Bitdefender has started giving me Malicious command line detected
I have a power shell ****** that I wrote and I'm getting the below error
This is something that has only started in the last couple of days so I expect an update has caused this. Normally I can right click on the ****** and run it with no problems. I now have to open powershell and execute it manually.
I have tried to exclude the exception and that has made no difference.
I turned off advanced thread protection and this has not allowed the ****** to still run
I turned off the antivirus and it works.
Malicious command line detected
5 minutes agoFeature:AntivirusThe app C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe was passed a malicious command line and has been blocked. Your device is now safe.
Command line: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "-Command" "if((Get-ExecutionPolicy ) -ne 'AllSigned') { Set-ExecutionPolicy -Scope Process Bypass }; & 'C:\Work\ExTrack\ExTrack-Src-Development-Api\git-fetch.ps1
I have the following exception added and it still doesn't work
Turning off antivirus allows it to work.
Any help on how to exclude this exception would be good
Thanks in advance.
Answers
-
Kindly follow the steps below:
1) Temporarily disable Bitdefender Protection:
2) Set exclusions in Bitdefender Antivirus:
3) Set exclusions in Bitdefender Advanced Threat Defense:
4) Re-enable real-time protection in Bitdefender.
If the issue persists, kindly contact Bitdefender support by visiting
Select, How to's & Troubleshooting Bitdefender products→Troubleshooting→I don't know→Contact Support→ You will get the option of chat, call or email.
Regards
Life happens, Coffee helps!
Show your Attitude, when you reach that Altitude!
Bitdefender Ultimate Security Plus (user)
0 -
I also have recently started receiving this error.
The app C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe was passed a malicious command line and has been blocked. Your device is now safe. Command line: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "-Command" "if((Get-ExecutionPolicy ) -ne 'AllSigned') { Set-ExecutionPolicy -Scope Process Bypass }; & 'C:\Caddyserver\run.ps1'"The ****** is simple… All it is doing is running a Caddyserver instance.
Start-Process -FilePath ./caddy-win.exe -ArgumentList "start" -WindowStyle Hidden
———For me, temporarily turning off the Bitdefender Shield did the trick… Kind of tedious… would be nice if we could make exceptions for the shield or something.
0 -
We wanted to inform you that support for command line exclusions will be available in a future update. In the meantime, you can temporarily disable the command line scan feature by navigating to the Antivirus - Advanced settings.
Thank you for your understanding and patience.
2 -
I have encountered a similar issue to the main post and turning of command line scan did not help. Instead, I added exclusion to the specific ps1 ****** in the Antivirus Advanced features which then allowed the ****** to be invoked in vscode terminal profile.
0
