Jump to content

PowerShell.exe Removal I am Losing My Mind


Recommended Posts

Hello, for 2 weeks now i am trying to fix this looking for solutions online but is nothing i can find that will fix this, when i boot up my pc, start up after the log in screen a blue powershell v1.0 is runing for a few seconds after that just dissapears out of no where, when i am playing a game or something sometimes will minimize the game and for a split second a blank cmd appears and it goes. I runned everything on my pc or everything that i know untill now CCleaner, Malwerbytes, HitmanPro, SuperAntySpyware, ADWCleaner, NetAdapterRepair everything comes out clean and says is nothing infected or that has to be taken care of, but still here i am trying to not lose my patience with this random powershell that pops out everytime i start up my pc or go into a game.

 

Please i am open to all solutions you guys have but not reinstalling my OS cuz i have some huge files like 1TB that i cannot lose, are recordings from work that i need to edit and if i lose this i am done.

 

Atm when i am writing this i run Microsoft Safety Scanner let me know if you have anything else to suggest or to be done.

Link to post
Share on other sites

Hello @kunaiuftw and :welcome::

While you are waiting for the next qualified/approved malware removal expert helper to weigh in on your topic, and even though you may have run one or more of its following procedural steps, please carefully follow the instructions within the following:

I'm infected - What do I do now?

Remember, please be certain to attach (not Copy and Paste) the three (3) resulting report files in your next reply to this topic.

Thank you.

Link to post
Share on other sites

Hello @kunaiuftw  and  :welcome:

 

My name is MKDB and I will assist you.

 

 

Let's keep these principles as we proceed. Make sure to read the entire post below first.

  • Please follow the steps in the given order and post back the log files.
  • Please attach all log files into your post.
  • Temporarily disable your antivirus or other security software first. Make sure to turn it back on once the scans are completed.
  • Temporarily disable Microsoft SmartScreen to download software below if needed. Make sure to turn it back on once the scans are completed.
  • Searching, detecting and removing malware isn't instantaneous and there is no guarantee to repair every system.
  • Before we start, please make sure that you have an external backup, not connected to this system, of all private data.
  • Please be patient and stick with me until I give you the "all clear".
  • Only run the tools I guide you to. Please don't run any other scans, download, install or uninstall any programs while I'm working with you.
  • Cracked or hacked or pirated programs are not only illegal, but also will make a computer a malware victim. Having such programs installed, is the easiest way to get infected. It is the leading cause of ransomware encryptions. It is at times also big source of current trojan infections. Please uninstall them now, if any are here, before we start the cleaning procedure.
  • As English is not my native language, please do not use slang or idoms. It may be hard for me to understand.
  • If you do not respond within 4 days, your topic will be closed. If you are away for a longer time, please let me know.

 

 

Please give me some time to review your logfiles in order to create a fix.

Link to post
Share on other sites

Please run the following FRST-Fix in order to remove the malware @kunaiuftw.

 

Please note:

  • This fix with FRST may take some time (>> 15 min), so please be patient and do not interfere.
  • FRST will create a .zip file like < Date_Time.zip >, for example 20.02.2022_11.33.52.zip, on your desktop. Please upload that .zip file here or attach it with your next answer!

 

Thank you!

 

 

Step 1

  • Please download the attached fixlist.txt file and save it to the location where you ran FRST from ( C:\Users\itsho\Downloads\ ).

Note: It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

  • Close all open programs and save your work.
  • Run FRST again.
  • Press the FIX button only once and wait. Please be patient and do not interfere, even if FRST does not respond for some time. That's nothing to worry about.
  • Please note: This Fix will remove all temporary files and empty recycle bin.
  • If the tool needs a restart, please make sure you let the system restart normally and let the tool complete its run after restart.
  • FRST will create one log now (Fixlog.txt) in the same directory the tool is run.
  • Please attach this logfile to your next reply.

 

 

fixlist.txt

Link to post
Share on other sites

Thank you @kunaiuftw.

Please attach the file fixlog.txt as well with your next answer. This logfile was created by FRST during/after the fix. It should be located in the same location like FRST itself.

I need this logfile for further analysis to know how to go on.

 

Moreover, can you confirm that powershell/cmd does not appear any longer?

Edited by MKDB
Link to post
Share on other sites

Due to the lack of feedback, I do not follow this topic any longer.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection.

Thank you.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.