TDR does not like Zoho Assist and keeps containing computers
Has anyone else been experiencing issues with TDR and Zoho Assist unatteneded agent?
I have a client who has had two computers so far get contained because TDR flags Zoho Assist executables as threats. This problem started last July. One of the computers was a rarely-user training computer, so it being offline for months was not unusual. I repurposed it a month ago, and it would not connect, and that is when I found the Zoho Assist problem and added all of the exclusions below the one that happened today as noted below. The latest one was today and it was:
C:\Program Files (x86)\ZohoMeeting\UnAttended\ZohoMeeting\agent.exe
I already had the following in the exception list and I just added the one above to the list. I am tempted to just allow the whole "C:\Program Files (x86)\ZohoMeeting\UnAttended\ZohoMeeting" folder and subfolders to stop this false positive, but that's not the best solution.
C:\Program Files (x86)\ZohoMeeting\UnAttended\ZohoMeeting\Temp\ZA_Delta\agent_ui.exe
C:\Program Files (x86)\ZohoMeeting\UnAttended\ZohoMeeting\agent_ui.exe
C:\Program Files (x86)\ZohoMeeting\UnAttended\ZohoMeeting\ZMAgent.exe
C:\Program Files (x86)\ZohoMeeting\UnAttended\ZohoMeeting\ZohoURS.exe
C:\Program Files (x86)\ZohoMeeting\UnAttended\ZohoMeeting\ZohoURSService.exe
What is really strange is that there are three computers that have Zoho Assist on them, but only two that ever get contained.