Jump to content

dzseti

Members
 View Profile  See their activity

  • Posts

    15

  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. dzseti
    Not quite sure why I need to run software for an answer to my questions. Is there a log of blocks by Malwarebytes?
  2. dzseti
    Why does Malwarebytes not ntoify me when it is blocking a connection? Very irritating and causing no end of extra dectetive work ☹️ I only discovered the problem by truning Malwarebytes off. Is there a log somewhere of blcoked connections?
  3. dzseti
    Here they are ASUS-ZENBOOK-JT.zip SystemLook.txt
  4. dzseti
    Here are the results msert.log mbst-grab-results.zip ASUS-ZENBOOK-JT.zip
  5. dzseti
    Hi Maurice I'm still getting the blocking messages. Would be nice to find out what is causing the use of powershell.exe. Presumably it would be possible to log this somehow. J
  6. dzseti
    Done 😀
  7. dzseti
    Here are the details: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 18/09/2020 Protection Event Time: 19:39 Log File: da6e94ac-f9d5-11ea-8512-acfdce966891.json -Software Information- Version: 4.2.1.89 Components Version: 1.0.1045 Update Package Version: 1.0.30039 Licence: Premium -System Information- OS: Windows 10 (Build 19041.508) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: Malware Domain: m0m09983.hldns.ru IP Address: 109.234.34.30 Port: 21 Type: Outbound File: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (end)
  8. dzseti
    Done! Fixlog.txt
  9. dzseti
    Here are the results Search_2.txt Search_1.txt
  10. dzseti
    Hi Maurice Nothing to check in Downloads that I clear out almost daily. Ran the RogueKiller, but nothing found (see attached) And yes connections to that IP / domain name are still being blocked roguekiller.txt
  11. dzseti
    No threats found! scan_report.txt
  12. dzseti
    Yup, still getting block messages
  13. dzseti
    I've run the fix script - results attached in log file I've also removed FireFox that I haven't used for a long time anyway Thanks for all your help 😀 Fixlog.txt
  14. dzseti
    Here it is 😀 mbst-grab-results.zip
  15. dzseti
    Every hour or so powershell.exe tries to connect to a russian domain and is blocked by MB. I have scanned and not found any malware; have also run Farbar and have the frst.txt and addition.txt files; and have run the adware cleaner (log attached). What steps do I take next to identify what is using poershell.exe? FRST.txt Addition.txt AdwCleaner[C00].txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.