How to uninstall PowerShell? *Trojan Virus*

The only listed Autoruns entry that I've seen associated with malware is under Task Scheduler. So try disabling it.

Run autoruns as admin and click on the Scheduled Tasks tab. Locate the following and uncheck its autorun entry:

\Network c:\program files (x86)\common files\index.js 1/12/2019 9:35 AM

Then browse to c:\program files (x86)\common files\index.js and rename to index.js.bak

After that reboot and see if you still get the detection.

Hi ChristopherCosma -

I'm Kevin B. Independent advisor and a Windows user like you. I do apologize for the inconvenience that you experiencing right now, let me help you sort things out.

Most of the modern application uses the PowerShell to execute commands. Removing the Windows PowerShell might affect computer performance.

Instead of removing the PowerShell on your computer, you can follow the steps below to remove the threats on your computer.

Boot your computer in safemode. Safemode is a windows environment used to troubleshoot, diagnose and repair corrupted windows system files. While computer is in safemode, no 3rd party application will run, not even your anti-virus, and selected services needed by windows to boot are the only running service on the computer. This ensures us that the computer will only use applications and services at a minimal level to avoid 3rd party conflicting application and services.

Please click on the link below and follow the steps in booting your computer in safemode.

https://support.microsoft.com/en-us/windows/sta...

Once in safemode, your can run a scan using your Anti-Malware scanner or your can use the Microsoft Safety Scanner just to make sure that computer doesn't have any threats.

Click on the link below to access Microsoft Safety scanner

https://docs.microsoft.com/en-us/windows/securi...

Once scan is done, please run a system file checker on your computer to check the integrity of the system files of windows on your computer.

Click then link below and follow the steps on how to perform system file checker on your computer

https://support.microsoft.com/en-us/topic/use-t...

After the scan, please perform cleanboot on computer.

Perform Clean Boot
- This process will eliminate 3rd party application running in the background of your computer along with services that are not needed to run windows. If there's any conflicting 3rd party application that causes the issue on your computer, this process will stop it.

1. Open the run box by pressing the Windows Key + R and type msconfig
2. System Configuration Utility box will open and by default you are on general tab.
3. On the General tab, click the selective startup and make sure that load system service and load startup items both have checked mark.
4. Click on services tab
5. Put a check mark on Hide All Microsoft Services > This is a very important part as if you miss to click on this, computer might not boot properly or permanently and will end up on clean installation.
6. Once Hide all Microsoft Services have checked mark on it, click on Disable All
7. Click on the Startup Tab and click open task manager. This will open another window which contains all your startup applications on the administrator account.
8. Disable all application that you're not using. You can simply just click on them and select disable.
9. Click OK , Apply and close the configuration utility

After the cleanboot, please try to delete temporary files on your computer to make sure that the threats are not using the temporary files on your computer.

https://support.microsoft.com/en-us/windows/dis...

After the disk cleanup, check the content of the startup folder of your computer.

Press windows key + r
Type shell:Startup and press enter
Check if there's anything on the startup folder that you didn't recognize and delete it.

Restart your computer normally and check if the pop-up still appears.

Hope this will help and have a bless day!

Thanks.
Kevin B.
Independent advisor