Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [windows-defender]

23 questions
6
votes
1 answer

Managing Windows Defender in small business domain (is a nightmare)

I've spent a few months rolling out Group Policy for Windows Defender on a small business domain (about 25 workstations), and gathering the results with Event Viewer. (We are not running SCCM) I have it set to run a quick scan everyday, and a full…
corporate_IT_drone
  • 61
  • 4
2
votes
2 answers

Defender ATP public IP addresses

Does anybody know the IP addresses Microsoft uses for their Defender ATP Service? I can find the associated domain names but not a reliable source of the IP addresses being used.
TobyU
  • 191
  • 2
  • 8
1
vote
0 answers

Windows Firewall - Protected network connections?

In Windows Defender Firewall, under Advanced Settings, there is a "Protected network connections" setting for each profile (Domain, Public, Private). An image of this setting: Protected network connections My goal is to block all connections on…
Rudolfking
  • 11
  • 1
1
vote
2 answers

Is it safe to delete Windows Defender Scans History Files?

OS: Windows 10 Pro (used as production server to host websites, and mail functions.) I've noticed that de-fragmenting my hard drive (using MyDefrag v4.3.1) it's taking for ever to work itself through this C:\ProgramData\Microsoft\Windows…
MeSo2
  • 204
  • 3
  • 15
1
vote
0 answers

How to set alerts for an installed application not in exception list?

We are often getting incidents from Microsoft Defender about malicious activity detected on user devices, For example, lately we had an incident that said there was a defense evasion, however, at the crux of the issue is that the user simply had…
Cataster
  • 121
  • 2
1
vote
0 answers

Why isnt the remediation improving the exposure score in Microsoft defender?

I am trying to improve our exposure score on Microsoft Defender and noted that "Block persistence through WMI event subscription" has a remediation which Ive already applied since almost a month now. Remediation: Ensure that Microsoft Defender…
Cataster
  • 121
  • 2
1
vote
0 answers

MMC crash during remote firewall management

Using MMC, I'm attempting to remotely manage the Windows Defender Firewall on our Hyper-V Server 2019 instance (no GUI, CLI only). The NetBIOS name is SERVER1. The Windows Defender Firewall Remote Management rules are enabled: Name …
InteXX
  • 713
  • 13
  • 31
0
votes
0 answers

BSOD Critical_Process_Died after enabling Windows Defender Firewall

Server 2019 1809 17763.914 running Remote Desktop Services and all updates are applied. On reboot, the Windows Defender Firewall is stopped (even though it is set to automatically start) and when I manually start the service (via any command line,…
SkywalkerIsNull
  • 1
  • 2
0
votes
0 answers

How to make Windows Defener trust my applications at company level

In my company, I made some Windows form applications for internal use. They're some client-server applications, client is C# windows form (.NET4.6), server is ASP.NET REST API, publish using ClickOnce. Everytime user start application, Windows…
Luke
  • 101
  • 1
  • 9
0
votes
1 answer

Windows defender real-time protection "disabled"

Initially windows defender was disabled for some reason in Windows server 2016. I enabled it from gpedit.msc by disabling "Turn off windows defender". When opening Windows defender, it shows real-time protection "disabled". I went to settings and…
Bose
  • 1
  • 2
0
votes
0 answers

Windows Defender Real Time Scan

Windows Defender would not detect in real time a new Malware hidden in a .zip file. If I scan the .zip file after it was downloaded from the website it does detect it and deletes it. Zip file is not protected and it has a simple .exe inside; there…
KCJ
  • 1
  • 1
  • 3
0
votes
1 answer

Windows defender ransomware protection and SQL Server

Our small company has organized several levels of virus protection for Windows servers, but there are always fears that this is not enough. Is it correct to configure Windows Defender Ransomware Proteсtion to directories with data and transaction…
Aries
  • 101
  • 1
0
votes
0 answers

Windows Defender 2019 - Configuring

I've been tasked with getting Windows Defender configured to get it's updates via MECM. Some context, we have around 40 servers in our Azure tenant running Windows Server 2019, Defender is enabled, and it's currently getting its definition updates…
CLP
  • 1
0
votes
1 answer

Using Set-MpPreference to schedule Windows full and quick scans doesn't work

On a Windows 10 machine, I have been trying to set the time of virus scans using the following PowerShell commands. Set-MpPreference -ScanParameters FullScan Set-MpPreference -ScanScheduleDay Monday Set-MpPreference -ScanScheduleTime (Get-Date…
Philip
  • 63
  • 4
0
votes
0 answers

Windows Defender for Antivirus - Customize Text Notification

Config Manager and client alerts We like to change the wording in the notifications for Windows Defender for Antivirus. Not sure this is possible. First area - Client, Change the wording on the local machine pop-up notification for Virus & Threat…
CWL
  • 107
  • 2
  • 12
1
2