Windows Defender on Server 2019 | Problem number 577 :)

Installed new server 2019 from the scratch, windows defender was installed per default. Did check the task manager for the running MsMpEng.exe but found nothing. Then I did check the Service. It was set to ‘manual’ and did not run. My attempt to start it did fail: Error 577 + “Windows can not verify the digital signature of your file.” Did google a lot and tried this registry tweaking stuff about DisableAntiVirus-DWORD and DisableAntiSpyware-DWORD in different branches (and did run into trouble with registry permissions, keep your fingers off!). And for sure there wasn’t any third party antivirus installed. I did check the MsMpEng.exe’s Signature and it was outdated. Google and M$ did say, that the version installed on the brand new server was outdated too. Did find a newer version installer.exe and installed it, but it ended without any notification and no files were copied. I tried to uninstall the Defender via Server Manager, the Defender Feature checkbox was correctly checked, but greyed/disabled, so i couldn’t uncheck and uninstall it. Finally i got a hint and got it deleted via Powershell (run as admin):

> Uninstall-WindowsFeature -Name Windows-Defender

and re-installed via

Install-WindowsFeature -Name Windows-Defender

After the last reboot the service did run without any problems…

After that i checked the exe and his signature: was the same, also outdated. So windows finally did accept the outdateted cert without asking stuff.

I REALLY hate it.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.