search cancel

Powershell.exe is being detected as ISB.Heuristics!gen81

book

Article ID: 257661

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Symantec Endpoint Protection detects Powershell.exe as  ISB.Heuristics!gen81.

The Symantec Endpoint Protection Detection Results show Action as "Process Terminated"





These detection occur on the daily.



Cause

Currently being investigated. If the issue persists after resolution contact Technical Support.

Resolution

Install clients with the latest definitions version of January 09, 2023 rev: 23 or greater.

Confirm if SentinelOne is installed on the device, if so remove SentineOne agent form the de
vice and upload the rev 23 or greater definitions.

Attachments