Jump to content

Recommended Posts

Hi,

So it's been a day that i have recurrent riskware detection from the powershell. Tried scanning and all but malwarebytes can't find the rogue task. And i've found that thread : 

 I have exactly the same issues (wmail-chat.com Outbound connection). But all the links are unavailable so i can't use them. If someone could just give the custom script so i can get rid of that riskware.
 

Thanks a lot

Here is my report

 

Malwarebytes
www.malwarebytes.com

-Détails du journal-
Date de l'événement de protection: 18/11/2022
Heure de l'événement de protection: 12:03
Fichier journal: aaf95020-6730-11ed-81f3-80325303deae.json

-Informations du logiciel-
Version: 4.5.17.221
Version de composants: 1.0.1806
Version de pack de mise à jour: 1.0.62452
Licence: Premium

-Informations système-
Système d'exploitation: Windows 10 (Build 19044.2251)
Processeur: x64
Système de fichiers: NTFS
Utilisateur: System

-Détails du site Web bloqué-
Site Web malveillant: 1
, C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, Bloqué, -1, -1, 0.0.0, , 

-Données du site Web-
Catégorie: Cheval de Troie
Domaine: wmail-chat.com
Adresse IP: 193.239.84.207
Port : 80
Type: En sortie
Fichier: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

(end)

Link to post
Share on other sites

Hello @Exthax and :welcome::

 While you are waiting for the next qualified/approved malware removal expert helper to weigh in on your topic, and even though you may have run one or more of its following procedural steps, please carefully follow the instructions within the following:

I am infected - What do I do now?

  Remember, please be certain to attach (not Copy and Paste) the three (3) resultant report files in your next reply to this topic.

Thank you.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.