Jump to content

Elitestore

Techbench
  • Posts

    7
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I have this same issue with a 5 year old Dell laptop using Intel UDH Graphics 620 along with Radeon 530 gpu onboard. I am seeing the blank, white interface screen while I am remoting into it with ScreenConnect (ConnectWise). The batch file to set Malwarebytes hardware acceleration did work but then I made the mistake of setting a password to prevent tampering, then re-enabled hardware acceleration, and yeah... I shot myself in the foot. I am now back to blank screen and the batch file does not work because the password I enabled blocks any "tampering". Arghh!! Can I parse the password inside the batch file somehow?
  2. Never had any trouble with this older utility which was downloaded quite a long time ago. I believe it to be a false positive and would like verification please. dd.zip detection.txt
  3. Thank you for the uber-rapid reply! Is there any further explanation that you can provide for my understanding benefit and so that I can pass along to that company? This appears to be flagging a Word Press issue? But is it really an issue using the other parts of the website? I would appreciate any further details/warnings you can provide. Thank you.
  4. Only gets flagged by Malwarebytes Premium as far as I can tell from testing. Can you please explain why you are blocking this site? austinbenefits.txt
  5. So upon further self-examination, I remembered to check Windows Task Scheduler and I did find an entry there that was set to invoke wscript every 2 minutes in an attempt to run the payload script file (which I uploaded originally). I deleted that entry. I then found a very small .iso file in the client's Download folder so I must assuem they received it via an email attachment and then opened it. I am attaching that iso file to this msg. A paid Malwarebytes Premium is running on the client computer so maybe it somewhat thwarted the infection but I am sorely disappointed that it is not detecting the payload files. At this time, I don't see a need to run any more diagnostic or logging tools but I hope you (or someone) reviews the iso payload and can help get this type of attack "detected". Thanks. NRPQN-677.zip
  6. An annoying popup message (jpg included in the zip upload) that I cannot get rid of led me to a Google search (https://www.joesandbox.com/analysis/489337/0/iochtml) that pointed me to look into the C:\Users\Public folder where I found two files that are suspicious. Infection 9-17-21.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.