Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: utkarshbhangale009 on August 05, 2021, 06:35:04 PM
-
I have been getting this detection for quite a few days
it says we've blocked powershell.exe because it was infected by IDP.HELU.PSE25-Command line detection
-
I have been getting this detection for quite a few days
it says we've blocked powershell.exe because it was infected by IDP.HELU.PSE25-Command line detection
Hi,
Please report it here: https://www.avast.com/false-positive-file-form.php
(it might be caused by a script you are running)
-
I have been getting this issue as well, it happens to me when trying to install the Azure extension for Visual Studio and again when uninstalling it - done to check if it is the cause of the notification and have repeated this process circa 10 times with the same result. Visual Studio is a mainstream, reputable, provider of software - sure they can have issues and security leaks, but from reading the forums and how far back this issue goes (not specifically relating to Visual Studio) it is nothing new.
I have tried all ways to allow this via the exceptions and Avast still blocks it. I even went to the extreme and done a clean install of windows - to no avail.
The issue has been reported but guessing a fix will not happen in a hurry.
-
I have been getting this message as well: We've blocked powershell.exe because it was infected with IDP.HELU.PSE25 - Command line detection
Process: C:Window\SysWOW64\WindowsPowerShellv1.0\powershell.exe
Detected by: Behavior Shield
-
Have you submitted it as a possible false positive as r@vast suggested in Reply #1 ?
-
Same exact issue: Visual Studio Community 2022 - installing directly from Microsoft's web-site. During the installation - where Azure dev tools are being installed - I get the same issue. Has this not been corrected yet? I submitted a false positive, but if other folks submitted false positives back in 2021...how long will it take for this to be resolved? Is there a workaround? I don't have confidence that my VS installer worked properly because powershell was blocked while it was running some sort of script to get VS working.
-
The fact that you are posting in what is an old topic doesn't mean it wasn't resolved at that time or there wouldn't have been such a long gap without posts.
So as suggested use the link in the first reply to report it (as you have) - You should get a response in a day or two.
-
Well, it is back... in December 2022! what is it? it popup up every 2 mins!
(https://i.imgur.com/wSDHGhN.png)
-
As mentioned in Reply #1 and #4 you could report it as a possible false positive.
Have you submitted it as a possible false positive as r@vast suggested in Reply #1 ?
If it is happening every two minutes, what is powershell.exe attempting to do that might cause the alert by the behaviour shield.
-
Is it really a false positive? or safe? I am worried the file is infected!
-
As an Avast User I can't say that - I don't have access to your system or know why powershell.exe is running.