Jump to content

Website blocked: powershell.exe making outbound connections


Recommended Posts

Hi guys,  my computer regularly reports an Outbound connection is trying to be made from powershell.exe.   See below

Last year I did get a website popup claiming to encrypt my hard disk but it was just a website popup, I disconnected from the Internet.  Cleared my temporary files and re-installed the browser (firefox) as infection appeared to be profile specific and bought Malware Bytes to trap any further disruption.
 

Malware Bytes did find and clean some files but now I get the message in this attached JPG.

I've run FRST - attached are the log files.  Computer is running Windows 10 Pro, 64bit  intel i5

Any help much appreciated.

A

malware_1.jpg

Addition.txt

FRST.txt

Edited by chillsphere
Link to post
Share on other sites

Hello and :welcome:

 

51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

Please re-run 51a46ae42d560-malwarebytes_anti_malware. Malwarebytes' Anti-Malware.

  • First of all, select update.
  • Once updated, click the Settings tab, in the left panel choose Detection & Protection and tick Scan for rootkits.
  • In the same tab, under PUP and PUM detections make sure it is set to Treat detections as malware
  • Click the Scan tab, choose Threat Scan is checked and click Start Scan.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the newest Scan Log.
  • At the bottom click Export and choose Text file.


Save the file to your desktop and upload your next reply.

 


 

Please download Zemana AntiMalware and save it to your  Desktop.

  • Install the program and once the installation is complete it will start automatically.
  • Without changing any options, press Scanto begin.
  • After the short scan is finished, if threats are detected press Next to remove them.


Note: If restart is required to finish the cleaning process, you should click Reboot. If reboot isn't required, please restart your computer manually.

  • Open Zemana AntiMalware again.
  • Click on 4zu6vb.jpg icon and double click the latest report.
  • Now click File > Save As and choose your Desktop before pressing Save.
  • The only left thing is to attach saved report in your next message.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.