Microsoft Defender Exclusion Guide

Applies to: Agent version10.0.47390.40

As part of the Microsoft Security suite on Windows operating systems, Windows Defender (Virus & threat protection) may detect a Vision Agent and quarantine files as a "threat." If Microsoft Security Virus & threat protection is active, you can prevent interference with downloading and installing the Agent by following these instructions. We recommend installing on a test machine before deploying to the network.

NOTE: We cannot guarantee our instructions are compatible with your updated program. Always check the Help for an antivirus program if you have questions. Be sure to re-enable any firewalls or scanning that you disable during installation once the agent is successfully installed.

 

  1. Unblock the installer file.
    Before delivering the VisionInstaller.exe or .msi file to an endpoint device, right-click on the file and select Properties. Check Unblock (if the checkbox appears) at the bottom of the General panel. You can use the same "unblocked" file at each Windows endpoint.
    Unblock the Installer File
  2. Log in as Administrator and open Windows Security.
    Your organization may control who can change these settings.
    Select Virus & threat protection from the left menu, and click on Manage settings under "Virus & threat protection settings." 
    Manage Virus and threat protection settings

NOTE: Test a remote install, if you plan to use it. You may need to temporarily disable the Microsoft Firewalls in order to deploy the Agent over a network. 

  1. Select Add or remove exclusions.
    Add Exclusions
  2. Start by excluding processes.
    Open the Add an exclusion menu and select Process. Windows Security allows you to enter process names that do not yet exist on the system.
    Exclusions choices
    Enter the Vision processes one at a time.
    Add a Process
    Processes to enter are:

admin.exe

mrstch.exe

mxcrsc32.exe

spsetup.exe

spsetup64.exe

VisionInstaller.exe 

or VisionInstaller.msi

Process Exclusions

  1. Create the agent folders. 
    Windows Security allows you to exclude folders only by selecting ones that exist Because the folders you need to exclude don't exist yet, create them in Windows (requires elevated permissions.)  Creating these folders does not affect the installation:

C:\Windows\winipbin

C:\Windows\winipbin-install
Create folders in Windows

  1. Return to Windows Security and exclude these folders.
    Select Add an exclusion again, this time selecting Folder from the dropdown.
    Browse to and select one folder, and then browse to and select the next. Your exclusions are now complete.
    Full Exclusions
  2. Download and run the VisionInstaller file.
    If the installer file is unblocked and the process is excluded, there should be no interference. Double-click the file to run the installation. After a few seconds, the device restarts. You can check the (now hidden) winipbin folder by accessing \\localhost\C$\Windows.
  3. The device should appear in Admin > Endpoint Agents.
     The agent immediately attempts to contact the server. When an end user logs in, move them to a licensed Group to begin capturing activity.

If you experience additional difficulty with Windows Security / Microsoft Defender, contact Support

Updated: 07/25/2024