Questions tagged [windows-defender]

Use with Windows Security which was formally called Windows Defender Security Center

Filter by
Sorted by
Tagged with
29votes
5answers
67kviews

How to permanently disable Windows Defender Real Time Protection with GPO? [closed]

I like to disable Windows Defender Real Time Protection via GPO on Windows 10 Pro. When I configure GPO, Real-Time Protection is shown as off. However after a reboot the Protection is magically ...
user avatar
  • 612
21votes
6answers
32kviews

Windows Defender - Add exclusion folder programmatically

I was checking out different keyloggers for research purposes and stumbled upon Refog: https://www.refog.com/keylogger/ This program could catch a lot of system events, but what really caught my ...
user avatar
  • 48k
20votes
3answers
11kviews

Windows Defender Antivirus scan from C# [AccessViolation exception]

We are writing a code to do on-demand scan of a file from C# using Windows Defender APIs. [DllImport(@"C:\Program Files\Windows Defender\MpClient.dll")] public static extern int ...
user avatar
  • 1,122
19votes
2answers
10kviews

Android Development which folders to exclude for windows defender?

I excluded the follwing folders in windows defender, but the "Antimalware Service executable" is still using a lot of cpu. C:\Program Files\Android\Android Studio C:\Users\ME\.android C:\Users\ME\...
user avatar
12votes
1answer
3kviews

Windows Defender Antivirus API

Reading the documentation of the windows defender API, for example in MpManagerOpen Function: https://msdn.microsoft.com/en-us/library/windows/desktop/dn920115(v=vs.85).aspx I see that the required ...
user avatar
10votes
4answers
6kviews

Windows Defender Real Time Protection Service slowing down Visual Studio etc

Since past two months or so I have been observing a strange phenomenon with the Real Time Protection Service that comes bundled in as a part of Windows Defender on Windows 10. When this service is ...
user avatar
  • 3,264
10votes
1answer
1kviews

Windows Defender slowing down Electron startup

Context I have setup a trivial Electron app which shows a plain html file and it consistently takes more than two seconds to start up. The key performance measurements are: 170 ms: a blank window ...
user avatar
  • 4,951
8votes
2answers
284views

How to implement IAmsiStream to support running a malware scan on windows on a stream

When implementing an IAmsiStream to perform a scan with Windows Defender, on files larger than ~20MBs it fails with Value does not fall within the expected range.. What is missing from this ...
user avatar
  • 2,827
7votes
2answers
12kviews

Pyinstaller .exe throws Windows Defender [no publisher]

I developed a Python code and I converted it to an .exe with pyinstaller but the problem is that there is no publisher so each time a computer runs my program, Windows Defender throws an alert that ...
user avatar
7votes
4answers
10kviews

Antivirus False positive in my VBA Excel Macro

I just ran into an even more annoying problem. Suddenly windows defender started to flag one of my excel files containing VBA macro code(on download from a browser) as being a virus. The specific ...
user avatar
  • 2,414
7votes
0answers
532views

Bypass restrictions of enabled Folder Access Control of Windows Defender

I've got an application written with C# which is installed via InnoSetup. With enabled Controlled Folder Access of Windows 10's Defender, the setup fails to create a desktop icon (showing the message ...
user avatar
  • 341
5votes
6answers
5kviews

create-react-app RangeError: Maximum call stack size exceededat Object.mkdirSync

Today I tried to create new react app using (create-react-app app-name) in CMD and this error appeared : PS C:\Users\ahmed\Desktop\My File\New Folder\New Folder JS\New Folder> create-react-app ...
user avatar
  • 160
5votes
1answer
23kviews

Powershell Set-MpPreference -DisableRealtimeMonitoring $true not working correctly

I must warn you I don't use powershell much. I am trying to turn off windows defender real time protection via powershell I found the command Set-MpPreference -DisableRealtimeMonitoring $true and ...
user avatar
5votes
0answers
3kviews

Determine why a program is blocked by Windows Defender SmartScreen

I have installed the Komodo IDE and now I like to activate my license by running file Komodo-IDE-8-Windows-SC92********.exe but it is blocked by my Windows Defender: Windows protected your PC Windows ...
user avatar
4votes
0answers
197views

Code signing EV certificate only helps with SmartScreen, does nothing for Windows Defender

Our organization recently obtained an EV code signing certificate. It did give us instant SmartScreen trust, but 2 things still happen: A minor annoyance was Chrome that issued a warning file.exe is ...
user avatar
  • 725
3votes
3answers
124views

How to redirect connections by an exe file to a specific external ip address

I have an exe program that connects randomly to one of the 4 addresses 188.39.21.82...83...84...85 out of which only 82 works Currently I blocked the remaining addresses using Windows 10 Firewall ...
user avatar
  • 4,889
3votes
3answers
5kviews

Why is Windows Defender scanning my code?

I am compiling C++ code using Visual Studio 2019. The code ranges from simple projects to learn C++ features to game dev. But no matter the scope of the projects I get this message: Security Scan ...
user avatar
3votes
1answer
968views

Gradle downloads triggers Windows Defender - how can I exclude files downloaded in Temp folder

When I use Gradle, Windows Defender keeps popping up and want to send the files to their server. The download file has this pattern: %USERPROFILE%\AppData\Local\Temp\...
user avatar
  • 9,027
3votes
2answers
493views

Detect when Controlled Folder Access is active

On Win10, the "anti-ransomware" feature Controlled Folder Access impedes accessing non-whitelisted softwares to certain folders. Is there a way (API) to know if that feature is in place when you get ...
user avatar
  • 5,271
3votes
1answer
321views

(How) Can I run Windows Defender in a docker container? Getting errors

I'm experimenting with some options for an endpoint pen-testing lab for a Windows environment, and Docker seems like a pretty light-weight and easily configurable option. However, upon testing Windows ...
user avatar
  • 439
3votes
5answers
4kviews

FIleSystemWatcher IOException

I have a Windows Service that monitors a folder for new files and runs a process. However, the service crashes every time I drop files into the monitored folder. Here is the Exception I am receiving:...
user avatar
  • 1,220
3votes
1answer
4kviews

How to make a code signed certificate for an exe program?

I am in a very tricky situation and I will attempt to explain it as well as I can. I will write my problem in concise numbered steps and at the end, I will boil this down to one or a few clear ...
user avatar
3votes
1answer
148views

Why is Windows Defender delaying the start of our piece of software?

I'm trying to help the SuperCollider community to try and understand how we can prevent Windows Defender from delaying the execution of one of the executable, on a up-to-date Windows 10. The original ...
user avatar
  • 565
3votes
2answers
2kviews

Read timeout connecting to server on Docker container

I'm trying to connect to a DB/2 container (image: ibmcom/db2) but it gives me a read timeout error. The host OS is Windows 10. I can see the port (50000) in the Windows PowerShell prompt, but it gives ...
user avatar
  • 553
3votes
0answers
380views

Windows Defender constantly blocks PowerShell Import-Module

I have had the below error when trying to load PowerShell modules (my own, personally written) for sometime. I used to be able to completely get rid of it by adding Windows Defender exclusions, but ...
user avatar
  • 2,066
3votes
0answers
758views

Compiling with MinGW gcc Makes windows defender suspect of virus [duplicate]

This never happened to me before, but today I compiled a program with MinGW gcc and windows defender thought that the executable was a torjan, more specifically Win32/Fuerboos.C!cl https://www....
user avatar
3votes
0answers
3kviews

Why does Windows Defender detect compiled C executables as viruses?

I'm using Visual Studio 2019 (Community Edition). I've never had an issue when compiling C++ code. I simply get the final executable and I'm able to run it without a problem. Recently I've decided to ...
user avatar
  • 83
3votes
2answers
6kviews

Windows Defender detecting Python EXE as Trojan

I made a Python script that mails a Windows directory as zip to me. I added a scheduler using sched module that repeats this every hour. I was attempting to make a simple sync application for personal ...
user avatar
3votes
0answers
576views

Windows Defender reports my application as malware

It's a simple Windows Forms application using the Google Cloud SDK. I have properly signed the application using a purchased SHA256 Comodo CSC. My solution has a single EXE file along with ...
user avatar
  • 2,818
3votes
0answers
449views

How to avoid program to be detected as a trojan?

I made a small program to detect mouse moving from a screen to another on multiscreen configuration and it is detected as a trojan on windows 10 by windows defender. On my pc it is not detected (...
user avatar
  • 2,013
2votes
2answers
3kviews

My C++ program is blocked and deleted by Windows Defender

I've written a small C++ program which checks if Windows clipboard content has changed and prints a type of that content. I compiled the program to .exe file using Windows Visual Studio 2019 and it ...
user avatar
2votes
1answer
363views

Windows Event Viewer giving cryptic string values for its attributes in XML mode

I am trying to log windows defender events from Event Viewer using C# .net framework. When I try to capture Event data attribute values via reading XML it gives me weird string values for some ...
user avatar
2votes
1answer
9kviews

How do I extract the output of Invoke-RestMethod into distinct variables

Somewhat of a Powershell noob here .. I am working on Microsoft's API for Windows Defender ATP. I need to understand how to extract specific values from a custom powershell object which is returned ...
user avatar
  • 29
2votes
2answers
4kviews

Microsoft Defender Smart Screen Preventing my MSI to run

I am working on a windows application. After creating the installer file i.e. MSI, it gets installed and works perfectly however, once i upload it on cloud server and try downloading it from there and ...
user avatar
2votes
2answers
6kviews

Required firewall exceptions for accessing Node apps on a LAN

I would like a Express REST API to be accessible over a LAN. From what I understand I will need to make some changes in my firewall to allow this access. I managed to solve this checking the second ...
user avatar
  • 1,870
2votes
2answers
465views

Program installed with Inno Setup seen as Trojan (Wacatac.B!ml)

My software is a .NET application. The original .exe compiled with Visual Studio works fine and Microsoft Defender has nothing to say about it or any of the dependencies. I made an installer with INNO ...
user avatar
  • 131
2votes
1answer
509views

Why does Windows Defender detect compiled autoit executables as viruses?

I have another issue not related to script or syntax it a problem with the windows defender I write a very very basic program. this ProgressOn("Waiting", "Setup", "Loading&...
user avatar
  • 29
2votes
1answer
709views

Defender Preference PowerShell commands differ from corresponding registry keys

I am trying to configure windows defender preferences through PowerShell as administrator. I am using the following commands: Set-MpPreference -ScanScheduleDay 5 Set-MpPreference -ScanScheduleTime 03:...
user avatar
  • 33
2votes
1answer
2kviews

Why is Windows Defender blocking my C# Application when it sets an Autostart?

I'm using the following code to set an Autostart of my Application: using (RegistryKey rk = Registry.CurrentUser.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", true)) { rk....
user avatar
  • 357
2votes
1answer
8kviews

Windows defender detecting exe as Trojan:Win32/Azden.A!cl virus

I'm facing an issue while installing an application on windows 10 enterprise edition. After installing application windows defender detect it as virus (Trojan:Win32/Azden.A!cl) and delete it's exe ...
user avatar
2votes
1answer
86views

Activating rule 16 of WDAC doesnt allow to apply policy without rebooting

I'm applying wdac using commands when I have enforced mode I try changing it to enforced mode but it doesn't work without the reboot with the Rule 16 activated, I have tried using gpupdate /force but ...
user avatar
2votes
0answers
45views

Failed to create MD5 hash for file entry_debug_unsigned_entry.apk as it does not exist. in DevEco Studio HarmonyOS

I'm trying to build my HarmonyOS app. It was working fine when suddenly windows defender gave me a message that it had found a threat, and directly after I get an error message: Failed to create MD5 ...
user avatar
2votes
0answers
275views

Windows-Defender and Visual-C++ development: Exclude Executables/Processes xor data folders?

This may be specific to Windows Defender, or it may be more generally applicable to more AV products on Windows. What it definitely is specific to is "compiled" Application development, ...
user avatar
  • 35.1k
2votes
0answers
90views

How to ask Windows Defender Ransomware Protection for allowance to write a file without administrator permission?

First of all I want to explain my scenario a little bit: I have to maintain a legacy software product (25+ years old) based on plain old WinAPI. The difficulty is, that we have no code for that, and ...
user avatar
2votes
0answers
103views

Powershell & Windows Defender limitations

I'm trying to write a PowerShell script to automate some scanning activities using Windows Defender. I've noticed a limitation with the published code which I'm interested to know whether or not ...
user avatar
  • 21
2votes
1answer
398views

Windows Defender/Security deletes my "hello world" program

I'm trying to start a new C project using BearLibTerminal, compiling with gcc. I'm able to compile the hello world, but when I try to launch, Windows Security gives an error, which reads "...
user avatar
2votes
0answers
901views

High windows defender CPU usage while running python script

I am working on a python script that pulls data from an Access database via ODBC, and pulls it into a sqllite database managed by django. The script takes a fair while to run, and so I was ...
user avatar
  • 1,527
2votes
0answers
1kviews

Can't open Visual Studio Code from Start Menu

I've recently uninstalled VS 2015 and some other packages which I don't recall. Ever since the uninstallation I've not been able to view the the icon of VS Code, VS Code Insider and Windows Defender. ...
user avatar
  • 1,785
2votes
2answers
1kviews

Why does this code cause Windows Defender to go crazy and identify this code as a trojan called Ludicrouz.j

I'm working on a desktop app using a library called Raylib, for those of you who don't know what Raylib is, it's an open-source rendering API that is used to make games. By default, Raylib doesn't let ...
user avatar
  • 21
2votes
2answers
3kviews

Windows Defender/Update issues when running inside Windows Docker Container Windows Server 2016

I've created a ASP.NET Web API that retrieves a file as a stream content, saves to disk and scans the file using Windows defender (MpCmdRun.exe). When running the API locally on my computer, ...
user avatar
  • 21

15 30 50 per page