New
#10
You're very welcome.
So I take it that the correct entry should be in the
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\MpEngine
:)
You're very welcome.
So I take it that the correct entry should be in the
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\MpEngine
:)
Hello Sammy, and welcome to Ten Forums. :)
As a test enable it using the .reg file in Option One to see if that may work better for you.
hello, thanks for the well documented feature (as usual..)
It is unclear if this works with all version of Windows 10 (core, pro, etc..)
at least, Microsoft is documented it for Enterprise version
Hello Daniel, :)
While Microsoft announced the new PUA feature as only available for the Enterprise edition of Windows 10, Home and Pro editions can also enable it on their Windows 10 PCs to block the deployment of adware during software installations.
As an "update" here, I just enabled PUA protection through Powershell with no error messages during the process. However after the restart Defender was Red "X" tagged & telling me my system was at risk. No explanation. Defender was very slow and sluggish to open. A scan did not clear the issue. After disabling the PUA Protection & a restart, everything is back to normal.
Another Update: Following Creator's Update and resolution of a minor conflict between WD and Malwarebytes, I've enabled the PUA Protection option again and so far, no issues.
Thanks to any and all for ...
I can confirm that PUA can be enabled on Home. Testing that it's working can be problematic though. Testing virus detection is easy with the EICAR test file. https://www.microsoft.com/security/p...ICAR_Test_File
There's no equivalent 'test file' for PUAs that I can find, so to test detection you need something that has a real PUA in it. Turns out that I had one, an installer that I'd downloaded (but never run) back when this PC was running Win7/MSE. This was successfully detected by Defender as https://www.microsoft.com/security/p...DVideoDownload
However, I noticed a strange 'feature' of Defender's PUA detection. It seems to be turned off for files in my User folder and its subfolders. While the EICAR test shows that viruses are detected there, this PUA had been sitting for years undetected. Copying this installer to anywhere other than my User folder (such as C:\Temp\) results in the PUA being automatically detected.
Temporarily turning off Defender's real-time protection allowed me to copy the file without detection. Then testing the context menu 'Scan with Windows Defender...' showed the same behaviour. The PUA was detected when the file was in any folder except my User folder. I presume it would be detected regardless of folder as soon as I ran the installer, but I haven't been brave enough to test that yet. :)
Is this behaviour by design, do you think? Or could it be a setting inherited from Microsoft Security Essentials that's no longer shown in Defender's settings?