xLuckyL

And I will turn on what @Porthos said

I just got another one of those detections randomly. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 9/29/23 Protection Event Time: 4:58 PM Log File: ac41ff04-5ed8-11ee-8011-d45d645172ee.json -Software Information- Version: 4.6.2.281 Components Version: 1.0.2131 Update Package Version: 1.0.75789 License: Premium -System Information- OS: Windows 10 (Build 19045.3448) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Exploit.PayloadProcessBlock, C:\Windows\system32\cmd.exe cmd \c query session, Blocked, 701, 392684, 0.0.0, , -Exploit Data- Affected Application: cmd Protection Layer: Application Behavior Protection Protection Technique: Exploit payload process blocked File Name: C:\Windows\system32\cmd.exe cmd \c query session URL: (end) Is this dangerous?

Ah my bad, I updated it to 4.6.2.

Alright cool. Yea I was shocked and confused. I started my PC and this was the first thing I saw. So I just wanted to make sure that it is not anything bad you know. Thank you for your help <3 Have a fantastic day!

Alright. I did what you asked. I turned off the setting in my Malwarebytes and turn off fast startup in Windows followed by a pc restart. What now?

@Porthosmbst-grab-results.zip

Alright, let me do that. I will react when I have done this

Hello, This is my first time creating a ticket so im sorry if I do something incorrectly. Here is the problem. I started my PC up a couple minutes ago and I instantly got a couple warnings from my Malwarebytes Premium 4.6.1. called: Exploit.PayloadProcessBlock I have no idea what this is and I have no idea if it is safe or if it is a false message. I got this message 4 times in a row. Here is the TXT file: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 9/12/23 Protection Event Time: 1:47 AM Log File: 88cd4300-50fd-11ee-a1c9-d45d645172ee.json -Software Information- Version: 4.6.1.280 Components Version: 1.0.2117 Update Package Version: 1.0.75165 License: Premium -System Information- OS: Windows 10 (Build 19045.3324) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Exploit.PayloadProcessBlock, C:\Windows\sysnative\cmd.exe C:\Windows\sysnative\cmd.exe \c C:\Windows\System32\REG.exe QUERY HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography \v MachineGuid, Blocked, 701, 392684, 0.0.0, , -Exploit Data- Affected Application: cmd Protection Layer: Application Behavior Protection Protection Technique: Exploit payload process blocked File Name: C:\Windows\sysnative\cmd.exe C:\Windows\sysnative\cmd.exe \c C:\Windows\System32\REG.exe QUERY HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography \v MachineGuid URL: (end) Can someone help me and look if it is safe? Thank you very much and I am looking forwards to your reply. Greetings, Luke