Jump to content


Go to solution Solved by Marcos,

Recommended Posts

Hello guys please help me,

A threat found called powershell/psw.coinstealer.b

Below is a screenshot of the threat detected.

It says threat removed. The Access has been blocked

But these threats kept coming more often especially every time I log on to my computer.


Link to comment
Share on other sites

  • Administrators
1 hour ago, sharif said:

hi I got same issue . And here is my logs

Launch Windows Scheduler and delete the tasks:


Should the detection continue after a reboot, delete the following reg. values and reboot the machine:

HKLM\SOFTWARE\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19276D93-5626-465C-BA0F-B9E9E1CEA783}
HKLM\SOFTWARE\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{881DD363-FE8C-4900-9E1A-AC7DF2648DA3}
HKLM\SOFTWARE\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA604B1C-8958-41F1-AD76-55ABC3C51C4B}

Link to comment
Share on other sites

  • Administrators
  • Solution
11 minutes ago, jasonphilip said:

Hello apologies for the late reply. Here is my log

Please launch Windows Scheduler and delete the following task and reboot the machine:

Should the problem persist, delete the following registry value and reboot the machine:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D24444D6-714D-4331-AC2B-CE934A3A0CAE}

I'd also recommend enabling detection of potentially unsafe applications as well as the LiveGrid Feedback system for maximum protection.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...