Stack Overflow
Stack Overflow

Questions tagged [windows-defender]

Use with Windows Security which was formally called Windows Defender Security Center

References:
Help protect my device with Windows Security

Related tag:
Windows-Security

180 questions
3
votes
0 answers

High windows defender CPU usage while running python script

I am working on a python script that pulls data from an Access database via ODBC, and pulls it into a sqllite database managed by django. The script takes a fair while to run, and so I was investigating where the bottle necks are and noticed in Task…
Hugoagogo
  • 1,598
  • 16
  • 34
3
votes
1 answer

Gradle downloads triggers Windows Defender - how can I exclude files downloaded in Temp folder

When I use Gradle, Windows Defender keeps popping up and want to send the files to their server. The download file has this pattern: %USERPROFILE%\AppData\Local\Temp\gradle_downloadxxxxxxxxxxxxxxxxxxxxxxxxbin Can I exclude them with file mask? I…
WesternGun
  • 11,303
  • 6
  • 88
  • 157
3
votes
1 answer

How do I extract the output of Invoke-RestMethod into distinct variables

Somewhat of a Powershell noob here .. I am working on Microsoft's API for Windows Defender ATP. I need to understand how to extract specific values from a custom powershell object which is returned as the output of Invoke-RestMethod. $webResponse…
prodman
  • 39
  • 1
  • 1
  • 3
3
votes
2 answers

Windows Defender detecting Python EXE as Trojan

I made a Python script that mails a Windows directory as zip to me. I added a scheduler using sched module that repeats this every hour. I was attempting to make a simple sync application for personal use that starts at Windows Startup. I converted…
Abhinay Pandey
  • 46
  • 3
  • 15
3
votes
2 answers

Detect when Controlled Folder Access is active

On Win10, the "anti-ransomware" feature Controlled Folder Access impedes accessing non-whitelisted softwares to certain folders. Is there a way (API) to know if that feature is in place when you get an error in some file operation?, so far I could…
tru7
  • 6,348
  • 5
  • 35
  • 59
3
votes
1 answer

Windows defender detecting exe as Trojan:Win32/Azden.A!cl virus

I'm facing an issue while installing an application on windows 10 enterprise edition. After installing application windows defender detect it as virus (Trojan:Win32/Azden.A!cl) and delete it's exe from installed location which is Program Files…
Hafeez Rehman
  • 31
  • 1
  • 2
3
votes
2 answers

Windows Defender/Update issues when running inside Windows Docker Container Windows Server 2016

I've created a ASP.NET Web API that retrieves a file as a stream content, saves to disk and scans the file using Windows defender (MpCmdRun.exe). When running the API locally on my computer, everything is fine. However, I want to host this API in…
Raxac
  • 31
  • 1
  • 4
3
votes
0 answers

How to avoid program to be detected as a trojan?

I made a small program to detect mouse moving from a screen to another on multiscreen configuration and it is detected as a trojan on windows 10 by windows defender. On my pc it is not detected (windows 7 pro 64) by windows defender nor my…
Entretoize
  • 2,124
  • 3
  • 23
  • 44
2
votes
1 answer

Windows Defender Flags Compiled .exe File with keyboard Input Functions as Potential Virus

I've written the code in Python, but the built-in Windows Defender antivirus detects the .exe file that I compile my code into as a virus. I believe this might be attributed to the use of keyboard.press_and_release, keyboard.write, and…
tareqq
  • 21
  • 1
2
votes
0 answers

"Publishing" a powershell script so it isn't detected as a virus

I have the following Powershell script: # Check if the script is running as admin $IsAdmin = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]…
Angency
  • 21
  • 1
2
votes
1 answer

What is a good process for dynamically generated installers to avoid false AV positives?

I wasn't terribly sure what website to ask this question on, but since it primarily deals with the development/distribution process I chose to ask it here. I'm in the process of creating a company that deals with RMM/MMS for clients. I have a…
Azrael
  • 87
  • 5
2
votes
0 answers

How to sign user space binary with force integrity check (deprecated MSFT cross-signing)

We used to have a binary running in user space built with VC++ /integritycheck flag which sets IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY flag on executable (see more here and here). We signed it with our old certificate and it run smoothly. Now we…
DawidW
  • 51
  • 4
2
votes
0 answers

Is there a way to hash file without triggering antivirus (specifically Windows Defender)?

In our software, we check the integrity of bundled git installation. We do that by calculating sha1 of each file and comparing it to ground truth. The problem is that when we access files to calculate their sha1, Windows Defender decides to check…
Codeguard
  • 7,787
  • 2
  • 38
  • 41
2
votes
0 answers

How to prevent Windows Defender from showing "Windows protected your PC" on a published WPF app with .NET Core 3.1

I have developed an app (WPF-Windows Template Studio app with .NET Core 3.1 as the target framework) that I have published, as shown in this picture. When I send the .exe to another Windows PC the PC shows the following window. Is there anything I…
Florian
  • 1,019
  • 6
  • 22
2
votes
2 answers

Activating rule 16 of WDAC doesnt allow to apply policy without rebooting

I'm applying wdac using commands when I have enforced mode I try changing it to enforced mode but it doesn't work without the reboot with the Rule 16 activated, I have tried using gpupdate /force but it doesn't work either, any ideas? (W10 version…
marcosagni98
  • 80
  • 1
  • 12
1 2
3
11 12