about your computer, please ask it in this thread and I'll assist you As long as I'm assisting you on Malwarebytes Forums, in this thread, I'll ask you to not seek assistance anywhere else for any issue related to the system we are working on.However, I'll always reply within 24 hours, 48 hours at most if something unexpected happens This is because I need some time to analyse them and then act accordingly. As you'll notice, the logs we are asking for here are quite lenghty, so it's normal for me to not reply exactly after you post them.Since we'll be working together, you can call me Aura or Yoan, which is my real name, it's up to you! Now that we've broke the ice, I'll just ask you a few things during the time we'll be working together to clean your system and get it back to an operational state. My name is Aura and I'll be assisting you with your malware issue. I tried to homebrew my own solution, mainly using Windows Firewall to block Powershell from performing outbound connections, but that's probably not good in the long term Now that my trial is over, Powershell is starting to open up again. It seems that it tries a different port per attempt. I even went so far as to check my FRST logs myself and I indeed found strings in the task manager referring to connecting to the IP address, 5.79.81.161, like that person's issue. I did a couple of scans, including one in safe mode, but Malwarebyes didn't find anything, but continued to block Powershell trying to ping the IP address. I was curious as to why, so I downloaded and installed Malwarebytes and started the trial, and it started telling me that it was blocking Powershell from connecting to an IP address. It would typically be about two minutes after I stopped touching anything. Recently, as of about two or three weeks ago, Powershell started opening up by itself whenever my computer was idle and I wasn't interacting with it.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |