Forum Discussion
odit_89
Mar 09, 2023Copper Contributor
PowerShell ID 4104 - What are the scripts doing?
Hello everyone. The system is Windows 10 Home 21H2. Something happened in my PC and I really want to figure out. The script ran automatically in the background after I disabled my network adapter....
Varun_Ghildiyal
Mar 09, 2023Brass Contributor
There are many scripts in the one drive link , which one you want us to test and explain
odit_89
Mar 17, 2023Copper Contributor
Hello Varun_Ghildiyal, sorry I didn't even ask a question😓
After digging in to some ps language, the scripts turned to be the functions for network diagnose and maintenance usage.
The script executed in the temp folder with an id 4104 event, and there is one difference that the second script doesn't have ms copyright while others have, and I couldn't find it elsewhere.
1.Is it normal to have this log given the scenario? I'm still trying to find the trigger.
2.My diagnose pack was modified recently and I don't see that recorded in Tuesday Patch, do you have any idea about this situation?
Look forward to hearing from you!