components Version: 1.0.1868 Update Package Version: 1.0.65370 License: Premium -System Information- OS: Windows 11 (Build 22621.1194) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Exploit.PayloadProcessBlock, C:\WINDOWS\sysnative\cmd.exe C:\WINDOWS\sysnative\cmd.exe \c C:\WINDOWS\System32\REG QUERY HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography \v MachineGuid, Blocked, 0, 392684, 0.0.0, , -Exploit Data- Affected Application: cmd Protection Layer: Application Behavior Protection Protection Technique: Exploit payload process blocked File Name: C:\WINDOWS\sysnative\cmd.exe C:\WINDOWS\sysnative\cmd.exe \c C:\WINDOWS\System32\REG QUERY HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography \v MachineGuid URL: (end)