Can't get rid of malicious wbs ******

Options

I'm on windows 11.

Every time I restart Bitdefender find a Threat:

"Malware

wscript.exe

C:\Windows\System32
(Command line parameters: "C:\Windows\System32\wscript.exe" "C:\Windows
System32\SyncAppvPublishingServer.vbs" "n; $a = Get-Content "C:\Users\LWizard\AppData\Local\logs
system-logs.txt" | Select -Index 17033;iex $a;hackbacktrack XoBJLWeei4NqeQuFneR9fArkoDLpp4Tj
+YZu2tRZg3l=)

powershell.exe

C:\Windows\System32\WindowsPowerShell\v1.0

conhost.exe

C:\Windows\System32"

It seems it quarantine it, but every reboot it still find that threat.

I have manually inspected Windows Task scheduler but didn't find anything suspicious.

What can I do?

Thanks!

I attach the screenshot.

Tagged:

Answers

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod
    edited May 31
    Options

    wscript.exe: This is a legitimate Windows file used for running scripts. However, cybercriminals often disguise malware as legitimate programs.


    Kindly check if the following steps help you:

    1) Open the Run command and execute the following commands one by one:

    temp – delete all the files in the folder.

    %temp% – delete all the files in the folder.

    prefetch – delete all the files in the folder.

    2) Kindly follow the malware removal procedure as stated in the following link: https://malwaretips.com/blogs/remove-malware-windows-11/


    If the issue persists, kindly contact Bitdefender support by visiting https://www.bitdefender.com/consumer/support/help

    Select, How to's & Troubleshooting Bitdefender productsTroubleshootingI don't knowContact Support→ You will get the option of chatcall or email.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • lwizard
    Options

    Malwarebytes seems to have worked!

    I forgot that antivirus like bitdefender are not able to remove malware, very strange. This was true 20 years ago and seems to be still the same. Don't understand why a commercial antivirus can't add malware removal tools. Most of the time antivirus like norton or bitdefender block but don't remove them. Anyway thanks to you and to bitdefender!