stapp

CLOSED Defender notification

Recommended Posts

Today at boot I got the Windows notification sound. It was Defender telling me it had cleaned 5 items (they will be eicar) It does not say when this 'clean' occurred.

There is nothing in Defender history or quarantine.

I have the latest cumulative for Win 10 2004 installed (now on build 19041.388)

It is not possible to work out when this happened or what they found.

Going here to show latest Defender info doesn't help, I mean some of the entries there are strange. but perhaps as a result of the Cumulative?

Event viewer..Application and Service logs..Microsoft..Windows..Windows Defender..Operational

Debug logs and screenies attached.

 

Annotation 2020-07-16 051034.jpg
Download Image

Annotation 2020-07-16 084248.jpg
Download Image

Annotation 2020-07-16 084434.jpg
Download Image

a2guard_20200716045339(1152).zip

Share this post


Link to post
Share on other sites

Yes it is, but EAM says I am protected by EAM :blink:

I may do a few unticks and reticks and a reboot as well.

EDIT.. Unticking and reticking the Windows Security Center integration in EAM advanced settings has restored EAM as the provider.

 

Annotation 2020-07-16 110255.jpg
Download Image

Share this post


Link to post
Share on other sites

nice one - might be worth checking, over the coming days, that EAM registers in wsc each time you restart/turn on the machine as I had the same problem but it was intermittent - sometimes EAM registered after boot but sometimes not - I had to reinstall EAM in the end to fix it

Share this post


Link to post
Share on other sites
27 minutes ago, marko said:

nice one - might be worth checking, over the coming days, that EAM registers in wsc each time you restart/turn on the machine as I had the same problem but it was intermittent - sometimes EAM registered after boot but sometimes not - I had to reinstall EAM in the end to fix it

First time it's happened to me marko. It would be nice if EAM gave some indication that it had not registered in WSC and that Defender was doing scans and downloading definitions.

Share this post


Link to post
Share on other sites

Not happened since. I check every morning after a cold boot.

Was this of any interest to you Frank? Or was it just one of those 'race' events?

Share this post


Link to post
Share on other sites

No idea stapp.

What I do know is that we added a fix to 2020.8 that will stabilize WSC integration.

We've noticed this issue on a couple of machines only sofar.
Windows WSC API isn't the most stable one....

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.