Search the Community
Showing results for tags 'powershell'.
Found 4 results
Hi, Good day to all. Four days ago, my pc windows defender/windows security was detected Trojan:PowerShell/PsInjection.A as severe threat, example as below: I have scanned through Malwarebytes, but no virus detected. Report as follows: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 10/10/19 Scan Time: 12:52 PM Log File: d37b26f4-eb19-11e9-a05d-98eecb7ba763.json -Software Information- Version: 18.104.22.16865 Components Version: 1.0.627 Update Package Version: 1.0.12833 License: Free -System Information- OS: Windows 10 (Build 18362.418) CPU: x64 File System: NTFS User: DESKTOP-7ICM204\User -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 404571 Threats Detected: 0 Threats Quarantined: 0 Time Elapsed: 2 min, 53 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As I have read from the forum, I have downloaded FRST64 and scanned, the FRST.txt and Addition.txt are attached as follows: Addition.txtFRST.txt Hope that anyone can help on this matter. Thanks in advance! Best Regards, SHT
Dear, forum For the last couple of days, I have had a MBAE popup saying it has blocked an exploit attempt on Powershell. It pops up every 20 minutes. I have run RogueKiller, which only found an issue with Hola VPN (which I have now removed). I also tried to turn off Powershell in "Control Panel > Programs and features > Turn Window Features On and OFF". This did not help. I have Windows 10. I use Windows Defender as virus protection. The MBAE build is 22.214.171.124. After reading several posts, it seems to me that there is no one-fix-that-works-for-everyone. So I'm turning to you experts asking if you could please help me. Best regards, Harald
Hello, i have problem with powershell.exe it slow down my pc, but i dont know what to do to delete him, can anybody help me please? I saw few topics and i installed frst64 in attach are logs. Thank you. Addition.txt FRST.txt
Back on August 17, I installed Malwarebytes on my machine since I was having performance issues. The scan found 16 threats on my PC, and removed them as such. Even after this scan though, and several others, Windows Powershell is still performing some suspicious activity. Malwarebytes will occasionally notify me of an outbound connection to "wentz.pw" that Powershell keeps attempting to make. This is classified as "riskware", but I'm concerned since I can't get rid of it. Attached is the log for the most recent connection attempt. blocklog.txt