Open secabstraction opened 6 years ago
I just got this alert from Windows Defender a few minutes ago launching Visual Studio Code.
Trojan:PowerShell/Peasecto.A
The windows defender team released virus definitions with this problem in it. They have now fixed it.
You can remove this warning by updating your virus definitions. https://www.microsoft.com/en-us/wdsi/definitions
This is resolved in definition update 1.261.424.0
PS:> Get-MpComputerStatus | select anti*
AntivirusSignatureLastUpdated : 1/28/2018 8:28:37 PM
AntivirusSignatureVersion : 1.261.424.0
sigh Automatic Updates is still giving me 1.261.421.0 Manual update time :-(
Steps to Reproduce:
Does this issue occur when all extensions are disabled?: No
Disabling PowerShell extension seems to kill the AMSI detection in windows defender. Looks like it might be tied to the PowerShell Integrated Console.
Trojan:PowerShell/Peasecto.A
Affected items: amsi:PowerShell_C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe_10.0.16299.15000000000000000a amsi:PowerShell_C:\windows\System32\WindowsPowerShell\v1.0\powershell.exe_10.0.16299.15000000000000000b