Questions tagged [windows-defender]
23 questions
6
votes
1 answer
Managing Windows Defender in small business domain (is a nightmare)
I've spent a few months rolling out Group Policy for Windows Defender on a small business domain (about 25 workstations), and gathering the results with Event Viewer. (We are not running SCCM)
I have it set to run a quick scan everyday, and a full…
![](../../users/profiles/518297.webp)
corporate_IT_drone
- 61
- 4
2
votes
2 answers
Defender ATP public IP addresses
Does anybody know the IP addresses Microsoft uses for their Defender ATP Service?
I can find the associated domain names but not a reliable source of the IP addresses being used.
![](../../users/profiles/491162.webp)
TobyU
- 191
- 2
- 8
1
vote
0 answers
Windows Firewall - Protected network connections?
In Windows Defender Firewall, under Advanced Settings, there is a "Protected network connections" setting for each profile (Domain, Public, Private). An image of this setting:
Protected network connections
My goal is to block all connections on…
![](../../users/profiles/532913.webp)
Rudolfking
- 11
- 1
1
vote
2 answers
Is it safe to delete Windows Defender Scans History Files?
OS: Windows 10 Pro (used as production server to host websites, and mail functions.)
I've noticed that de-fragmenting my hard drive (using MyDefrag v4.3.1) it's taking for ever to work itself through this C:\ProgramData\Microsoft\Windows…
![](../../users/profiles/408254.webp)
MeSo2
- 204
- 3
- 15
1
vote
0 answers
How to set alerts for an installed application not in exception list?
We are often getting incidents from Microsoft Defender about malicious activity detected on user devices, For example, lately we had an incident that said there was a defense evasion, however, at the crux of the issue is that the user simply had…
![](../../users/profiles/804745.webp)
Cataster
- 121
- 2
1
vote
0 answers
Why isnt the remediation improving the exposure score in Microsoft defender?
I am trying to improve our exposure score on Microsoft Defender and noted that "Block persistence through WMI event subscription" has a remediation which Ive already applied since almost a month now.
Remediation:
Ensure that Microsoft Defender…
![](../../users/profiles/804745.webp)
Cataster
- 121
- 2
1
vote
0 answers
MMC crash during remote firewall management
Using MMC, I'm attempting to remotely manage the Windows Defender Firewall on our Hyper-V Server 2019 instance (no GUI, CLI only). The NetBIOS name is SERVER1.
The Windows Defender Firewall Remote Management rules are enabled:
Name …
![](../../users/profiles/218519.webp)
InteXX
- 713
- 13
- 31
0
votes
0 answers
BSOD Critical_Process_Died after enabling Windows Defender Firewall
Server 2019 1809 17763.914 running Remote Desktop Services and all updates are applied.
On reboot, the Windows Defender Firewall is stopped (even though it is set to automatically start) and when I manually start the service (via any command line,…
![](../../users/profiles/548163.webp)
SkywalkerIsNull
- 1
- 2
0
votes
0 answers
How to make Windows Defener trust my applications at company level
In my company, I made some Windows form applications for internal use.
They're some client-server applications, client is C# windows form (.NET4.6), server is ASP.NET REST API, publish using ClickOnce.
Everytime user start application, Windows…
![](../../users/profiles/89878.webp)
Luke
- 101
- 1
- 9
0
votes
1 answer
Windows defender real-time protection "disabled"
Initially windows defender was disabled for some reason in Windows server 2016. I enabled it from gpedit.msc by disabling "Turn off windows defender".
When opening Windows defender, it shows real-time protection "disabled". I went to settings and…
![](../../users/profiles/252797.webp)
Bose
- 1
- 2
0
votes
0 answers
Windows Defender Real Time Scan
Windows Defender would not detect in real time a new Malware hidden in a .zip file.
If I scan the .zip file after it was downloaded from the website it does detect it and deletes it.
Zip file is not protected and it has a simple .exe inside; there…
![](../../users/profiles/487175.webp)
KCJ
- 1
- 1
- 3
0
votes
1 answer
Windows defender ransomware protection and SQL Server
Our small company has organized several levels of virus protection for Windows servers, but there are always fears that this is not enough.
Is it correct to configure Windows Defender Ransomware Proteсtion to directories with data and transaction…
![](../../users/profiles/984081.webp)
Aries
- 101
- 1
0
votes
0 answers
Windows Defender 2019 - Configuring
I've been tasked with getting Windows Defender configured to get it's updates via MECM. Some context, we have around 40 servers in our Azure tenant running Windows Server 2019, Defender is enabled, and it's currently getting its definition updates…
![](../../users/profiles/966691.webp)
CLP
- 1
0
votes
1 answer
Using Set-MpPreference to schedule Windows full and quick scans doesn't work
On a Windows 10 machine, I have been trying to set the time of virus scans using the following PowerShell commands.
Set-MpPreference -ScanParameters FullScan
Set-MpPreference -ScanScheduleDay Monday
Set-MpPreference -ScanScheduleTime (Get-Date…
![](../../users/profiles/603692.webp)
Philip
- 63
- 4
0
votes
0 answers
Windows Defender for Antivirus - Customize Text Notification
Config Manager and client alerts
We like to change the wording in the notifications for Windows Defender for Antivirus.
Not sure this is possible.
First area - Client, Change the wording on the local machine pop-up notification for Virus & Threat…
![](../../users/profiles/132592.webp)
CWL
- 107
- 2
- 12