Jump to content

drshock

Members
  • Posts

    5
  • Joined

Reputation

0 Neutral
  1. No, I cannot add a hash. As mention this VBS is created and deleted dynamically by the software at each run.
  2. Thanks guys, I don't have any control or influence over this commercial software or how it operates. I'm just a subscriber/licensee. Taht VBS file is getting created and removed with each run of the software, so no way to really mark it or move it. So it seems here heading into 2022 there are still commercial enterprise software vendors who think launching Visual Basic scripts from a temp folder is good programming practice. ;-)
  3. @Porthos I just checked and no, that setting switch is greyed out just like your screenshot shows.
  4. I have a professional automotive diagnostic program, used by those of us in the automotive technican field, that triggers Malwarebytes as an Exploit. The program is a paid software application from General Motors, so it's not something I'm concerned about at all security wise. If Exploit Detection is disabled it of course runs fine, but I'm looking for how to create an exclusion for this rather than completely disable exploit protection. Of course GM recommends not installing Malwarebyres in the first place, so that path is a non-starter. Can anyone suggest how to get past this without fully disabling exploit protection or uninstalling Malwarebyes completely? The exported Malwarebytes exploit log contents is: -Software Information- Version: 4.4.10.144 Components Version: 1.0.1499 Update Package Version: 1.0.46890 License: Premium -System Information- OS: Windows 10 (Build 19042.1288) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, C:\WINDOWS\System32\WScript.exe C:\WINDOWS\System32\WScript.exe C:\Users\user\AppData\Local\Temp\getadmin.vbs, Blocked, 0, 392684, 0.0.0, , -Exploit Data- Affected Application: cmd Protection Layer: Application Behavior Protection Protection Technique: Exploit payload process blocked File Name: C:\WINDOWS\System32\WScript.exe C:\WINDOWS\System32\WScript.exe C:\Users\user\AppData\Local\Temp\getadmin.vbs URL: I've looked in Advanced Settings under Security, but the VBScript entries in some tabs there appear browser specific and this program is a Java applet. I tried them anyway, and no effect. Restored to defaults.
  5. I have a question about what happens during an IP block. For some time now I had been trying to figure out why my Dlink router posts these crc errors to the WAN packet statistics. After some observation I finally see that these errors occur when an IP block happens. It's a rare event, but occassionally links from www.drudgereport.com will trigger the IP block balloon. And when this happens the router will log 1-3 packet errors. Is this normal behavior or is there something I should check in my configuration?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.