I'm really confused about this Mimikatz thing that's popping up on my computer. I've heard it can hack passwords, and my Windows Defender is unable to remove it. It gets blocked but comes back after a couple of minutes. Is it safe to delete it in safe mode? I've heard PowerShell is important, and I'm worried about messing something up and corrupting my PC.
3 Answers
Always better to act fast when something like this appears. If it’s stealing accounts, treat your PC like it’s compromised. I suggest a backup and full reinstall asap. You’ll have a party trying to get everything back in order, but it’s better than risking your data!
It looks like the command you're seeing is the PowerShell script that Mimikatz is using, and yes, it seems to be obfuscated. You can't just delete PowerShell—it runs legit systems processes. It's better to wipe everything and start fresh because this virus could hide anywhere on your device and come back.
I understand the need to delay, especially with work deadlines. Just know that this could be more dangerous than it seems. Changing your online passwords is definitely a good move, just in case!
You might have no choice but to consider reinstalling your OS. If this Mimikatz virus is active, it can keep stealing your info. If you're in a tight spot, I get that, but this infection seems serious. You should clean it up sooner rather than later if you want to protect your accounts. Better safe than sorry!
This situation sounds stressful. If you've backed up your data and you think this is a serious issue, a clean reinstall is probably the safest way to go.
Thanks for this advice! I'll definitely consider doing a full reinstall as soon as I can.