 Tuesday, October 30, 2018 in Tools  No Comments |  |  Sandboxing is not enabled by default at the time of writing. It is available, however, on all devices running Windows 10 version 1703 or higher.
Here is what you need to do to enable Windows Defender Antivirus sandboxing right now:
- Open the Start menu.
- Type powershell.exe to display PowerShell as one of the results.
- Right-click on the result and select "run as administrator" or hold down the Shift-key and the Ctrl-key before you select the result. Both options execute PowerShell with elevated rights.
- Confirm the UAC prompt that may be displayed.
- Run setx /M MP_FORCE_USE_SANDBOX 1.
- Restart Windows.
The command sets a new system variable that tells Windows to run Windows Defender Antivirus with sandbox functionality.
Verifying that the sandbox is running is simple: open the Windows Task Manager with a tap on Ctrl-Shift-Esc and make sure you display all details (click on more details if not), and look on the Details tab of the program.
Locate MsMpEngCP.exe there. If you see it, the sandbox is up and running. The process runs with low privileges and uses "all available mitigation policies" according to Microsoft.
www.ghacks.net | |
|
