Confifure windows defender to only alert but not block

Robin Schmied 1 Reputation point
2022-07-19T18:51:35.567+00:00

Hi,

I am trying to configure Windows Defender on a Machine (not connected to the internet, high availability) so that it only alerts (via EventViewer\WindowsDefender\Oparational log file) when found a threat but doesn't block, delete or quarantine it (or otherwise makes the file unusable). I already changed the "default threat action" for all alert levels to 6 (NoAction) via the Powershell Commands:

Set-MpPreference -UnknownThreatDefaultAction NoAction -verbose

Set-MpPreference -LowThreatDefaultAction NoAction -verbose

Set-MpPreference -ModerateThreatDefaultAction NoAction -verbose

Set-MpPreference -HighThreatDefaultAction NoAction -verbose

Set-MpPreference -SevereThreatDefaultAction NoAction -verbose

->after setting this Win Def doesn't delete the files or move them to quarantine but i also cant access them - like if copy it somewhere or use the type command, i always get the error "Operation did not complete successfully because the file contains a virus or potentially unwanted software."

I also tried the threat action "ignore" but this means i get no alerts in event viewer.

Some more infos on the machines:
windows 1607

Win Def Version: 4.18.2203.5

Signature Version: 1.367.1569.0

please help,

greetings

Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,692 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Limitless Technology 39,181 Reputation points
    2022-07-20T10:57:26.133+00:00

    Hi RobinSchmied-5364,

    First of all, your version of Windows 10 is very old and reached end of life in April 2019. I suggest that you should upgrade ASAP as the latest version of Windows 10 may have already resolved this issue. If this doesn’t resolve the issue, please reach back out to us.

    I hope this answers your question.

    ----------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept as answer--

    1 person found this answer helpful.

  2. Robin Schmied 1 Reputation point
    2022-07-25T11:33:29.68+00:00

    i made an official Microsoft case through their services hub and sadly the technician told me what we wanted to achieve is not possible.

    0 comments No comments