We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Steps to Reproduce:
Does this issue occur when all extensions are disabled?: No
Disabling PowerShell extension seems to kill the AMSI detection in windows defender. Looks like it might be tied to the PowerShell Integrated Console.
Trojan:PowerShell/Peasecto.A
Affected items: amsi:PowerShell_C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe_10.0.16299.15000000000000000a amsi:PowerShell_C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe_10.0.16299.15000000000000000b
The text was updated successfully, but these errors were encountered:
I just got this alert from Windows Defender a few minutes ago launching Visual Studio Code.
Sorry, something went wrong.
The windows defender team released virus definitions with this problem in it. They have now fixed it.
You can remove this warning by updating your virus definitions. https://www.microsoft.com/en-us/wdsi/definitions
This is resolved in definition update 1.261.424.0
PS:> Get-MpComputerStatus | select anti* AntivirusSignatureLastUpdated : 1/28/2018 8:28:37 PM AntivirusSignatureVersion : 1.261.424.0
sigh Automatic Updates is still giving me 1.261.421.0 Manual update time :-(
kieferrm
No branches or pull requests
Steps to Reproduce:
Does this issue occur when all extensions are disabled?: No
Disabling PowerShell extension seems to kill the AMSI detection in windows defender. Looks like it might be tied to the PowerShell Integrated Console.
Trojan:PowerShell/Peasecto.A
Affected items:
amsi:PowerShell_C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe_10.0.16299.15000000000000000a
amsi:PowerShell_C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe_10.0.16299.15000000000000000b
The text was updated successfully, but these errors were encountered: