Questions tagged [windows-defender]
39 questions
6
votes
1 answer
Managing Windows Defender in small business domain (is a nightmare)
I've spent a few months rolling out Group Policy for Windows Defender on a small business domain (about 25 workstations), and gathering the results with Event Viewer. (We are not running SCCM)
I have it set to run a quick scan everyday, and a full…
corporate_IT_drone
- 61
- 4
2
votes
2 answers
Defender ATP public IP addresses
Does anybody know the IP addresses Microsoft uses for their Defender ATP Service?
I can find the associated domain names but not a reliable source of the IP addresses being used.
TobyU
- 191
- 2
- 8
1
vote
0 answers
Windows Firewall - Protected network connections?
In Windows Defender Firewall, under Advanced Settings, there is a "Protected network connections" setting for each profile (Domain, Public, Private). An image of this setting:
Protected network connections
My goal is to block all connections on…
Rudolfking
- 11
1
vote
2 answers
Is it safe to delete Windows Defender Scans History Files?
OS: Windows 10 Pro (used as production server to host websites, and mail functions.)
I've noticed that de-fragmenting my hard drive (using MyDefrag v4.3.1) it's taking for ever to work itself through this C:\ProgramData\Microsoft\Windows…
MeSo2
- 294
1
vote
0 answers
PowerShell - Failure to load built-in modules due to software restrictions
Yesterday, I was working with PowerShellEditorServices to develop a tool. Internally, it uses named pipes to communicate between the client and server. They are both running locally.
At some point, the server named pipe stopped responding. Then I…
Adam Driscoll
- 131
1
vote
1 answer
Clear Windows Defender History in in Windows 11 22H2 22621.2215 and later is not possible
I want to delete the Windows Defender History in Windows 11 22H2 22621.2215. In particular, accessing the folder C:\ProgramData\Microsoft\Windows Defender\Scans is not possible. It seems that Microsoft has specially secured access to this folder.…
Michael.H
- 11
- 4
1
vote
0 answers
Windows Defender suddenly using all CPU -- Windows Server 2019
I have a Windows Server 2019 virtual machine hosted on Azure. For the last two or three days, web applications hosted there have been very slow.
Yesterday I started digging into it, and found that Windows Defender (MsMpEng.exe, and MsSense.exe to a…
1
vote
0 answers
Windows Defender won't install on Server 2016
I'm trying to install Windows Defender on one of our WIN Server 2016s but am getting a failure message with error code 0x800f0831. I tried the install through Server Manager > Add Roles and Feature.
Defender was removed from this server several…
72909903
- 39
1
vote
0 answers
Onboarding Server 2016 to Defender ATP Package Fails to Install
I am having issues onboarding multiple Windows Server 2016 to Defender ATP.
The initial installation of the Onboarding Package fails and rolls back.
The server I am focusing on currently is fully updated and has Windows Defender Antivirus installed…
Riguez
- 123
1
vote
0 answers
How to set alerts for an installed application not in exception list?
We are often getting incidents from Microsoft Defender about malicious activity detected on user devices, For example, lately we had an incident that said there was a defense evasion, however, at the crux of the issue is that the user simply had…
Cataster
- 117
1
vote
0 answers
Why isnt the remediation improving the exposure score in Microsoft defender?
I am trying to improve our exposure score on Microsoft Defender and noted that "Block persistence through WMI event subscription" has a remediation which Ive already applied since almost a month now.
Remediation:
Ensure that Microsoft Defender…
Cataster
- 117
1
vote
1 answer
Using Set-MpPreference to schedule Windows full and quick scans doesn't work
On a Windows 10 machine, I have been trying to set the time of virus scans using the following PowerShell commands.
Set-MpPreference -ScanParameters FullScan
Set-MpPreference -ScanScheduleDay Monday
Set-MpPreference -ScanScheduleTime (Get-Date…
Philip
- 73
1
vote
0 answers
MMC crash during remote firewall management
Using MMC, I'm attempting to remotely manage the Windows Defender Firewall on our Hyper-V Server 2019 instance (no GUI, CLI only). The NetBIOS name is SERVER1.
The Windows Defender Firewall Remote Management rules are enabled:
Name …
InteXX
- 795
0
votes
0 answers
BSOD Critical_Process_Died after enabling Windows Defender Firewall
Server 2019 1809 17763.914 running Remote Desktop Services and all updates are applied.
On reboot, the Windows Defender Firewall is stopped (even though it is set to automatically start) and when I manually start the service (via any command line,…
0
votes
0 answers
How to make Windows Defener trust my applications at company level
In my company, I made some Windows form applications for internal use.
They're some client-server applications, client is C# windows form (.NET4.6), server is ASP.NET REST API, publish using ClickOnce.
Everytime user start application, Windows…
Luke
- 113