New
#11
Actually, post #7 shows:Contents of file are" run=https://lapweol.me/sload/ps1/findmail.ps1 "
.ps1 files are PowerShell scripts, not postscript files.
Hope this helps...
Both now been deleted. Both my AV and malware checkers are up to date so hopefully a problem of the past. Fingers crossed.
The names of the scheduled tasks match a known but not very common infection that we are tracking at the moment. This is a powershell malware loader that can install banking Trojans and remote control software. Given that you don't know whether it downloaded anything, the safest thing to do is rebuild your machine.
I wouldn't mind a quick chat about this if you are able to PM me.