Skip to content

PowerToys update attempts to delete volume shadow copy and flagged as malware #32401

New issue
New issue
Open
Open
PowerToys update attempts to delete volume shadow copy and flagged as malware#32401
Labels
Area-Setup/InstallRefers to installation mechanismIssue-BugSomething isn't workingNeeds-TriageFor issues raised to be triaged and prioritized by internal Microsoft teams
@Pheil

Description

@Pheil
Pheil
opened on Apr 11, 2024

Microsoft PowerToys version

0.80.1

Installation method

PowerToys auto-update

Running as admin

No

Area(s) with issue?

General

Steps to reproduce

Software auto updated yesterday

✔️ Expected Behavior

Nothing, software just updates.

❌ Actual Behavior

IT asked me why software on my machine is trying to delete a volume shadow snapshot. Specific message from IT

File name: PowerToysSetup-0.80.1-x64.exe
File path:
\Device\HarddiskVolume9\temp{A0EF031E-F99A-40E3-BE7E-321B118B6F74}\.be\PowerToysSetup-0.80.1-x64.exe
Command line:
"O:\temp{A0EF031E-F99A-40E3-BE7E-321B118B6F74}\.be\PowerToysSetup-0.80.1-x64.exe"
-q -burn.elevated BurnPipe.

{BBBBC676-BCC4-451F-AD00-A75AF22C8FB5} {CF66E5BA-6A0C-471F-8E49-CE36C71879BD}
5640
SHA 256: 9890577d5ee54714ceb23e6bb4209f92ed07611b6c7cae6f8074c2131cd59696
MD5 Hash data: ee57bd87863a51891a9c004673721e16

Other Software

Crowdstrike 7.11.18110.0
PowerToysReport_2024-04-11-08-35-54.zip

Activity

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    Area-Setup/InstallRefers to installation mechanismIssue-BugSomething isn't workingNeeds-TriageFor issues raised to be triaged and prioritized by internal Microsoft teams

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions