Bitdefender Keeps Blocking "powershell.exe". What Do I Do And What's This?
EDIT : Not sure if im posting in the right place btw.
So i installed bitdefender on my desktop pc and did a quick scan but during the scan and currently while im writing this i keep getting pop ups BitDefender blocked a threat accessed by application powershell.exe, while looking at the logs it says:
FEATURE : Online threat prevention
The website names are always different and are some random keywords.
The threat name is Generic.PWSH.CoinStealer.A.2F825A5C.
On some the last numbers are changed but coin stealer is still there.
On some others the threat name aint even there.
What do i do and whats this? I cant seem to find it.
Additionally, check if below steps helps you in any way.
1) Restart PC in safe mode: https://support.microsoft.com/en-us/windows/start-your-pc-in-safe-mode-in-windows-92c27cff-db89-8644-1ce4-b3e5e56fe234
2) Open run command and run below command one by one:
temp ,delete all the files in the folder
%temp% ,delete all the files in folder
prefetch ,delete all the files in folder
3) Restart your PC in general mode by unticking the option that you selected to run the system in safe mode and then click apply.
4) Reset your browsers:
Google Chrome: https://support.google.com/chrome/answer/3296214?hl=en
Mozilla Firefox: https://support.mozilla.org/en-US/kb/refresh-firefox-reset-add-ons-and-settings
Microsoft Edge: https://malwaretips.com/blogs/reset-microsoft-edge/
5) Now, to be on a safer side, I would also advise you to run these portable scanners which do not require any installation
* Download and run Malwarebytes AdwCleaner: https://www.malwarebytes.com/adwcleaner
* ESET Online Scanner: https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe
* Download and run a scan with Kaspersky Virus Removal Tool: https://devbuilds.s.kaspersky-labs.com/devbuilds/KVRT/latest/full/KVRT.exe .Make sure you checkmark System Memory, Startup Objects, Boot Sectors & System Drive before running a scan.
OMEN Laptop 15-en1037AX (Bitdefender Total Security) & Samsung Galaxy S22 Ultra (Bitdefender Mobile Security)1
If issue persists even after following the above stated steps,
Generate bitdefender support tool logs: https://www.bitdefender.com/consumer/support/answer/1733/
Generate bitdefender connectivity logs: https://www.bitdefender.com/consumer/support/answer/9689/
Share the logs & your query with bitdefender support team by dropping them an email at [email protected]
The support team will reply back to your query within next 24-48 hours excluding weekends.
OMEN Laptop 15-en1037AX (Bitdefender Total Security) & Samsung Galaxy S22 Ultra (Bitdefender Mobile Security)0
Based on your description of the situation encountered, I would recommend contacting the Technical Support Teams, as more information might be required to troubleshoot this. You can get in touch with our engineers by choosing one of the contact methods available here:
There have been several discussions on the forum regarding powershell, but we won't be able to resolve this on the forum, unfortunately..
Threat Defense has blocked powershell.exe and conhost, stating that the former is malware. TIA for the help.0