Antivirus blocking bot execution, or there's a real virus?

Whenever I try to run a bot on a Production machine, the antivirus installed there blocks the execution. It says there’s a malware, however I doubt that. How to find out whether there’s really a malware or it is just the execution which is getting blocked by the antivirus?

Hi @rajatjoshi

It is common for antivirus software to flag automation scripts and bots as potentially harmful due to their behavior. This is often a false positive, as automation tools like UiPath work by interacting with other software on your system, which can be mistaken for malicious activity.

Hope this helps,
Best Regards.

Thanks for the response, @arjunshenoy
Is there any way to prove that this issue has been caused by UiPath and not by an actual virus. This is a client’s machine and we need conclusive evidence before deciding to add a bypass rule in the antivirus.


These are some steps you can use to derive a conclusion:

→ Run a thorough virus scan on the client’s machine to ensure that there are no viruses or malware present. This report will help your client understand that it’s no any malware inference.

→ Upon running a full scale scan, check the logs to see if there is any information on UiPath scripts being blocked by the antivirus software. This may provide some clues as to whether the issue is caused by a virus or by UiPath.

→ Test UiPath on a clean machine that does not have any antivirus software installed. This will help comprehend the discussion with your client.

Hope this helps,
Best Regards.

Use the Process Monitor (procmon) for the application that it is interacting with UiPath.

  1. Download the tool from here

  2. Open Task Manager → find the process in the Details and check its platform version

  1. Open the correct Procmon64.exe file as Administrator

  1. Process Monitor Filter → Path → contains UiPath include → Add → Apply → OK

  1. Save the PML file

  1. Tools → Count Occurrences…

  1. Double-click on the process name to display the paths that are used by the process