Jump to content

MiguelMichaeL

Members
  • Posts

    20
  • Joined

  • Last visited

Reputation

1 Neutral
  1. Good day. As the title say, I want to know if there are signs that tells you should not allow a program through firewall.
  2. Sorry for the late reply it was 4 am here when I last replied Beginning verification phase of system scan. Verification 100% complete. Windows Resource Protection found corrupt files and successfully repaired them. For online repairs, details are included in the CBS log file located at windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline repairs, details are included in the log file provided by the /OFFLOGFILE flag.
  3. Here are the results. I also scanned with HitManPro one time scan. Addition.txt FRST.txt HitmanPro_20210910_0322.log
  4. Thank you for replying, no this was just bugging me. Could this be by chance a malware of some sort? I scan my PC daily and nothings coming up though.
  5. Sorry I accidentally pressed enter lol. Back to what I was saying, is this a bug or by chance a malware problem? here's an example. I didn't touch this shortcut 2 minutes ago. I scanned my PC with Kaspersky and RogueKiller (I'm sorry if I post my virus problem here since I don't know any other virus forums)
  6. Good day recently I've been checking my files on my pc and Files Properties tells me that I've accessed a file that I haven't touched in a while
  7. Hello there. Recently scanned my pc with malwarebytes free and they detected something in obs. Ive been using Kaspersky and RogueKiller and neither of this two has detected anything in obs. results.txt
  8. Here it is. I accidentally chose full scan on the first one and cancelled it. msert.log
  9. Hi Maurice! It's still saying 5007 :(. BTW the event ID 1002 was my fault, I accidentally chose quick scan instead of offline. Here's the powershell and log reports: Windows PowerShell Copyright (C) Microsoft Corporation. All rights reserved. Try the new cross-platform PowerShell https://aka.ms/pscore6 PS C:\Windows\system32> get-mpcomputerstatus AMEngineVersion : 1.1.18300.4 AMProductVersion : 4.18.2105.5 AMRunningMode : Normal AMServiceEnabled : True AMServiceVersion : 4.18.2105.5 AntispywareEnabled : True AntispywareSignatureAge : 0 AntispywareSignatureLastUpdated : 7/5/2021 9:19:57 AM AntispywareSignatureVersion : 1.343.418.0 AntivirusEnabled : True AntivirusSignatureAge : 0 AntivirusSignatureLastUpdated : 7/5/2021 9:19:58 AM AntivirusSignatureVersion : 1.343.418.0 BehaviorMonitorEnabled : True ComputerID : DA88DF45-7C16-4F6F-847C-2342D351CB03 ComputerState : 0 FullScanAge : 1 FullScanEndTime : 7/3/2021 7:59:12 PM FullScanStartTime : 7/3/2021 7:52:05 PM IoavProtectionEnabled : True IsTamperProtected : True IsVirtualMachine : False LastFullScanSource : 1 LastQuickScanSource : 1 NISEnabled : True NISEngineVersion : 1.1.18300.4 NISSignatureAge : 0 NISSignatureLastUpdated : 7/5/2021 9:19:58 AM NISSignatureVersion : 1.343.418.0 OnAccessProtectionEnabled : True QuickScanAge : 0 QuickScanEndTime : 7/5/2021 2:14:07 PM QuickScanStartTime : 7/5/2021 2:13:48 PM RealTimeProtectionEnabled : True RealTimeScanDirection : 0 TamperProtectionSource : Signatures PSComputerName : PS C:\Windows\system32> get-mppreference AllowDatagramProcessingOnWinServer : False AllowNetworkProtectionDownLevel : False AllowNetworkProtectionOnWinServer : False AttackSurfaceReductionOnlyExclusions : AttackSurfaceReductionRules_Actions : AttackSurfaceReductionRules_Ids : CheckForSignaturesBeforeRunningScan : True CloudBlockLevel : 1 CloudExtendedTimeout : 1 ComputerID : DA88DF45-7C16-4F6F-847C-2342D351CB03 ControlledFolderAccessAllowedApplications : ControlledFolderAccessProtectedFolders : DisableArchiveScanning : False DisableAutoExclusions : True DisableBehaviorMonitoring : False DisableBlockAtFirstSeen : False DisableCatchupFullScan : True DisableCatchupQuickScan : True DisableCpuThrottleOnIdleScans : True DisableDatagramProcessing : False DisableDnsOverTcpParsing : False DisableDnsParsing : False DisableEmailScanning : True DisableGradualRelease : False DisableHttpParsing : False DisableInboundConnectionFiltering : False DisableIntrusionPreventionSystem : DisableIOAVProtection : False DisableNetworkProtectionPerfTelemetry : False DisablePrivacyMode : False DisableRdpParsing : False DisableRealtimeMonitoring : False DisableRemovableDriveScanning : True DisableRestorePoint : True DisableScanningMappedNetworkDrivesForFullScan : True DisableScanningNetworkFiles : False DisableScriptScanning : False DisableSshParsing : False DisableTlsParsing : False EnableControlledFolderAccess : 0 EnableDnsSinkhole : False EnableFileHashComputation : False EnableFullScanOnBatteryPower : False EnableLowCpuPriority : False EnableNetworkProtection : 0 EngineUpdatesChannel : 0 ExclusionExtension : ExclusionIpAddress : ExclusionPath : ExclusionProcess : ForceUseProxyOnly : False HighThreatDefaultAction : 0 LowThreatDefaultAction : 0 MAPSReporting : 1 MeteredConnectionUpdates : False ModerateThreatDefaultAction : 0 PlatformUpdatesChannel : 0 ProxyBypass : ProxyPacUrl : ProxyServer : PUAProtection : 1 QuarantinePurgeItemsAfterDelay : 90 RandomizeScheduleTaskTimes : True RealTimeScanDirection : 0 RemediationScheduleDay : 0 RemediationScheduleTime : 02:00:00 ReportingAdditionalActionTimeOut : 10080 ReportingCriticalFailureTimeOut : 10080 ReportingNonCriticalTimeOut : 1440 ScanAvgCPULoadFactor : 50 ScanOnlyIfIdleEnabled : True ScanParameters : 1 ScanPurgeItemsAfterDelay : 15 ScanScheduleDay : 0 ScanScheduleQuickScanTime : 00:00:00 ScanScheduleTime : 02:00:00 SchedulerRandomizationTime : 4 SevereThreatDefaultAction : 0 SharedSignaturesPath : SignatureAuGracePeriod : 0 SignatureBlobFileSharesSources : SignatureBlobUpdateInterval : 60 SignatureDefinitionUpdateFileSharesSources : SignatureDisableUpdateOnStartupWithoutEngine : False SignatureFallbackOrder : MicrosoftUpdateServer|MMPC SignatureFirstAuGracePeriod : 120 SignatureScheduleDay : 8 SignatureScheduleTime : 01:45:00 SignaturesUpdatesChannel : 0 SignatureUpdateCatchupInterval : 1 SignatureUpdateInterval : 0 SubmitSamplesConsent : 1 ThreatIDDefaultAction_Actions : ThreatIDDefaultAction_Ids : UILockdown : False UnknownThreatDefaultAction : 0 PSComputerName : PS C:\Windows\system32> get-mpthreatdetection PS C:\Windows\system32> mbst-grab-results.zip
  10. Woke up and got a little uneasy so I did it instead lol. Here it is :). BTW after I did that the fixlist was removed, is that a sign that I did it right? Fixlog.txt
  11. Thank you Maurice, I'll try this tomorrow since it is currently 1:57 am where I'm at :).
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.