Defender in vdi


S

Stefan86

New member
Local time
6:08 AM
Posts
3
OS
windows 1a
Hello,
I want to run Windows 11 as a non-persistent VDI with Citrix MCS and write cache.

When I start the VM, Defender clogs up the write cache.

On the one hand, it performs definition updates and, on the other hand, it apparently scans the disk and stores quite a lot in the Defender cache directory.

How can I completely disable Defender in Windows 11 24h2?

Or ensure that the entire disk is not scanned immediately and only write accesses are scanned?


Translated with DeepL.com (free version)
 

My Computer My Computer

At a glance

windows 1a
OS
windows 1a
You won’t find many Citrix people here, but Citrix does have guidance for anti-malware and MCS/PVS.

Tech Paper: Endpoint Security, Antivirus, and Antimalware Best Practices

Tech Paper focused on proper configuration, and recommendations for running an antivirus solution in Citrix DaaS™ and Virtual Apps & Desktops environments. Recommended exclusions, configuration, and leading practices.
docs.citrix.com docs.citrix.com
 

My Computer My Computer

At a glance

Windows 11 Pro 25H212th Gen Core i7-1260P64 GB Micron PC4-25600Intel Iris Xe Graphics
OS
Windows 11 Pro 25H2
Computer type
PC/Desktop
Manufacturer/Model
Intel NUC12WSHi7
CPU
12th Gen Core i7-1260P
Motherboard
NUC12WSBi7
Memory
64 GB Micron PC4-25600
Graphics Card(s)
Intel Iris Xe Graphics
Sound Card
on-board Realtek HD Audio
Monitor(s) Displays
Dell U3219Q
Screen Resolution
3840 x 2160
Hard Drives
Samsung SSD 990 PRO 1TB
Crucial MX500 2 TB
Antivirus
Microsoft Defender
The problem is not Citrix, but the configuration of Defender.

The tamper protection seems to be annoying me.



How can I configure the exclusions via GPO or via the registry?
 

My Computer My Computer

At a glance

windows 1a
OS
windows 1a
Stefan86 said:
How can I completely disable Defender in Windows 11 24h2?

Or ensure that the entire disk is not scanned immediately and only write accesses are scanned?
Click to expand...
Stefan86 said:
The tamper protection seems to be annoying me.
Click to expand...


www.elevenforum.com

Turn On or Off Tamper Protection for Microsoft Defender Antivirus in Windows 11

This tutorial will show you how to turn on or off Tamper Protection for Microsoft Defender Antivirus settings in Windows 11. Microsoft Defender Antivirus is an antivirus software that is included in Windows 11 and can help protect your device from viruses, malware, and other threats. Tamper...
www.elevenforum.com www.elevenforum.com

www.elevenforum.com

Enable or Disable Real-time Protection for Microsoft Defender Antivirus in Windows 11

This tutorial will show you how to enable or disable real-time protection for Microsoft Defender Antivirus in Windows 10 and Windows 11. Microsoft Defender Antivirus is an antivirus software that is included in Windows 10/11 and can help protect your device from viruses, malware, and other...
www.elevenforum.com www.elevenforum.com

www.elevenforum.com

Enable or Disable Microsoft Defender Antivirus in Windows 11

This tutorial will show you how to enable or disable Microsoft Defender Antivirus in Windows 11. Microsoft Defender Antivirus is an antivirus software that is included in Windows 11 and can help protect your device from viruses, malware, and other threats. You must be signed in as an...
www.elevenforum.com www.elevenforum.com
 
Last edited:

My Computers My Computers

System One System Two Other systems

  • At a glance

    Windows 11 Pro 25H2 Build 26200.8655Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz32.0 GB of I forget and the box is in storage.Gigabyte nVidia GeForce GTX 1660 Super OC 6GB
    OS
    Windows 11 Pro 25H2 Build 26200.8655
    Computer type
    PC/Desktop
    Manufacturer/Model
    Sin-built 2013
    CPU
    Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
    Motherboard
    ASUS ROG Maximus VI Formula
    Memory
    32.0 GB of I forget and the box is in storage.
    Graphics Card(s)
    Gigabyte nVidia GeForce GTX 1660 Super OC 6GB
    Sound Card
    ROG SupremeFX Formula 8-Channel High Definition Audio
    Monitor(s) Displays
    5 x LG 25MS500-B - 1 x 24MK430H-B - 1 x Wacom Pro 22" Touch Screen Tablet
    Screen Resolution
    All over the place
    Hard Drives
    Too many to list. OS on Samsung 1TB 870 QVO SATA
    PSU
    Silverstone 1500
    Case
    NZXT Phantom 820 Full-Tower Case
    Cooling
    Noctua NH-D15 Elite Class Dual Tower CPU Cooler / 6 x EziDIY 120mm / 2 x Corsair 140mm somethings / 1 x 140mm Thermaltake something / 2 x 200mm Corsair.
    Keyboard
    Corsair K95 / Logitech diNovo Edge Wireless
    Mouse
    Logitech: G402 / G502 / Mx Masters / Mx Air Cordless
    Internet Speed
    2000/500Mbps
    Browser
    All sorts
    Antivirus
    Kaspersky Premium
    Other Info
    ㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
    TP-Link BE9300 WiFi 7 Bluetooth 5.4 (Archer TBE550E)
    TP-Link TX201 V1 2.5GB Lan

    Grandstream HT812 - VoIP
    ASUS DSL-AX82U - Mesh
    ASUS RT-AC68U - Mesh
    ASUS RT-BE88U Router

    Brother MFC-L2880DW Printer

    I’m on a horse.

  • At a glance

    Windows 11 Pro 25H2 Build 26200.8655 (Wifes)13th Generation Intel® Core™ i5-1340P Process...16GB LPDDR5-52001x Intel® Iris® Xe Graphics
    Operating System
    Windows 11 Pro 25H2 Build 26200.8655 (Wifes)
    Computer type
    Laptop
    Manufacturer/Model
    LENOVO Yoga 7 14IRL8 - Type 82YL
    CPU
    13th Generation Intel® Core™ i5-1340P Processor(Core™ i5-1340P)
    Memory
    16GB LPDDR5-5200
    Graphics card(s)
    1x Intel® Iris® Xe Graphics
    Sound Card
    Optimized with Dolby Atmos®
    Screen Resolution
    QHD 2880 x 1800 OLED
    Hard Drives
    M.2 512 GB SSD PCIe
    Mouse
    Logiteck MX Master 3S
    Internet Speed
    2000/500
    Antivirus
    Defender / Malwarebytes
    Other Info
    …still on a horse.


    Wireless Network: Wi-Fi 6E 2x2 AX; Bluetooth® 5.1 or above
    Ports: 1x 1 Novo button; 2 in 1 Audio Combo jack; Micro SD Card Reader; HDMI 1.4b; 2 x USB Type-C (TBT4)
    USB 3.2 Gen 2 DP 1.4a
    PD 3.0); 1 x USB 3.2 Gen1 Type A
    Camera
    1x 1080P FHD IR/RGB Hybrid with Privacy Shutter and Dual Array Microphone
    Graphics
    1x Intel® Iris® Xe Graphics
    Monitor
    14" WUXGA
    Form Factor
    Convertible Notebook
  • Windows 11 Pro 25H2 Build 26200.8655 (Wifes)

    Yoga 7 2-in-1 14IML9 - Type 83DJ

    Processor: Intel® Core™ Ultra 7 155H Processor(Core™ Ultra 7 155H)

    Memory: 32GB LPD5X-7467

    Hard Drive: 1 TB SSD PCIe

    Wireless Network: 1x Wi-Fi 6E 2x2 AX; Bluetooth® 5.1 or above

    Ports: 1 x HDMI 2.1 TMDS; 1 x Novo Button; 1 x Combo Audio Jack
    2 x USB-C (USB 4.0)
    1 x USB-A 3.2 Gen 1

    Camera: 1080P FHD IR Hybrid with Dual Microphone

    Graphics: Intel® Arc™ Graphics

    Monitor: 14" 2.8K

    ...Where's my horse?
Welcome to the forum, Stefan.

People who “remove” Microsoft Defender generally end up with worse issues.
In my opinion, it’s best to disable as apposed to removing.
 

My Computers My Computers

System One System Two Other systems

  • At a glance

    Windows 11 Pro 25H2 Build 26200.8655Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz32.0 GB of I forget and the box is in storage.Gigabyte nVidia GeForce GTX 1660 Super OC 6GB
    OS
    Windows 11 Pro 25H2 Build 26200.8655
    Computer type
    PC/Desktop
    Manufacturer/Model
    Sin-built 2013
    CPU
    Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
    Motherboard
    ASUS ROG Maximus VI Formula
    Memory
    32.0 GB of I forget and the box is in storage.
    Graphics Card(s)
    Gigabyte nVidia GeForce GTX 1660 Super OC 6GB
    Sound Card
    ROG SupremeFX Formula 8-Channel High Definition Audio
    Monitor(s) Displays
    5 x LG 25MS500-B - 1 x 24MK430H-B - 1 x Wacom Pro 22" Touch Screen Tablet
    Screen Resolution
    All over the place
    Hard Drives
    Too many to list. OS on Samsung 1TB 870 QVO SATA
    PSU
    Silverstone 1500
    Case
    NZXT Phantom 820 Full-Tower Case
    Cooling
    Noctua NH-D15 Elite Class Dual Tower CPU Cooler / 6 x EziDIY 120mm / 2 x Corsair 140mm somethings / 1 x 140mm Thermaltake something / 2 x 200mm Corsair.
    Keyboard
    Corsair K95 / Logitech diNovo Edge Wireless
    Mouse
    Logitech: G402 / G502 / Mx Masters / Mx Air Cordless
    Internet Speed
    2000/500Mbps
    Browser
    All sorts
    Antivirus
    Kaspersky Premium
    Other Info
    ㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤ⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
    TP-Link BE9300 WiFi 7 Bluetooth 5.4 (Archer TBE550E)
    TP-Link TX201 V1 2.5GB Lan

    Grandstream HT812 - VoIP
    ASUS DSL-AX82U - Mesh
    ASUS RT-AC68U - Mesh
    ASUS RT-BE88U Router

    Brother MFC-L2880DW Printer

    I’m on a horse.

  • At a glance

    Windows 11 Pro 25H2 Build 26200.8655 (Wifes)13th Generation Intel® Core™ i5-1340P Process...16GB LPDDR5-52001x Intel® Iris® Xe Graphics
    Operating System
    Windows 11 Pro 25H2 Build 26200.8655 (Wifes)
    Computer type
    Laptop
    Manufacturer/Model
    LENOVO Yoga 7 14IRL8 - Type 82YL
    CPU
    13th Generation Intel® Core™ i5-1340P Processor(Core™ i5-1340P)
    Memory
    16GB LPDDR5-5200
    Graphics card(s)
    1x Intel® Iris® Xe Graphics
    Sound Card
    Optimized with Dolby Atmos®
    Screen Resolution
    QHD 2880 x 1800 OLED
    Hard Drives
    M.2 512 GB SSD PCIe
    Mouse
    Logiteck MX Master 3S
    Internet Speed
    2000/500
    Antivirus
    Defender / Malwarebytes
    Other Info
    …still on a horse.


    Wireless Network: Wi-Fi 6E 2x2 AX; Bluetooth® 5.1 or above
    Ports: 1x 1 Novo button; 2 in 1 Audio Combo jack; Micro SD Card Reader; HDMI 1.4b; 2 x USB Type-C (TBT4)
    USB 3.2 Gen 2 DP 1.4a
    PD 3.0); 1 x USB 3.2 Gen1 Type A
    Camera
    1x 1080P FHD IR/RGB Hybrid with Privacy Shutter and Dual Array Microphone
    Graphics
    1x Intel® Iris® Xe Graphics
    Monitor
    14" WUXGA
    Form Factor
    Convertible Notebook
  • Windows 11 Pro 25H2 Build 26200.8655 (Wifes)

    Yoga 7 2-in-1 14IML9 - Type 83DJ

    Processor: Intel® Core™ Ultra 7 155H Processor(Core™ Ultra 7 155H)

    Memory: 32GB LPD5X-7467

    Hard Drive: 1 TB SSD PCIe

    Wireless Network: 1x Wi-Fi 6E 2x2 AX; Bluetooth® 5.1 or above

    Ports: 1 x HDMI 2.1 TMDS; 1 x Novo Button; 1 x Combo Audio Jack
    2 x USB-C (USB 4.0)
    1 x USB-A 3.2 Gen 1

    Camera: 1080P FHD IR Hybrid with Dual Microphone

    Graphics: Intel® Arc™ Graphics

    Monitor: 14" 2.8K

    ...Where's my horse?
Stefan86 said:
The problem is not Citrix, but the configuration of Defender.

The tamper protection seems to be annoying me.



How can I configure the exclusions via GPO or via the registry?
Click to expand...
With any VDI environment, there are considerations, and exclusions, to be made for anti-malware. If you’re not going to read what I posted, I’m out. I ran a Citrix farm for over a decade and wish you luck.
 
Last edited:

My Computer My Computer

At a glance

Windows 11 Pro 25H212th Gen Core i7-1260P64 GB Micron PC4-25600Intel Iris Xe Graphics
OS
Windows 11 Pro 25H2
Computer type
PC/Desktop
Manufacturer/Model
Intel NUC12WSHi7
CPU
12th Gen Core i7-1260P
Motherboard
NUC12WSBi7
Memory
64 GB Micron PC4-25600
Graphics Card(s)
Intel Iris Xe Graphics
Sound Card
on-board Realtek HD Audio
Monitor(s) Displays
Dell U3219Q
Screen Resolution
3840 x 2160
Hard Drives
Samsung SSD 990 PRO 1TB
Crucial MX500 2 TB
Antivirus
Microsoft Defender
@pseymour I know the exclusions and I will configure these. But the problem is, how?
My last test with configuring the exclusions through gpo was not successful. Defender also scans in the excluded folders.

because I build my master image programmatically I don’t want to add the exclusions manually in the gui.
 

My Computer My Computer

At a glance

windows 1a
OS
windows 1a
You must log in or register to reply here.

Similar threads

Solved Defender in Context Menu
Replies
8
Views
447
pietcorus2
pietcorus2
VirTool:Win32/DefenderTamperingRestore - "DisableAntiSpyware" registry value turned off
Replies
4
Views
184
larysid
L
Antivirus v defender
Replies
9
Views
726
teeter
teeter
Windows Defender / Microsoft Defender ? Protection ?
Replies
13
Views
1K
Try3
Try3
MS Money Sunset takes 25 minutes to open on Windows 11 Pro: How do I add Defender exclusions?
Replies
17
Views
635
Ghot
Ghot

Latest Support Threads

Latest Tutorials

Back
Top Bottom