Forum Discussion

Blacksuit2375's avatar
Blacksuit2375
Copper Contributor
Apr 21, 2023

Content blocked by IT Admin

I am the IT Admin and I keep seeing this Windows Security pop up notification on my system about blocking mtalk.google.com. I do not have this installed nor can I find anything about it in the registry. How can I find and remove this completely to stop these notifications? Driving me crazy....

  • You should be able to see which process is trying to access this URL, if you look at the Defender Antivirus event logs.
  • Jonhed's avatar
    Jonhed
    Steel Contributor
    You should be able to see which process is trying to access this URL, if you look at the Defender Antivirus event logs.
    • Blacksuit2375's avatar
      Blacksuit2375
      Copper Contributor
      Jonhed,

      Thank you for that, not sure why that did not cross my brain.

      Your IT administrator has caused Microsoft Defender Exploit Guard to block a potentially dangerous network connection.
      Detection time: 2023-04-26T17:53:10.186Z
      User: S-1-5-21-2782793070-3870463569-1119993492-1603
      Destination: https://mtalk.google.com
      Process Name: chrome.exe
      Now I will look at how to remove it or stop it from going again.
    • izya1640's avatar
      izya1640
      Copper Contributor
      Greetings, today I completely reset my computer, after which I encountered such a problem when entering the virus and threat protection section in the settings of my PC:

      The page is not available

      Your IT administrator has restricted access to some components of this application, so the item you are trying to access is not available. To learn more, contact IT support.
      • izya1640's avatar
        izya1640
        Copper Contributor
        but I have no idea how to contact him, even if there is an answer, please help
  • Kashish_Goyal's avatar
    Kashish_Goyal
    Copper Contributor
    Hi All,
    I get the same error with sdks.automizely-anayltics.com and nothing shows in Defender Logs.
    Any ideas?
  • DoctorWizard's avatar
    DoctorWizard
    Copper Contributor

    Blacksuit2375 This started on my main personal machine a while back (maybe August '23 or so?) after an update I think. I get it A LOT!! For all sorts of programs, the majority of which are from reputable companies, are "signed" and have been on my machine for ages. Admittedly, about half of them could potentially be security risks if installed or running unintentionally, such as NoMachine. The other half, I dunno why they trigger this warning. I've gone into Windows Security settings and created exceptions for many of them but it makes no difference, I still getting these notifications and it still keeps blocking my important software and I cannot find any place to turn it off. Likewise, Googling (and Binging) has return no useful results.  But apparently not too many people are having or reporting this problem.  It's annoying as heck and I want to disable it!  Also note that most of the programs I am getting this on are NOT web related.

  • MariusSusma's avatar
    MariusSusma
    Copper Contributor
    For IT admins:
    1. Open the Microsoft Endpoint Manager admin center and select Devices from the left sidebar.
    2. From there, select Configuration profiles and click on Create profile.
    In the Create a profile page, select Windows 10 and later then for profile:Settings Catalog, search for Windows Defender Security Center then select from the list Disable notification and enable it.
    Push it on all devices or create a device group as you wish.
    • DoctorWizard's avatar
      DoctorWizard
      Copper Contributor

      MariusSusma So based on your post, it would seem that my "content blocked" problem is being caused by Endpoint Manager, aka InTune.  Very plausible since it started around the time I installed Office 365, using the license (with their permission) of a tiny company that I sometimes help with IT issues.  So I am the admin.  Their license level is just Business Standard which best as I can determine does not include Endpoint Manager/InTune.  So how the heck did it get on my machine?  I was able to log into the InTune admin center under that account (even though they don't have it?) but was unable to do anything.  Cannot add a device or policy or change anything.  All options are either grayed out or returns a "Something went wrong" error message.
      Furthermore, it has now decided it wants to block the driver installers for my AMD graphics card and my fingerprint reader and as I mentioned above, adding an exception to Windows Security does not stop it from blocking them.
      So now I'm really pissed!  How do I uninstall this #$%& security program that I did not ask for, did not grant permission to, and do not want!  It is annoying as heck and now interfering with the proper use of my machine!

Resources