Malicious command line detected

Not sure how to fix this.

windows 11 64bit


The app C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe was passed a malicious command line and has been blocked. Your device is now safe. Command line: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy bypass -c "$w="$env:APPDATA"+'/BBWC/'; [Reflection.Assembly]::Load([System.IO.File]::ReadAllBytes($w+'WebCompanion.dll'));[WebCompanion.StartUp]::Start()"

Comments

  • Gjoksi
    Gjoksi DEFENDER OF THE YEAR 2022 / DEFENDER OF THE MONTH ✭✭✭✭✭

    Hello.

    Only the malware researchers at Bitdefender Labs can help you solve the issue.

    First, take screenshot(s) of the issue,

    create a log file on your Windows device using Bitdefender Support Tool, by following these steps:

    https://www.bitdefender.com/consumer/support/answer/1733/

    and

    create a log file on your Windows device using BDsysLog, by following these steps:

    https://www.bitdefender.com/consumer/support/answer/1922/

    Next, contact Bitdefender Consumer Support by e-mail:

    https://www.bitdefender.com/consumer/support/help/

    with short description of the issue.

    After that, you will get an automated reply by the Bitdefender Customer Care Team, with your ticket number.

    Now, in reply to that automated reply, you can send the screenshot(s) you already took and the log files you already created in the first step.

    Since you are all done, just wait for the support engineers to investigate your issue and find a solution to fix the issue.

    Remember that the screenshot(s) and the log files will help a lot to the support engineers for better and faster investigation on your issue and finding a solution.

    You could also perform a scan with these FREE malware removal tools:

    Kaspersky Virus Removal Tool 2020

    https://www.kaspersky.com/downloads/free-virus-removal-tool

    ESET Online Scanner

    https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe

    F-Secure Online Scanner

    https://download.sp.f-secure.com/tools/F-SecureOnlineScanner.exe

    Malwarebytes AdwCleaner

    https://adwcleaner.malwarebytes.com/adwcleaner?channel=release

    Regards.

  • Scott
    Scott Defender of the month mod
    edited September 2022

    Hi Mike,

    If it's reoccurring, try turning off Scan command line in Protection -> AV/open -> Advanced. Then run a System Scan and see if that brings up any notifications. Scan command line is a newer feature to BD, so the engineers may like to have the information submitted by following the steps that Gjoski mentioned in the first part of his post.

    You can also confirm in Notifications if there is a log of that event, of it being successfully blocked?

    edit: and, if in doubt, run a second opinion scan from the 2nd part Gjoksi's post.

    Scott

    All Bitdefender Home Product User Guides:https://www.bitdefender.com/consumer/support/user-guides/

  • jgt1942
    jgt1942 ✭✭
    edited March 2023

    This seems to be a very similar issue that I have. Following is my macro in Word 2022

    I'm having great difficulty attempting to create a reply to this post.

    (The darn forum is blocking what I wanted to insert as my macro)

    Following is the error I get when my macro runs (when I attempt to include an image the forum blocks my post and reports "You have to be around for a little while longer before you can post links."

    I just attempted to include an image and I did NOT have a link in my posting.

    The error I get states "Run-time error '5': Invalid procedure call or argument"

    Originally, I was also getting the BD error. After reading the above from Scott I turned off the suggested option in BD and I no longer get the BD error but I do get the run-time error.

    In the past (Nov 2022 time-frame) the macro worked without issue. I don't think I have modified the macro and introduced the error.

    Assuming I understand what is going on (big leap of faith), the macro is now at fault. I reviewed my notes I created when I first implemented the macro (about 5 years ago) and I seem to be in-sync. e.g. the macro was implemented correctly. However, the error I'm getting seems to imply that I have introduced something in the macro that has created failure.

    I've attempted to find my original source for the macro but have not had success.

    Any suggestions?

    Another attempt to include the image

    😫

  • Scott
    Scott Defender of the month mod
    edited March 2023

    Another attempt to include the image

    I just promoted you to Level 2. You should be able to post an image now.

    Scott

    All Bitdefender Home Product User Guides:https://www.bitdefender.com/consumer/support/user-guides/