Ransomware using Powershell

  • 1
  • Question
  • Updated 2 years ago
  • Answered
Do Trendmicro Max Security have the ablity to against Ransomware using powershell?!

Today my computer is infected by a VBS Virus using Powershell script, Most of files were encrypted before I found problem and My Trendmicro HAVE NO REACTION. If had no backup, I would ask Trendmicro to compensate my file for loss.I am very disappointed with your Antivirus, because I have just moved from another Antivirus to Trendmicro. Anyway, hope your can improve your product against malicious powershell script.
Photo of magicxinno.1


  • 202 Points 100 badge 2x thumb
  • bad disappointed

Posted 2 years ago

  • 1
Photo of TM_Ian

TM_Ian, Employee

  • 5,242 Points 5k badge 2x thumb
Hi @magicxinno.1 and welcome to Trend Micro Community!

We're glad that you posted your concern here, though, we also regret to hear about this incident that happened to your PC.

Trend Micro has been fully aware and continuously create solutions for all types of malware, most specially the ransomware variant. Back in 2014, Trend Micro discovered a new variant of ransomware that uses Windows Powershell to hide itself from being detected by the security program installed on the PC. This ransomware has been identified by Trend Micro as TROJ_POSHCODER.A.

Here are some ways on how you can prevent being infected by ransomware:
1. Back-up your important files using the "3-2-1" rule. Create 3 backup copies of your files on 2 different media (i.e. external hard drive, external CD) and 1 copy of the backup that you may save on a different location (i.e. cloud storage).

2. Regularly update programs and applications including the operating system to have the latest security against vulnerabilities.

3. Avoid downloading email attachments from spam emails and unknown senders to prevent the infection. Always check who the sender is and double-check the content of the message.

Though new variants may still be unknown, Trend Micro has its solutions to prevent further infection from these malicious programs in infecting your system and encrypting your files. One of the latest solution that Trend Micro created is the Folder Shield. This new feature prevents unwanted applications from unauthorized encryption or configuration of the protected files saved in the protected folder.

Here are some of Trend Micro solutions for ransomware infection:

We hope this helps. Please let us know if you have further concerns.

Thank you and have a great day!

Trend Micro Home Users Community