Protection - Malware/ Firmware/etc.

Protection - Malware/ Firmware/etc.

Bitdefender has started giving me Malicious command line detected

I have a power shell ****** that I wrote and I'm getting the below error
This is something that has only started in the last couple of days so I expect an update has caused this. Normally I can right click on the ****** and run it with no problems. I now have to open powershell and execute it manually.

I have tried to exclude the exception and that has made no difference.
I turned off advanced thread protection and this has not allowed the ****** to still run
I turned off the antivirus and it works.

Malicious command line detected
5 minutes agoFeature:AntivirusThe app C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe was passed a malicious command line and has been blocked. Your device is now safe.

Command line: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "-Command" "if((Get-ExecutionPolicy ) -ne 'AllSigned') { Set-ExecutionPolicy -Scope Process Bypass }; & 'C:\Work\ExTrack\ExTrack-Src-Development-Api\git-fetch.ps1
I have the following exception added and it still doesn't work

Turning off antivirus allows it to work.

Any help on how to exclude this exception would be good

Thanks in advance.

Welcome!

It looks like you're new here. Sign in or register to get started.

Answers

  • Bitdefender has started giving me Malicious command line detected

    Kindly follow the steps below:

    1) Temporarily disable Bitdefender Protection: Site faviconHow do I temporarily disable Bitdefender in Windows?

    2) Set exclusions in Bitdefender Antivirus: Site faviconHow to exclude files and folders from Bitdefender Antivirus scan

    3) Set exclusions in Bitdefender Advanced Threat Defense: https://www.bitdefender.com/consumer/support/answer/2393/

    4) Re-enable real-time protection in Bitdefender.

    If the issue persists, kindly contact Bitdefender support by visiting https://www.bitdefender.com/consumer/support/help

    Select, How to's & Troubleshooting Bitdefender productsTroubleshootingI don't knowContact Support→ You will get the option of chatcall or email.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • I also have recently started receiving this error.

    The app C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe was passed a malicious command line and has been blocked. Your device is now safe.
    Command line: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" "-Command" "if((Get-ExecutionPolicy ) -ne 'AllSigned') { Set-ExecutionPolicy -Scope Process Bypass }; & 'C:\Caddyserver\run.ps1'"
    

    The ****** is simple… All it is doing is running a Caddyserver instance.

    Start-Process -FilePath ./caddy-win.exe -ArgumentList "start" -WindowStyle Hidden
    
    ———

    For me, temporarily turning off the Bitdefender Shield did the trick… Kind of tedious… would be nice if we could make exceptions for the shield or something.

  • QA Manager BD Staff

    We wanted to inform you that support for command line exclusions will be available in a future update. In the meantime, you can temporarily disable the command line scan feature by navigating to the Antivirus - Advanced settings.

    Thank you for your understanding and patience.

  • I have encountered a similar issue to the main post and turning of command line scan did not help. Instead, I added exclusion to the specific ps1 ****** in the Antivirus Advanced features which then allowed the ****** to be invoked in vscode terminal profile.

Welcome!

It looks like you're new here. Sign in or register to get started.

Welcome!

It looks like you're new here. Sign in or register to get started.