I recently downloaded a file from a fake download button on a ROM site, and now my computer is acting up. I'm experiencing a significant performance drop and frequent openings of PowerShell. I've run multiple scans with Windows Defender, Hitman Pro, and Malwarebytes, and I've already removed a lot of malware, but I still can't find what's causing PowerShell to trigger. It gets blocked by Malwarebytes, but it's definitely slowing down my system. I've searched through the Task Manager and Task Scheduler, and haven't found anything suspicious. Event Viewer is logging multiple PowerShell instances with event IDs 400, 403, and 600. I really need help identifying the source of this issue. If I can't fix it, I might have to reinstall Windows. Any guidance would be greatly appreciated!
4 Answers
Honestly, if it’s as bad as you’re saying, reinstalling Windows might be your best option. Sometimes a clean slate is the quickest fix when malware is too deep.
You could try using an antivirus that scans without booting your system, like Kaspersky Rescue Disk. It’s designed to run independently from your OS and should help you get rid of whatever’s lurking without interference from the infected files.
Have you tried making a bootable USB with cleanup tools? Grab an 8GB USB, create a bootable drive from another clean machine, and install Malwarebytes and Hitman Pro on it. Boot from that drive on your infected PC and run the scans from there. It's usually more effective than trying to run them within Windows when malware is active.
Make sure to pull the plug on the infected machine! PowerShell is trying to dig in deeper, and it’s best to stop it before it does any more damage. After that, go to a friend's clean computer, create a bootable USB with various cleanup tools, and see if that helps you clear things up.
I appreciate the honest answer. It’s frustrating, but I might have to go that route.