I'm facing an issue where Windows virus and threat protection keeps detecting a potential threat on my computer, and I'm not sure if it's a false positive or if I should be worried. The threat gets flagged and removed every time I restart my system. I've scanned with both Windows Defender and Malwarebytes, and neither has found anything. The detection details are as follows: !#CMD:PowershellProcess, which states that this program has potentially unwanted behavior. The affected items include a command line that leads to cmd.exe executing a PowerShell command to download something from a URL: 'https://www.localnetwork.zone/noauth/cacert'. Any advice on whether this is safe or not?
1 Answer
It sounds like a tricky situation. That domain, 'localnetwork.zone', seems to be connected to SuperLoop. You might want to check who your ISP is and if there’s any other antivirus software on your computer that could be causing conflicts. Also, if this computer was provided by a school, it could be tied to their network setup. You might want to consider checking with your school’s IT department if you're not sure about that domain.
Yeah, it's my personal computer, but the school had me install a certificate to access their internet. I thought that might be related, but the issue persists even at home.