Mac Bootcamp

George_Johnston1 · July 16, 2024, 8:39pm

Hello

This is the second time been infected in 2 weeks, I was with bitdefender no, no issues and intego no issues

SoulAsylum · July 21, 2024, 2:14pm

What is the version / build of Windows on the windows partition? - Asking what version of Windows do you have installed under bootcamp, what is its version and build? An example mine is: Windows 10 Pro x 64 version 22H2 / build 19045.4651

Do you have any MS Office products on the host OS or Windows partition? - Do you have Microsoft Office installed on the MAC OS and/or within the Windows installation? I ask because - CVE-2017-111882-D is related to Microsoft Office vulnerabilities.

SA

George_Johnston1 · July 20, 2024, 8:05pm

Hello.

windows up to date. But don’t under. Stand rest of your comment, and my apple is up to date boot camp up to date

SoulAsylum · July 19, 2024, 9:10pm

Related. CVE-2017-111882-D is an Microsoft Office exploit for its equation editor ( stack overflow / memory exploit ) its been around for quite some time. Did you run Windows Updates on the VM to mitigate exploits? And, what is the version / build of Windows on the VM? Do you have any MS Office products on the host OS or VM? If so is it fully updated?

SA

SoulAsylum · July 18, 2024, 2:56am

Did you install Norton within the Windows OS virtual machine?

SA

bjm · July 16, 2024, 11:16pm

George Johnston1:
Tried Malwarebytes did not find
Using Norton 360 up to date found when I was doing full scan not picked up on quick scan or Malwarebytes

static scans are poor protection - may be a dormant remnant

Were my machine and I wanted reassurance.
I'd ask Malwarebytes Malware Removal Help Forums to check my machine.

Caveat: I'm not Mac

George_Johnston1 · July 16, 2024, 10:55pm

Tried Malwarebytes did not find

Using Norton 360 up to date found when I was doing full scan not picked up on quick scan or Malwarebytes

George_Johnston1 · July 16, 2024, 10:53pm

Hello Yes I have Sonora 14.5 on Mac windows partion the full code is OLE:CVE-2017-111882-D /BOOTCAMP/pagefiles.sys

bjm · July 16, 2024, 9:09pm

You're running Windows on your Mac?

pagefile.sys is a virtual memory file used by Windows

Is there an export for that event?

Were you running a Full Scan because of a detection or running Full Scan found Exploit event?

Is that CVE-2017-11882 (can't read all numbers)?

https://www.zscaler.com/blogs/security-research/threat-actors-exploit-cve-2017-11882-deliver-agent-tesla

For Norton technical issues please include details:

Norton product or service name and version
Operating system - version / build
Norton error message / error code / screen shot (mask PII)
Steps to reproduce issue
DO NOT post any Personally Identifiable Information (PII) such as your email address, product key or phone number

Malwarebytes offers free second opinion on-demand scanner.
Malwarebytes Malware Removal Help offers free one-on-one help.
Malwarebytes staff & experts help all. Malwarebytes subscription is not needed.

How to install and run a scan with Malwarebytes Free
https://malwaretips.com/blogs/run-a-scan-with-malwarebytes/
Malwarebytes Malware Removal Help
https://forums.malwarebytes.com/forum/108-malware-removal-help/

Caveat: I'm not Mac

Mac Bootcamp

Announcements