Defender plugin gets caught and blocked as a Virus
Posted: Wed Mar 02, 2022 8:48 pm
We are Safe to Use and are not infected, our DLL's are codesigned by us.
Yeap, folks our own plugin seems to be triggering Windows Defender causing both Automate and Windows Defender to reject the DLL file.
I can assure you that there is no executing code within the plugins code base. We do use Automate scripting to run several PowerShell scripts we have to collect and alert on viruses but nothing that creates or executes any other application or process in your PC. This plugin is completely safe!
We believe that since the plugin is written for Defender and with all the different Defender and virus references made inside the plugin that Defender believes we maybe a threat to Defender.
So What to do...
Create a folder on your drive somewhere and go into Defender AV security settings to the exclude feature and exclude the directory you created. Now download zip to that directory. Unzip in that directory and then with a freshly logged in Control Center Console (no install attempts during this login) try to install DLL from that excluded directory.
It should allow the install or upgrade as normal. Once installed restart the DBagent on Automate host and relaunch the control center console to load the new changes.
If you are using the new Windows 11 then it has issues over writing old plugins with new ones. If your on Windows 11 then launch the console in Run as Administrator after installs to allow console to update the DLL files in consoles plugin folder.
Yeap, folks our own plugin seems to be triggering Windows Defender causing both Automate and Windows Defender to reject the DLL file.
I can assure you that there is no executing code within the plugins code base. We do use Automate scripting to run several PowerShell scripts we have to collect and alert on viruses but nothing that creates or executes any other application or process in your PC. This plugin is completely safe!
We believe that since the plugin is written for Defender and with all the different Defender and virus references made inside the plugin that Defender believes we maybe a threat to Defender.
So What to do...
Create a folder on your drive somewhere and go into Defender AV security settings to the exclude feature and exclude the directory you created. Now download zip to that directory. Unzip in that directory and then with a freshly logged in Control Center Console (no install attempts during this login) try to install DLL from that excluded directory.
It should allow the install or upgrade as normal. Once installed restart the DBagent on Automate host and relaunch the control center console to load the new changes.
If you are using the new Windows 11 then it has issues over writing old plugins with new ones. If your on Windows 11 then launch the console in Run as Administrator after installs to allow console to update the DLL files in consoles plugin folder.