Jump to content

Pidd

Honorary Members
  • Posts

    74
  • Joined

  • Last visited

  • Days Won

    1

Pidd last won the day on September 18

Pidd had the most liked content!

Reputation

1 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I've had no similar issues or blocks happening, and we just cleared the cache and cookies through a fix. I think I'm fine, no plans on revisiting that link. I barely click links my friends send me.. Thanks for everything again! I'll go ahead and remove FRST later tonight.
  2. I think you might be correct @AdvancedSetup. Log attached! mwb_block.txt
  3. I'll check them out, thanks! MWB did however not like the second link, immediately made a block..
  4. I don't think so. Apart from that blocked threat, nothing out of the ordinary has been going on. And that definitely shouldn't be a problem anymore. I'm assuming all logs looked fine? If you're good, I'm good! If nothing else, you can go ahead and close the thread. Thanks again for all the help and making sure my computer is clean! Cheers!
  5. Alright Kevin, I ran them both. Logs attached! A little fyi though, while I was logged out from my accounts/sites I didn't necessarily have to retype all my passwords.. Which was one of my worries running the fix. I do hope everything is fine. Thanks! Fixlog.txt msert.log
  6. Hi Kevin, I'm back - thank you for your patience. Not super keen on running that fix though, so I'd rather pass. My PC hasn't been acting strange, and all my logs appear to be fine. Unless it's a very hard recommend from you. Do I still proceed with the Safety Scanner? Have a good day!
  7. Thanks Kevin! Fresh logs attached. Hope they look good as well. Just a heads up, if I don't answer in time please don't lock the thread yet. I won't have access to my computer until Tuesday starting tomorrow. FRST.txt Addition.txt
  8. Hi Kevin, No more than the initial one block. And yes, I very much intend to uninstall it. I haven't opened it since the block and don't trust it anymore. Even if it turned out to be a false positive. Thank you! EDIT: I just uninstalled it. Nothing weird happened. When I checked the firewall settings, it still shows up though. Together with other uninstalled apps/games, so it doesn't seem to be out of place. Is there a way to remove it completely? Or maybe it doesn't matter. Still seems to be allowed in my public network, which is the one I'm using.
  9. There you go, logs attached. Thanks for helping me, I'm out for the day - good night! Zemana_report.txt
  10. Oh, I did end up finding it and I uploaded it to virustotal. I copy'd the link to my earlier reply. Or is this another step? Sorry for the many questions!
  11. Hi Kevin, What does it do? Just tbought I'd ask before running it..
  12. Thank you @AdvancedSetup! I'm assuming it's safe to uncheck it :) Have a good night/day, and I'll wait for Kevin to get back to me with my actual problem. I do appreciate you stepping in clearing Office thingy, made me slightly less worried!
  13. Hi Kevin, I can't find Program Files under my C:. There's only been the one block yes, but the firewall rules have been there for a while. I haven't opened the program since the block happened. When we're done here and/if things are looking OK, I feel like uninstalling it is the way to go. Let me know how I can find the plugins.dat file you're after, and I'll scan it and get back to you! EDIT: found the file under C:\Programs. Link: https://www.virustotal.com/gui/file/ed704ca7b587bb8829d4115f3e98e85cdcd5e8cc53388ca35bcd2e492c6d9f43 EDIT2: All of a sudden MWB made an entirely different block just now. I opened a word document of mine (completely legit Office 365). What even is this? What does it mean? Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 9/17/21 Protection Event Time: 12:21 PM Log File: 0b4dbeb1-17a1-11ec-96b3-244bfede9b26.json -Software Information- Version: 4.4.6.132 Components Version: 1.0.1453 Update Package Version: 1.0.45016 License: Premium -System Information- OS: Windows 10 (Build 19043.1237) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, ComSpec=C:\Windows\system32\cmd.exe, Blocked, 0, 392684, 0.0.0, , -Exploit Data- Affected Application: Microsoft Office Word Protection Layer: Application Behavior Protection Protection Technique: Exploit Office WMI abuse blocked File Name: ComSpec=C:\Windows\system32\cmd.exe URL: (end)
  14. Alright, logs from FRST and AdwCleaner attached. The logs from MWB can be found in the first post. Thank you! AdwCleaner[S00].txt FRST.txt Addition.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.