Jump to content

iondjp

Member
  • Content Count

    49
  • Joined

  • Last visited

Community Reputation

0 Neutral

About iondjp

  • Rank
    Member

Profile Information

  • Gender
    Male
  • Location
    Canada

Recent Profile Visitors

4324 profile views
  1. I'm sorry, this is above my pay grade...as they say. Are you saying that you found this HTML file somewhere in the wild somewhere and when launched it executes as you described? So it appears the resulting page appearing in the chrome browser is benign in this case? Does it look like someone experimenting with a script? If that is the case, where you found the script, GT500, may be a clue to it's purpose. What would be the purpose of this? Is this a technique that is used by advertisers to launch popups? The question for me then becomes, why would this appear on my daughters act
  2. I did discuss it with my daughter and she has no knowledge of it and there is no reason for her to conceal it. I am aware that she drinks and she is open about it. This is why I was curious as to why it was appearing on the list. Probably nothing. Thanks for your assistance.
  3. That would be the logical assumption and one that I had made initially but became curious when the domain does not produce any conclusive results. Therefore, I suspected it might be a known malware vault. I did not come here in search of a means to entrap my child, but rather I thought that I was posting the question to an Emsisoft tech to advise me if I should have a heightened concern about a specific known malware infection.
  4. Today I was looking through router logs (TP-Link router) and I noticed a domain in the list of one of my teenager's logs. I tried to research that domain but failed to find anything significant. The domain is drunkquantity.org Can you provide any feedback on this?
  5. I just ran sfc /scannow and happy to see all was okay. It got me wondering, how reliable is SFC? Is it possible it too could be compromised to provide misleading results?
  6. I received a obviously suspicious email this morning. One of my email addresses was used for both the sender and recipient. The subject line was just my name, all in lower case. It had a jpeg attachment with a size about 192K. This obviously appears to be a ransomeware attempt, but I'd like t0 understand a few things because I get asked this by friends and clients all the time: Is there a way that the JPG can be looked at without doing harm? How does a JPG infect my machine?
  7. Sorry for leaving this hanging. I have given up on this and decided that it is a windows update issue. I have read a number of articles about issues with recent Windows releases. Most notably, https://www.computerworld.com/article/3216425/microsoft-windows/microsoft-patch-alert-octobers-been-a-nightmare.html. Earlier this summer, I also went through several weeks of back and forth recovery to eliminate Blue Screen boot errors. I was pissed and I don't want to find myself back down that rabbit hole. Thank god for reliable backups. Here's a tip of the hat to 'EaseUS To-0Do Backup'. So, for
  8. Thank You GT500 for all your help. I give up. I have tired your suggestion of using ShutUp10 and, well, I don't see what it accomplished. I have disabled the malware protection and let the thing boot without intervention, but I still get frequent update failure notifications daily. Strange things that are above my pay grade and beyond my understanding. I am reluctantly acceptting that this is just microsoft using the trial and error method again to release updates. It is not all updates that fail. In fact I don't understand a number of things I see. For example; why would I see 201
  9. I want to thank you for your efforts, but I install Process Hacker and I just don't know where to start and it leaves me just as (more) confused. How do I know which process is launching the installer. By the time I get Process Hacker started to sort and attempt to see what process is guilty, the installer shuts down and evaporates. Is there nothing in the Event Manager that would reveal anything? I am close to just doing a full backup and then letting installer do it's thing and see what happens. Am I crazy to do so?
  10. Ran the various troubleshooters for Windows Update. How can I determine what is launching the installer? In other words, is there a way for me to determine if it is part of the Windows Update process? Is it normal for Windows Update to run installer upon reboot after an update install? What would happen if I click "Wait, I think this is safe?". Am I going to end up with a world of misery?
  11. FRST ran without a problem. Here's the two files. Addition.txt FRST.txt
  12. I don't mind if you forward it to support forum. I would just like to know what is going on and that Windows 10 is up to date. As far as the Windows Update being blocked....what should I look for? I see again today that there was a number of items in Emsisoft log showing Component=Scheduler & Action=Update "Downloaded and Installed". The system notified me of a required restart which I allowed to happen. Upon login to my user account, I saw Emsisoft alert me "Suspicious Behaviour "HiddenInstallation" of "MSIC461.tmp". If I was to click "Wait, I think this is safe" what would hap
  13. This continues to happen whenever I restart windows. I am still seeing Windows complaining that it could not finish installing update. So,what recourse do I have? I do not have the experience to narrow my troubleshooting down. Is there something I could search for in the Event Viewer? Is there a trick in MSConfig to limit startup options to narrow down the culprit. I did look in the Task Manager startup options, but nothing jumps out at me.
  14. I witnessed a pop up notification by Emsisoft. Here is the detail... 2018-08-24 8:47:25 AM Behavior Blocker detected suspicious behavior "HiddenInstallation" of "C:\Windows\Installer\MSI174C.tmp" (SHA1: 67ECD82937ED15C2159EA3892A07BA6ACB74179A) 2018-08-24 8:47:25 AM A notification message "Suspicious behavior has been found in the following program: C:\Windows\Installer\MSI174C.tmp" has been shown Now, coincidentally I have been monitoring windows updates and I see in the Windows Update History... 2018-08 Cumulative Update for Windows 10 Version 1803 for x64-based Syste
×
×
  • Create New...