False positive - powershell.exe

BlackHawk99

I would like to report this issue being what my belief is a false positive. Is anyone aware of it and know when it will be addressed? Thank you! I'm running Windows 11 Pro 24H2

September 25 at 3:32 AMFeature:Advanced Threat DefenseApplication powershell.exe has been detected as potentially malicious and was blocked.Application path: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCommand line parameters: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -ExecutionPolicy Restricted -Command $isBroken = 0 # Define the root registry path $ShellRegRoot = 'HKCU:\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell' $bagMRURoot = $ShellRegRoot + '\BagMRU' $bagRoot = $ShellRegRoot + '\Bags' # Define the target GUID tail for MSGraphHome $HomeFolderGuid = '14001F400E3174F8B7B6DC47BC84B9E6B38F59030000' $properties = Get-ItemProperty -Path $bagMRURoot foreach ($property in $properties.PSObject.Properties) { if ($property.TypeNameOfValue -eq 'System.Byte[]') { $hexString = ($property.Value | ForEach-Object { $_.ToString('X2') }) -join '' if ($hexString -eq $HomeFolderGuid) {

Flexx

https://community.bitdefender.com/en/discussion/105189/false-positive-powershell-exe

Kindly contact Bitdefender support by visiting https://www.bitdefender.com/consumer/support/help/

Select, How to's & Troubleshooting Bitdefender products→Troubleshooting→I don't know→Contact Support→ You will get the option of chat, call or email.

To get an immediate update, kindly use the chat option. Also, ensure that no ad blockers or privacy extensions are enabled in your web browser, as they may prevent the chat window from appearing.

Bitdefender support may request diagnostic logs and will guide you through the process of generating them.

Regards