Jump to content


Go to solution Solved by Silentstorm,

Recommended Posts

So I was trying to run the "DISM.exe /Online /Cleanup-Image /Restorehealth" command in powershell for whatever reason this triggers a exploit protection (it does NOT do it in cmd tho...) not sure if maybe I have a extra setting one that may make this happen or not.



-Log Details-
Protection Event Date: 3/18/22
Protection Event Time: 12:48 AM
Log File: b225e938-a676-11ec-b12e-2c56dc3f19a1.json

-Software Information-
Components Version: 1.0.1634
Update Package Version: 1.0.52512
License: Premium

-System Information-
OS: Windows 10 (Build 19044.1586)
CPU: x64
File System: NTFS
User: System

-Exploit Details-
File: 0
(No malicious items detected)

Exploit: 1
Malware.Exploit.Agent - Exploit payload process blocked, C:\Users\SILENT~1\AppData\Local\Temp\B00ED94D-F183-4517-AD04-D7B67ABBE992\dismhost.exe {EF263163-932F-49FC-AA54-9FF87C50BA5F}, Blocked, 0, 392684, 0.0.0, , 

-Exploit Data-
Affected Application: Windows Control Panel
Protection Layer: Application Behavior Protection
Protection Technique: Exploit payload process blocked
File Name: C:\Users\SILENT~1\AppData\Local\Temp\B00ED94D-F183-4517-AD04-D7B67ABBE992\dismhost.exe {EF263163-932F-49FC-AA54-9FF87C50BA5F}



Link to post
Share on other sites

21 minutes ago, Silentstorm said:

After searching other recent threats it seems I had done something someone else had block penetration testing attacks. unsure of why it only triggered on powershell tho. now back to looking into my video tdr failure bsod! >.<

So turning off Penetration testing off fixed it for you?

  • Thanks 1
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.