Author Topic: PowerShell virus ? (Read 1998 times)

REDACTED · « **on:** January 08, 2018, 05:45:19 PM »

Hi,
I make a full scan with avast today and it found 2 trojan;
Name is Powershell in System32, if it is a trojan, it is important I think ...
So I don't know if it is a false positive or if it is a real trojan wich hide his self with this name.
Thanks for all answer and as you can see on the screen I'm French, I'm not good at English, sorry

Avast can't fix it, I think it is because the file are in sys32
Screen : https://ibb.co/exTJwm

Pondus · « **Reply #1 on:** January 08, 2018, 05:48:43 PM »

Instructions >> https://forum.avast.com/index.php?topic=194892.0

REDACTED · « **Reply #2 on:** January 08, 2018, 06:13:01 PM »

Okay, I did it all.
The malwarebytes analysis didn't find anything but I still pass the logs.
Thank you for giving me the instructions and for your help.

Pondus · « **Reply #3 on:** January 08, 2018, 06:16:48 PM »

Now you wait for one of the listed experts to arrive, this may take hours

Sass Drake · « **Reply #4 on:** January 08, 2018, 11:12:36 PM »

I don't see malicious entries in logs. Are you getting constantly Avast notifications about detected malware or it was just during full scan?

REDACTED · « **Reply #5 on:** January 09, 2018, 12:22:42 PM »

Just with a full scan, but it's been a long time since I did one, about 1 month or 2 so I don't really know maybe I missed the notification but on the last full scan I didn't see anything like that, so I don't know why Avast detects it now (maybe an update from Avast).

I also do smart scans more regularly but no detection.

Thank you for your help

Author Topic: PowerShell virus ? (Read 1998 times)

REDACTED

PowerShell virus ?

Pondus

Re: PowerShell virus ?

REDACTED

Re: PowerShell virus ?

Pondus

Re: PowerShell virus ?

Sass Drake

Re: PowerShell virus ?

REDACTED

Re: PowerShell virus ?