Silentstorm Posted March 18, 2022 ID:1507550 Share Posted March 18, 2022 So I was trying to run the "DISM.exe /Online /Cleanup-Image /Restorehealth" command in powershell for whatever reason this triggers a exploit protection (it does NOT do it in cmd tho...) not sure if maybe I have a extra setting one that may make this happen or not. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 3/18/22 Protection Event Time: 12:48 AM Log File: b225e938-a676-11ec-b12e-2c56dc3f19a1.json -Software Information- Version: 4.5.6.180 Components Version: 1.0.1634 Update Package Version: 1.0.52512 License: Premium -System Information- OS: Windows 10 (Build 19044.1586) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent - Exploit payload process blocked, C:\Users\SILENT~1\AppData\Local\Temp\B00ED94D-F183-4517-AD04-D7B67ABBE992\dismhost.exe {EF263163-932F-49FC-AA54-9FF87C50BA5F}, Blocked, 0, 392684, 0.0.0, , -Exploit Data- Affected Application: Windows Control Panel Protection Layer: Application Behavior Protection Protection Technique: Exploit payload process blocked File Name: C:\Users\SILENT~1\AppData\Local\Temp\B00ED94D-F183-4517-AD04-D7B67ABBE992\dismhost.exe {EF263163-932F-49FC-AA54-9FF87C50BA5F} URL: (end) Link to post Share on other sites More sharing options...
Solution Silentstorm Posted March 18, 2022 Author Solution ID:1507551 Share Posted March 18, 2022 After searching other recent threats it seems I had done something someone else had block penetration testing attacks. unsure of why it only triggered on powershell tho. now back to looking into my video tdr failure bsod! >.< Link to post Share on other sites More sharing options...
Porthos Posted March 18, 2022 ID:1507554 Share Posted March 18, 2022 21 minutes ago, Silentstorm said: After searching other recent threats it seems I had done something someone else had block penetration testing attacks. unsure of why it only triggered on powershell tho. now back to looking into my video tdr failure bsod! >.< So turning off Penetration testing off fixed it for you? 1 Link to post Share on other sites More sharing options...
Silentstorm Posted March 18, 2022 Author ID:1507556 Share Posted March 18, 2022 If I'm not mistaken I believe it was you who recommended to restore defaults in another thread (I did have on penetration testing) so I'm unsure of if it was exactly that but seems likely. It is working fine after restoring defaults. 1 1 Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now