ay000
Honorary Members-
Posts
21 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by ay000
-
Hi, I receive a "Website Blocked Due to Trojan" notification every minute (see log pasted below and attached mbst-grab-results that I ran this morning). However, I've not received any virus or malware detections when scanning with MalwareBytes, Adware, Mbar, Microsoft Safety Scanner, or Windows Defender. I've also tried limiting my startup apps and rebooting. However, I still get the notification every minute. Can you please help advise how I can stop these outbound attempts? Thank you Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 6/16/22 Scan Time: 11:33 AM Log File: cb294a1a-eda2-11ec-a829-7085c2fb5c36.json -Software Information- Version: 4.5.9.198 Components Version: 1.0.1689 Update Package Version: 1.0.56192 License: Premium -System Information- OS: Windows 10 (Build 19044.1766) CPU: x64 File System: NTFS User: DESKTOP-A5QDP9D\arthu -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 428121 Threats Detected: 0 Threats Quarantined: 0 Time Elapsed: 9 min, 32 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Disabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) mbst-grab-results.zip
-
Hi Maurice, Thanks for the advice. I'm currently 5 hours into the full scan, but progress bar only seems to be 2/5s done. I'll respond once complete. I closed all browsers and used a different computer for work today. I did notice that the notifications still continued (approximately once a minute). Lastly, I reviewed the auto notification sites in Chrome too. Most seem reputable (Google.com, Verizon.com, BestBuy.com, Microsoft.com). However, I can remove them if you think it will help. Thanks
-
Hi Maurice, I'm not sure what happened, but the exact same issue has returned ("Website Blocked Due to Riskware" notification every minute ). I have not yet run the Microsoft Safety Scanner and I've already deleted the previous files. Should I repeat the steps, or skip straight to Microsoft Safety Scanner? For reference, I've run a new MBST support log from today when the issue returned (attached). Please advise. Thanks mbst-grab-results.zip
-
Hi Maurice, I think this fixed the problem. I haven't received a notification since 11am today. I'll let you know if anything else happens, but you can consider this issue resolved for now. Please see the attached fix log. Since this is a public forum, can I delete the files that contain my personal information (I'm happy to keep the thread public so it can help others with the same problem)? Thanks for your help Fixlog.txt
-
Hi, I receive a "Website Blocked Due to Riskware" notification every minute (see log pasted below). However, I've not recieved any virus or malware detections when scanning with MalwareBytes, Adware, Mbar, Microsoft Safety Scanner, or Windows Defender. I've also tried limiting my startup apps and rebooting. However, I still get the notification every minute. Can you please help advise how I can stop these outbound attempts? Thank you -Log Details- Protection Event Date: 9/12/21 Protection Event Time: 1:01 AM Log File: 98726206-139f-11ec-881e-7085c2fb5c36.json -Software Information- Version: 4.4.6.132 Components Version: 1.0.1453 Update Package Version: 1.0.44884 License: Premium -System Information- OS: Windows 10 (Build 19043.1165) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, Blocked, -1, -1, 0.0.0, , -Website Data- Category: RiskWare Domain: ai.backend-chat.com IP Address: 104.21.87.221 Port: 443 Type: Outbound File: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (end)