Andy Ful
From Hard_Configurator Tools
Thread author
Verified
Honorary Member
Top Poster
Developer
Well-known
- Dec 23, 2014
- 8,593
When i open my PowerShell with my standard account ( SUA ) i get this
View attachment 148149
When i try to open PowerShell modules with my admin password i get this
View attachment 148150
Can you tell if my PowerShell is secured?
You have disabled PowerShell script execution. So yes, if the exploit cannot use the PowerShell in the interactive mode to run:
Get-Content malware.ps1 | PowerShell.exe -noprofile -
Of course, if one will run malware (not PowerShell script) as administrator, then it can change the registry and allow to run powerShell scripts.