TrojanDropper:PowerShell/Cobacis.B

Question

TrojanDropper:PowerShell/Cobacis.B

Anonymous

hello, i wanna ask for this probelm
i got this virus on my laptop, and i manually delete the file from my laptop, but windows defender always detect the file, can u guys help me?

Detected: TrojanDropper:PowerShell/Cobacis.B

Status: Active

containerfile: C:\Users\62823\Downloads\Compressed\kali-linux-2022.4-installer-amd64.iso

file: C:\Users\62823\Downloads\Compressed\kali-linux-2022.4-installer-amd64.iso->pool\main\m\metasploit-framework\metasploit-framework_6.2.26-0kali1_amd64.deb->data.tar.xz->(xz)->./usr/share/metasploit-framework/vendor/bundle/ruby/3.0.0/cache/rex-powershell-0.1.97.gem->data.tar.gz->(GZip)->data/templates/to_mem_rc4.ps1.template

file: C:\Users\62823\Downloads\Compressed\kali-linux-2022.4-installer-amd64.iso->pool\main\m\metasploit-framework\metasploit-framework_6.2.26-0kali1_amd64.deb->data.tar.xz->(xz)->./usr/share/metasploit-framework/vendor/bundle/ruby/3.0.0/cache/rex-powershell-0.1.97.gem->data.tar.gz->(GZip)->[EmbeddedString]#6

file: C:\Users\62823\Downloads\Compressed\kali-linux-2022.4-installer-amd64.iso->pool\main\m\metasploit-framework\metasploit-framework_6.2.26-0kali1_amd64.deb->data.tar.xz->(xz)->./usr/share/metasploit-framework/vendor/bundle/ruby/3.0.0/gems/rex-powershell-0.1.97/data/templates/to_mem_rc4.ps1.template

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

Answer accepted by question author

Ramesh 176.5K Volunteer Moderator

Hi Yacob,

Open an admin Command Prompt and run:

rd /s /q "C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\DetectionHistory"

Press Enter.

See also: Windows Defender Shows the Same Threat Repeatedly

0 comments

1 additional answer

Answer 1

Anonymous

thank u so much for your help

0 comments

Share via

TrojanDropper:PowerShell/Cobacis.B

1 additional answer