How Do I Properly Prevent Windows Installer Custom Actions from Windows Defender Detection?

Matt W 0 Reputation points
2023-09-29T14:27:35.57+00:00

Hi all,

I have a Windows Installer .msi generated by InstallShield and recently some customers have reported some items (Custom Actions) being flagged by Windows Defender.

  • SomeCustomAction.exe
  • AnotherCustomAction.dll
  • MSICEA7.tmp
  • MSI9ACD.tmp
  • MSIDC01.tmp

Would signing these utilities help to prevent being detected as potentially problematic?

The MSI*.tmp are also extracted actions and I guess I have to use some Windows Installer logging to hunt those down. My hope is that if digitally signing the install utilities might help, I may not have to worry about hunting those down by signing all utilities.

Any help in cleaning up the install/Defender experience, if possible, would be greatly appreciated!

Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,780 questions
Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
8,436 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Reza-Ameri 16,836 Reputation points
    2023-10-01T15:34:17.4666667+00:00

    You may have a look at:

    https://www.microsoft.com/en-us/wdsi/filesubmission

    Select option Software developer and follow steps there and you might need to submit sample of your file.

    0 comments No comments