How to Remove powershell.exe Virus? | powershell.exe Malware

What is powershell.exe?

powershell.exe is a product component of Windows Operating System from Microsoft Corporation, powershell.exe is a legitimate file that is also known as Windows Powershell. It's default location in the computer is C:\Windows\System32

Malware programmers create files with virus codes and name it after powershell.exe virus to spread malware on the internet.

Affected Platform: Windows OS

How to check if your computer is infected with powershell.exe virus?

If your PC is infected with powershell.exe, you will either have your internet browser redirecting you involuntarily to irrelevant websites, or you will see powershell.exe taking too much CPU usage. Take the following steps to diagnose your PC for possible powershell.exe malware attack:

Step 1: Simultaneously press CTRL+ALT+DEL keys to open Task Manager.

Step 2: If you notice the file located outside the file path C:\Program Files, then you should run an antivirus scan to get ride of the malware.

How to remove the powershell.exe file file system using Comodo Antivirus?

Step 1: Download and Install the award-winning Free Internet Security.

Step 2: Installation configuration frames will be displayed. Select the configuration you would like to apply.

Step 3: Select Customize Configuration option and arrange installers, configuration, and file location.

Step 4: Restart your PC.

Step 5: It will take some time for the Comodo Internet Security to update the Virus Protection Software.

Step 6: Proceed with a quick scan that automatically begins after the update.

Step 7: If threats are found during the scanning, you will be prompted with an alert screen.

Step 8: Comodo Anti Virus will remove the powershell.exe virus from your computer including all other malwares!

Windows OS PC Security Softwares:

Related Resources:

Website Malware Directory Resources:

Malware Entries

Safe Entries

First Seen: 18 December 2011 at 2:52 am

No.	Company	File Type	SHA1	MD5	Malware Name	Digitally Signed	File Version	Product Version	Submitted From	Malware Behavior
1	Microsoft Corporation	Executable	d8393ae7814d93b7 930782fafda3c493 1cbd90e4	58f035ca292dd749 c055b2afd41ac3e1	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	197.32.15.247/32	N/A
2	Microsoft Corporation	Executable	4b0ce3cf2bddc56a 8f7726755b1f13df 86db2724	d1b282996e3531d7 47b154c09a8485c0	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	197.39.76.202/32	N/A
3	Microsoft Corporation	Executable	0af3fe33be33fdb9 b3b93ec2383d94bd cf6d900e	bffa635ab02b5de4 191a964f9fceb6a8	Virus.Win32. Virut.Ce	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Nigeria	N/A
4	N/A	Executable	dfc50c726a47427f b30111fad9cfc2e7 2f1a05ca	38bea1f8be22e454 b618b452c8e57d25	Virus.Win32. Virut.Ce	No	N/A	N/A	41.77.222.162/32	N/A
5	N/A	Executable	76649bae3367e7fc c1e00ee5a4fcb5aa 5ac68c32	86bd211230803757 562f5ae87a3a6159	Virus.Win32. Virut.CE	No	N/A	N/A	176.88.226.192/32	N/A
6	Microsoft Corporation	Executable	fa7cc80eb18e58ad 16cf64c6f243efa2 e8646229	a27943926bffa5c7 08754e1ae9e5ecde	Virus.Win32. Virut.Ce	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	197.210.79.117/32	N/A
7	Microsoft Corporation	Executable	7d9518b5b6278e7c fe37627fc6c06f95 13488828	333d5c8a497cde03 81767dbe03a4ab7d	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Indonesia	N/A
8	Microsoft Corporation	Executable	45c63d824dd0f748 f8a59b9699485e8e 77197630	5e71df79036fb5fc 719046faa5e974ab	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Italy	N/A
9	N/A	Executable	85b7049bcfc1b4fa 171d617ef7a5f8e5 ca8d1db9	b582f28f5ab1a3ba 058e11aa4bd5a4cd	Virus.Win32. Virut.Ce	No	N/A	N/A	129.205.113.134/32	N/A
10	Microsoft Corporation	Executable	a05e359ee9832551 819072b89bcb1703 8b7e1fc3	a2aa43718ae3a1dc 540b92992634f860	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Indonesia	N/A
11	N/A	Executable	36eee40d4a9eba43 78858618ac1d84e4 437ed686	53f246533441ccc2 bbc840a1683142aa	Win32.Neshta .A	No	N/A	N/A	181.66.169.99/32	N/A
12	Microsoft Corporation	Executable	5334f061a7aaf7ba 1c2bffd3ead35c1c 86958882	f7bafdfda7ba0e65 955a8ef1126aea1f	Virus.Win32. Virut.Ce	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Zimbabwe	N/A
13	Microsoft Corporation	Executable	8987624a247615b1 a7852eeee06ce614 a40a3725	42a3da7ffb907979 bc29de7db39e9f0d	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	154.160.5.118/32	N/A
14	N/A	Executable	fd57786cdf626341 bf2ed9aa759b2148 320be519	f07778a03a3fa94e 3d4556a080e67198	Virus.Win32. Virut.CE	No	N/A	N/A	Nigeria	N/A
15	Microsoft Corporation	Executable	aed5c6251c986b5f b3bf9e6f17f4bc1f ab39ba1e	727c78802c02cfc2 3db7b6de963a2fd2	Virus.Win32. Virut.Ce	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Pakistan	N/A
16	N/A	Executable	4612a2b67af597c8 0c263afa4abe0296 9890bd14	df7e1fec3e618cec 6a454e8096e28c5f	Virus.Win32. Virut.CE	No	N/A	N/A	129.205.113.26/32	N/A
17	N/A	Executable	e192c74e9b8c37cd 2e27199b1079635d ec26b8b0	53fe29067ee4e24d 660a6ad91da808ee	Win32.Neshta .A	No	N/A	N/A	Turkey	N/A
18	Microsoft Corporation	Executable	26d4dcbb21d1e92a e98ba247423ecbfe 8b853988	295c3daa6511423c 0f29801346198bec	Unclassified Malware	No	10.0.19041 .546 (WinBuild. 160101.080 0)	10.0.19041 .546	103.101.52.130/32	N/A
19	Microsoft Corporation	Executable	8f5e0735c92d3cf7 f8b1766fe47e8804 2d64de8b	d137e846ffa53937 91e665ff07f86bf9	Virus.Win32. Expiro.naf	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Russian Federation	N/A
20	Microsoft Corporation	Executable	b84ef479250b5e7b e444d90b8d092354 ff40a0b1	e99a10fac81c9b08 406b6d7332da1994	Virus.Win32. Virut.CE	No	6.3.9600.1 7415 (winblue_r 4.141028-1 500)	6.3.9600.1 7415	156.201.204.239/32	N/A
21	Microsoft Corporation	Executable	f9922241bb251d47 0dd5d08e864a5ba2 76e0ec7a	ebd6ae5df2f5450e 12abdb90cd1908cf	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Qatar	N/A
22	N/A	Executable	3b2edde439b1fde5 ade36529e99a5984 594bbdea	7419b6ba3f6efac7 03878c42cc962de9	Virus.Win32. Virut.Ce	No	N/A	N/A	United States	N/A
23	Microsoft Corporation	Executable	fdf931161deb8843 2ba8f58e1c4d03ce e90fc8cc	742c87bfefa15706 922e77ab21f59204	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	190.143.253.194/32	N/A
24	Microsoft Corporation	Executable	db2ca82d2414e4b1 3b87cb459b0c255c f2a7b3df	fc53d241865861a7 9e04af849a03a6c1	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Indonesia	N/A
25	N/A	Executable	ab8e72ce8a35d7c4 5b494b3cfcdad249 eddebe51	754f65d7219d8d2d 52048e5e7965c521	Virus.Win32. Virut.CE	No	N/A	N/A	Indonesia	N/A
26	Microsoft Corporation	Executable	889744cc094940bf e891a1b167e6b26c 9b56a1de	63f3d99f31ab5549 06c142461b1d1acb	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Indonesia	N/A
27	Microsoft Corporation	Executable	fbf100e255a2b8b0 62754cddf1ceb571 01cd896a	fe1add84b39f7b79 210801fee0c99e14	Virus.Win32. Virut.Ce	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Indonesia	N/A
28	Microsoft Corporation	Executable	50da3079d4582540 6259e93a7117230f ce184fbb	d2498b1fe93d7611 8b1a1dbf994f48ac	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	102.43.29.105/32	N/A
29	Microsoft Corporation	Executable	008645ce213d2579 946b82ebedb9cd31 107c56ae	777d2ff5eaaeece3 235f53b91ed9a287	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	105.230.114.139/32	N/A
30	Microsoft Corporation	Executable	847a301f7d74745c 8976a461f1b3d94a 59acbbd5	de9f2f613a8e808f 325a5ef3c4dda1de	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Indonesia	N/A
31	Microsoft Corporation	Executable	250920f453424ab1 3de19a9b16e22f3d 711bb854	bf08971098313cdb 483549149a65d2a5	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	156.207.88.166/32	N/A
32	Microsoft Corporation	Executable	b8bf139207094ed9 6348550b9adea08e 50462c39	f5a7aab3dbcd241f 45901bff72b84e73	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Indonesia	N/A
33	Microsoft Corporation	Executable	6a5c1c2d4e00dbd0 797ac55974788b63 0cd4d94b	eb7d0070928967f7 89187d779354f5ea	Virus.Win32. Virut.Ce	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	197.214.249.165/32	N/A
34	N/A	Executable	ac5abf8bc20f7fe2 ae7cd94538774d31 205ee42b	a4f57d8b22628f05 4e84a045a5e085a1	Virus.Win32. Virut.CE	No	N/A	N/A	Nigeria	N/A
35	Microsoft Corporation	Executable	d0e7c949299a8648 6a4699d9d2699892 d4d911d0	daac2b4669607b17 012d1576f0e59a75	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	197.210.226.66/32	N/A
36	Microsoft Corporation	Executable	5eeecb3e0dea4e09 0b2fa28f4c684120 62bdba69	dd999906e20a2745 37855f2bf308f7c4	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	190.143.253.157/32	N/A
37	N/A	Executable	493f2f2ff8248010 bf0e754826b8d0ba bd45b456	0472dd6074b74552 4072d01e2a844ab0	Win32.Neshta .A	No	N/A	N/A	181.66.169.99/32	N/A
38	Microsoft Corporation	Executable	cc640638ed45ca08 b292fe0824dd875a a201b003	a7e69d01bef00e5a 856f75d6053217ce	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Serbia	N/A
39	Microsoft Corporation	Executable	3feb4c4e384ad74a e44c83e0684b8bf6 a35c393a	9893bf7fbeac517b afce71e116680156	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Vietnam	N/A
40	N/A	Executable	8b51641089489afb 8aea5b4e0e210205 e60aa74e	394bb225a78eb99d 581d7f3ef051afab	Virus.Win32. Virut.CE	No	N/A	N/A	Pakistan	N/A
41	N/A	Executable	803f56d418a0f80b f95cb179c2b0e397 3bf0149b	763ae6c8c64667a4 607120feffb14e2b	TrojWare.Win 32.Trojan.Ag ent.~IDA	No	N/A	N/A	Internal Submission	N/A
42	Microsoft Corporation	Executable	6e517afb87f3b0f6 ebce0ba2aa410b79 ff98c9a1	2903ec8b606bacd2 e645b59b721c2036	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	102.222.180.219/32	N/A
43	Microsoft Corporation	Executable	eee062e06ffe358e 5df09745e042584e 9abde295	f843d2a623772a6e 7c54c154bd9d2529	Virus.Win32. Virut.Ce	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Pakistan	N/A
44	N/A	Executable	63a68a4fb19fc9bd 0d3b66de109e8cf2 08583e62	25736d0607df7467 23576b4615c38882	Virus.Win32. Virut.CE	No	N/A	N/A	Indonesia	N/A
45	Microsoft Corporation	Executable	a1fc782f00dca304 54ab234e0a472ade 8009ba48	6b5006c49345c202 56eb221e45dfec76	Virus.Win32. Virut.Ce	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Zambia	N/A
46	Microsoft Corporation	Executable	67383c37184854c4 be1e3ccf014c23dd cc2b29e5	46009bfe746469f0 462299f44083f193	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Indonesia	N/A
47	N/A	Executable	cc762008ce81d2cf 0849da9db27a2992 d1f70b51	6a0233accdddd883 bbd99520197ebf99	Virus.Win32. Virut.CE	No	N/A	N/A	United States	N/A
48	Microsoft Corporation	Executable	d5225d41a9aa2077 aa1cdc07180aec8d 47a71a2d	89d2bdc0fbd5753c 255ff9d525d7d649	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Canada	N/A
49	N/A	Executable	e360542049da641c e9166fdb388c0127 fdfcafe8	6d8559e4d314c17b 7559d05a0ea77f1b	Virus.Win32. Virut.Ce	No	N/A	N/A	New Zealand	N/A

Prev 1 2 3...13 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Safe Entries

First Seen: 08 March 2009 at 3:48 am

No.	Company	File Type	SHA1	MD5	Digitally Signed	File Version	Product Version	Submitted From
1	N/A	Executable	781317fe84953117 b77c1909276918ef f80c3efb	621fbed6efc6451e 0d3f302f6f0b4651	No	N/A	N/A	United States
2	N/A	Non-executable	af1782f5e44434c1 46d578d52cdbb160 974d3fcb	df74724ecd359683 a94552e48ee48ba9	No	N/A	N/A	United States
3	Microsoft Corporation	Executable	243d1d198c3d3416 1914853a27507f93 fe40cafd	ebf13b240e83dc99 e0a9b46f46c9379b	No	6.0.5430.0 (winmain(w mbla).0608 30-0208)	6.0.5430.0	United States
4	Microsoft Corporation	Executable	900978683159718d 65305d72a57634f0 43a325f9	5b16d54f2ae6b74d cf863bc0f5e502b5	No	10.0.19041 .1 (WinBuild. 160101.080 0)	10.0.19041 .1	104.238.128.144/32
5	Microsoft Corporation	Executable	8466f4aed06d508c 8e917d6c68a5587e 5937b4e3	195c04b638f3538f 8c8b0c0ed5d2f940	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Greece
6	Microsoft Corporation	Executable	ec824ee03f969721 aef5ac2a7d5897d5 d150cb13	f8278db78be16463 2c57002e82b07813	No	10.0.19041 .1 (WinBuild. 160101.080 0)	10.0.19041 .1	United States
7	N/A	Non-executable	a690dd21f88e7486 ed5026d6674eae87 574362a6	a35a14083de13bae a44547e3032f56a5	No	N/A	N/A	United States
8	N/A	Non-executable	fd2cf5d860aae8d8 429813b14f4e9ffa 0b62288d	d8ab3893adafa69f 796bcf2d02e6a6ff	No	N/A	N/A	United States

Prev 1 2 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Malware Search Engine

How to Remove “powershell.exe”

What is powershell.exe?

How to check if your computer is infected with powershell.exe virus?