See screen shot above. This Virus warning appears when a user attempts to download an .exe from a frequently used Vendor website. This just started a few days ago. As far as I’m aware we don’t have any content filtering / A/V rules on our firewall device and the vendor domain is whitelisted there as … Read more
– Summarize the problem: Windows 10 does not allow visiting my local LAN IPs (192.168.1.0/24), and some domains (that are defined in my hosts file). Error shows in all browsers (e.g. form chrome: Firewall or antivirus software may have blocked the connection.) – what you’ve tried: I tried to check if chrome is allowed by … Read more
Initially windows defender was disabled for some reason in Windows server 2016. I enabled it from gpedit.msc by disabling “Turn off windows defender”. When opening Windows defender, it shows real-time protection “disabled”. I went to settings and enabled realtime protection but still defender shows it is disabled. Please see http://i.is.cc/tmZNGl.png I followed the suggestions in … Read more
Windows Defender would not detect in real time a new Malware hidden in a .zip file. If I scan the .zip file after it was downloaded from the website it does detect it and deletes it. Zip file is not protected and it has a simple .exe inside; there are no exemptions an no other … Read more
Server 2019 1809 17763.914 running Remote Desktop Services and all updates are applied. On reboot, the Windows Defender Firewall is stopped (even though it is set to automatically start) and when I manually start the service (via any command line, windows services, server manager, defender gui etc.) it BSOD with the error of “Critical Processes … Read more
I looked at this article: https://www.windowscentral.com/how-exclude-files-and-folders-windows-defender-antivirus-scans, but my Windows 2019 Datacenter server server doesn’t look anything like there screen shot. On my system it looks like this, and all the settings seem to related to firewall as opposed to the anti-virus malware scanner. I’m writing out some rolling log files from an application, and I’m … Read more
Was anyone able to install MDATP on a Linux Docker image? We tried CentOS, Debian, and Ubuntu and all have the same issue. I installed MDATP successful when the Linux box is a full host but not in Docker. I am following these instructions: https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually I preceded the installation with: apt-get -y install curl libplist-utils … Read more
I see many terminologies when it comes to Windows Defender. For example, this document has references to Microsoft Defender Antivirus and also Microsoft Defender for Endpoint. Also, I read a few places about Microsoft Defender Advanced Thread Protection. All of this left me confused. I know that my Windows 10 computer comes with Defender pre-installed. … Read more
Given Azure Cloud Services (Classic, not Extended Support) using Family 6 (Windows 2019). Windows Defender is enabled and scanning files. How can the logs and scan results be surfaced to the Azure Portal, ideally Security Centre / Monitor. “The Microsoft Antimalware Client and Service is installed by default in a disabled state in all supported … Read more
I have prepared Azure environment, VMs:winsrv2019, winsrv2012. Both VMs are deployed in the isolated azure subnet (only traffic to security tools and to proxy server is allowed). In second subnet I deployed Ubuntu 16 proxy squid server, I configured squid, used user and password for authentication, traffic to Windows Defender Security Center web platform is … Read more
