Situation
-
mssqlmng.exe,DNSMng.exe,php.exe,pmm-ras.exe,nssm.exeand/orpleskstartup.exeutilities are shown as infected byTrojan:Win32/Detplockon Windows Defender:
It is a false-positive detection by Windows Defender antivirus. This has been registered as a security issue with ID PPPM-11032.
-
The following error message might be shown in Tools & Settings > Database Servers > <MS SQL Server name>:
Error: The test connection to the database server has failed because of network problems:
mssqlmng failed: plesk_exec_with_response("C:Program Files (x86)Pleskadminbinmssqlmng" --check "--server=example.com,1234" "--login=john_doe" "--password=******) failed: Unable to execute plesk_exec_with_response: Unable to start ("C:Program Files (x86)Pleskadminbinmssqlmng" --check "--server=example.com,1234" "--login=john_doe" "--password=*")<br> at Plesk impersonation(PipeServer::ServerThread::simpleRunAs line 687)<br> at (zif_plesk_exec_with_response line 1135) -
Unable to perform a migration, the Pre-Migration checks or migrating a subscription might show one of the following errors:
- Failed to import the remote configuration dump from the target server. Not all settings may be migrated.
Error message: Command execution failed on the local server with non-zero exit code.
command: "C:Program Files (x86)Pleskadminbinpmmcli.exe" --import-file-as-dump
exit code: 1
stdout: <?xml version="1.0" encoding="UTF-8"?>
<response>
<errcode>1001</errcode>
<errmsg>[Error 2] The system cannot find the file specified</errmsg>
</response>Failed to remap database servers for subscription 'example.com'
Migration for that subscription is considered completely failed. No further actions are performed for it.
Migration tools tried to perform operation in 3 attempts: Failed to execute local command '"C:Program Files (x86)Pleskadminbinphp" -dauto_prepend_file="" "C:Program Files (x86)Pleskadminplibcudatabase-registrar.php" --get-credentials localhost:3306 -type mysql': [Error 2] The system cannot find the file specified -
Unable to run CLI commands:
plesk login
'plesk' is not recognized as an external or external command, operable program or batch file.
Impact
Files can be automatically removed/quarantined by antivirus, preventing the normal functionality of Plesk services.
Call to action
Until the issue is resolved, add the directories containing Plesk executable files to exclusions on Windows Defender:
Via Windows UI
-
Connect to the server via RDP
-
In the Start menu, open Settings
-
Go to Update & Security > Windows Defender > Exclusions > Click Add an exclusion > Click Exclude a folder > Add the following Plesk folder paths:
-
%plesk_dir%adminbin -
%plesk_dir%adminbin64 -
%plesk_dir%bin -
%plesk_dir%ctl -
%plesk_dir%PleskWebSocket -
%plesk_dir%PleskStartup
-
Via CMD
-
Connect to the server via RDP
-
Switch to PowerShell running the following command:
powershell
-
Exclude the Plesk folders with the following commands:
PS C:> Add-MpPreference -ExclusionPath “C:Program Files (x86)Pleskadminbin64”
PS C:> Add-MpPreference -ExclusionPath “C:Program Files (x86)Pleskadminbin”
PS C:> Add-MpPreference -ExclusionPath “C:Program Files (x86)Pleskbin”
PS C:> Add-MpPreference -ExclusionPath “C:Program Files (x86)Pleskctl”
PS C:>…
with