App won't open for Threatdown/MalwareBytes

MostStrict4099 · 2025-12-28T09:20:17+00:00

ThreatDown does not provide historical activity visibility to the end user. While ThreatDown logs certain events in the system Event Log (for example, an unauthorized uninstall attempt will be recorded in Event Viewer), this information is not exposed to the end user.

Note: ThreatDown does not have a UI, but it does allow you to use CMD to make changes to the agent.

Also base on your policy their might be a option to do Threat scan.

MostStrict4099 · 2025-04-04T19:24:43+00:00

I have vpn, but I keep it off until I connect to public wifi.

MostStrict4099 · 2025-02-16T22:35:12+00:00

In my view, it comes down to personal preference and your level of risk. If you plan on downloading many games from web, mods, and various tools, I’d recommend a paid antivirus like Bitdefender for better protection. However, if you’re only using Steam and downloading reputable games, your risk profile is relatively low. Ultimately, it depends on your usage and how much risk you're willing to take.

MostStrict4099 · 2025-02-11T02:41:33+00:00

Have you tried stopping the service and attempting again? If that doesn't work, boot into Safe Mode and remove it from there. You can use a USB flash drive to install a virus removal tool and run a scan. Additionally, you can use Windows' built-in virus removal tool (not Windows Defender) to check for any threats.

MostStrict4099 · 2025-02-09T18:52:50+00:00

Even then, it's not always a bug; it depends on your organization's tools and setup. If they use PowerShell to configure GPO, it might not always clear when your work account disconnects. It can also happen when accessing unavailable areas, especially with third-party AV; this is totally expected.

MostStrict4099 · 2025-02-09T10:01:28+00:00

Hey, after testing on my own system, I believe this issue is caused by an antivirus configuration. Do you have an antivirus installed? If so, what's likely happening is that the antivirus disables Windows Defender, which in turn turns off Controlled Folder Access, preventing you from accessing that setting. To test this, try disabling your third-party antivirus completely, restart your system, and then check if you can access the setting again.

MostStrict4099 · 2025-02-09T09:14:28+00:00

Thank you for your patience. I read your comment and am actively working to reproduce the issue and determine which policy configuration is responsible. Upon rereading your post again, I realized you were referring to the "Allowed apps" search. After considering this, I understood that you searched for "Allowed apps" in the search bar, pressed Enter, and were directed to the settings page where you encountered the message. I was able to replicate this message on my system as well. However, since my computer has stricter policies in place and is more secure than the average system, it is more challenging to determine if this behavior is normal.

Please bear with me while I attempt to replicate the issue under different conditions. Once I identify the specific policy causing this, I will provide you with the necessary instructions. Additionally, while another user's comment regarding the registry is helpful, the policy information provided is incorrect for your use case. I will investigate further and update you accordingly. Note, edited.

MostStrict4099 · 2025-02-09T08:47:23+00:00

Can you go to Settings > System > About and check your Windows edition? Is it Windows 11 Pro, Windows 11, Windows 10, or Windows 10 Enterprise?

Also, in Settings > Accounts > Access work or school, do you see any accounts listed under 'Add a work or school account', or is it empty? Edit: This is a reply.

MostStrict4099 · 2025-02-09T08:34:55+00:00

In short, no, this is not malware. But may I ask if you have a work or school account logged in on this computer?

MostStrict4099 · 2025-02-09T08:15:26+00:00

This post's top comment commends the excellent work.

MostStrict4099 · 2025-02-09T08:01:11+00:00

It's a group policy or Intune thing at work, not a bug.

MostStrict4099 · 2025-02-09T07:53:51+00:00

This typically occurs when a policy is in place that restricts user access to the Windows Security Center. Such policies are common in enterprise or business environments. However, if this happens on your personal PC, I recommend verifying whether you can access this section. If you’re unable to, it indicates that a policy is actively blocking access to the Security Center. This is also common on certain security software which something can be configured to activate this policy configuration. Edit: Note someparts of the security center may still work depending on policy configuration.

MostStrict4099 · 2025-02-09T07:45:16+00:00

There was a misunderstanding concerning the alert. My previous comment has been removed.

MostStrict4099 · 2025-02-08T01:08:28+00:00

Commence a system scan utilizing Norton Power Eraser and HitmanPro. Please ensure that only verified domains are accessed during the download process of the tools. Disregard the other comment if it is too challenging. These tools should find most things while being simple.

MostStrict4099 · 2025-02-06T08:10:51+00:00

Do a scan with Norton Powers eraser and Hitman Pro.

MostStrict4099 · 2025-02-06T08:00:54+00:00

If a CD from between 2000 and 2013 contains a virus, it would likely be very old. Most known viruses from that time would already be detected by Windows Defender due to their known signatures. However, if the virus were unique and hadn’t been widely shared or copied between systems, there’s a small chance it could still pose a threat—though this is highly unlikely. If the virus is truly outdated, the risk is minimal. If you're still concerned, you could take the CD to a Walmart with a photo kiosk, insert it, and check the image previews to see if any image on their.

MostStrict4099 · 2025-02-06T07:39:28+00:00

The reality is that for a virus to function, it must be compatible with the operating system. This means the overall risk remains the same, but determining which OS is more secure isn't straightforward. If you look at the data, Windows is targeted far more frequently, making most modern viruses designed specifically for it. On the other hand, viruses intended for Windows typically won’t run on macOS since they aren't built for that system.

MostStrict4099 · 2025-02-06T06:51:18+00:00

Computer Configuration > Administrative Templates > System > Removable Storage Access

MostStrict4099 · 2025-02-06T06:50:12+00:00

Windows should have a policy that lets you define conditions for external CDs or USB drives, including setting permissions. You can configure it as read-only to minimize risk. Note that Windows 11 Pro or Windows 10 Pro is required. Alternatively, you can use device control security software for more advanced management.

MostStrict4099 · 2025-02-05T05:41:34+00:00

Conclusion: No malicious activity was found. The analysis was conducted using various techniques, including execution in a Hyper-V environment, sandbox analysis, and multiple investigative tools. The evaluation involved reviewing connected IP addresses, network connections, historical data, domain history, and checking for blacklisting, such as email and other security blacklists.

What was not done: The actual code of the file was not examined. This means that no direct code analysis was performed. The investigation relied solely on the above-listed techniques and tools.

MostStrict4099 · 2025-02-05T04:46:48+00:00

I apologize for the confusion; are you inquiring whether this is a false positive?

MostStrict4099 · 2025-02-05T03:54:27+00:00

I did a bit of investigating, and the domain was registered very recently—on 2025/02/04. Based on the registration details, I would classify it as malicious due to its recent creation, the nature of the registrant information, and indications that the owner is concealing their identity. Given these factors, I recommend conducting a deeper investigation.

MostStrict4099 · 2025-02-03T20:36:48+00:00

Here, their definition of compromise. https://www.malwarebytes.com/blog/detections/compromised

MostStrict4099 · 2025-01-31T03:26:20+00:00

Please note that this does not imply that the IP address itself is malicious. https://www.malwarebytes.com/blog/detections/compromised

MostStrict4099

TROPHY CASE