Suspicious command line after Fall Creators Update

Discussion in 'Malware Analysis' started by shmu26, Dec 28, 2017.

  1. shmu26

    shmu26 Level 57

    Jul 3, 2015
    Windows 10
    So today I restored an old system image of Win10 pro x64, from 6 months ago, and then I went through all those microsoft updates etc, including RS3.
    A while later, Voodooshield picked up the following Powershell command line string. The beginning looks real scary, but the middle and end looks very ho-hum Microsoft update.
    What do you say? Am I pwned?

    "powershell" -noprofile -noninteractive -inputformat none -executionpolicy bypass add-provisionedappxpackage -online -packagepath "c:\windows\temp\installhevcappxpackage\microsoft.hevcvideoextension_8wekyb3d8bbwe.x64.appx" -dependencypackagepath "c:\windows\temp\installhevcappxpackage\microsoft.vclibs.140.00_14.0.24123.0_x64__8wekyb3d8bbwe.appx" -licensepath "c:\windows\temp\installhevcappxpackage\microsoft.hevcvideoextension_8wekyb3d8bbwe.x64.xml"
    harlan4096 likes this.
Similar Threads Forum Date
Need Help Suspicious command line after Fall Creators Update Apps - Questions & Help Dec 28, 2017
Suspicious cert-sellers give badware a good name for just a few thousand bucks Security News Mar 12, 2018
Q&A procedure for suspicious removable media General Security Discussions Mar 10, 2018
  • About Us

    Our community has been around since 2010, and we pride ourselves on offering unbiased, critical discussion among people of all different backgrounds about security and technology . We are working every day to make sure our community is one of the best.
  • Need Malware Removal Help?

    If you're being redirected from a site you’re trying to visit, seeing constant pop-up ads, unwanted toolbars or strange search results, your computer may be infected with malware. We offer free malware removal assistance to our members in the Malware Removal Assistance forum.
  • Quick Tip

    Without meaning to, you may click a link that installs malware on your computer. To keep your computer safe, only click links and downloads from sites that you trust. Don’t open any unknown file types, or download programs from pop-ups that appear in your browser.