Getting the following all day today across all my clients. Anyone else getting this?

Threat Description: IDP.HELU.PSE46%s_cmd
Threat Severity: Infection
Threat Shield: Behavior Shield
Object Name: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Virus Action: Fix automatically - means try to Repair, if it fails, try to Move to Chest, and if even that fails, delete

I have several clients with this happening.

This may be a false positive. Hopefully AVAST will address it.

We also have a number of the exact same false positives on several customers. I was wondering if it’s linked to Atera RMM which we use, as it seems to be only affect customers we have set up on that system.

So far I don’t have this issue with any of our machines. What AV client version and virus DB versions are installed? Has there been a recent release update?