WinDefend Service stopped but spazes out

BrianB · Sep 11, 2024

Not sure how to explain this. Installed our VLA image, configured it for our network, meaning firewall off, windows defender off, antispyware off. made an image. Once loaded and on the network, we install Sophos Endpoint XDR. After a restart, anything we do, open file explorer and open a browser, the windefend service wigs out. it starts out stopped, but wigging out I mean it starts/stops/starts/stops hundreds of times while the app is loaded. Once browser is up, it goes back to stopped. But the whole time it does this it really slows down the PC. While it is stopped, the PC is fine, fast as ever.

I have tried to set the services to be disabled, VIA GPO, but it stops SCCM from installing

Use the "Find" feature and locate each folder below and click to change "start" from "3" to "4"
- Sense
- WdBoot
- WdFilter
- WdNisDrv
- WdNisSvc
- WinDefend

and Option 1 in this post

Enable or Disable Microsoft Defender Antivirus in Windows 11 Tutorial

This tutorial will show you how to enable or disable Microsoft Defender Antivirus in Windows 11. Microsoft Defender Antivirus is an antivirus software that is included in Windows 11 and can help protect your device from viruses, malware, and other threats. You must be signed in as an...

www.elevenforum.com

Has anybody seen this?

BrianB · Sep 17, 2024

Looking into this more, I have found that it is the command-line scanner that is spazing out WinDefend service. Although running this "Get-MpComputerStatus" it shows not running

Powershell:

Get-MpComputerStatus


AMEngineVersion                  : 0.0.0.0
AMProductVersion                 : 4.18.2201.11
AMRunningMode                    : Not running
AMServiceEnabled                 : False
AMServiceVersion                 : 0.0.0.0
AntispywareEnabled               : False
AntispywareSignatureAge          : 4294967295
AntispywareSignatureLastUpdated  :
AntispywareSignatureVersion      : 0.0.0.0
AntivirusEnabled                 : False
AntivirusSignatureAge            : 4294967295
AntivirusSignatureLastUpdated    :
AntivirusSignatureVersion        : 0.0.0.0
BehaviorMonitorEnabled           : False
ComputerID                       : 48A8EBC6-D6EF-4EB3-A2CC-639A91C49056
ComputerState                    : 0
DeviceControlDefaultEnforcement  : N/A
DeviceControlPoliciesLastUpdated : 12/31/1600 4:00:00 PM
DeviceControlState               : N/A
FullScanAge                      : 4294967295
FullScanEndTime                  :
FullScanStartTime                :
IoavProtectionEnabled            : False
IsTamperProtected                : False
IsVirtualMachine                 : False
LastFullScanSource               : 0
LastQuickScanSource              : 0
NISEnabled                       : False
NISEngineVersion                 : 0.0.0.0
NISSignatureAge                  : 4294967295
NISSignatureLastUpdated          :
NISSignatureVersion              : 0.0.0.0
OnAccessProtectionEnabled        : False
QuickScanAge                     : 4294967295
QuickScanEndTime                 :
QuickScanStartTime               :
RealTimeProtectionEnabled        : False
RealTimeScanDirection            : 0
TamperProtectionSource           : E3 transition
TDTMode                          : N/A
TDTStatus                        : N/A
TDTTelemetry                     : N/A
PSComputerName                   :

Here is what it does:

https://drive.google.com/file/d/12UZPSF5qSpnFghzAvnjgLqveZyA1wZis/view?usp=drive_link

WinDefend Service stopped but spazes out

BrianB

Member

Enable or Disable Microsoft Defender Antivirus in Windows 11 Tutorial

My Computer

System One

BrianB

Member

My Computer

System One

Similar threads

Latest Support Threads

Latest Tutorials