Blog | G5 Cyber Security

Azure VPN Gateway Client – Detplock False Positive

G5 Cyber Security

TL;DR

The Azure VPN Gateway client can sometimes be incorrectly flagged as malware (Win32/Detplock). This guide shows how to report this false positive to Microsoft and temporarily work around the issue if needed.

Solution Guide

  1. Understand the Problem
    • The Win32/Detplock detection is often a false positive. It means your antivirus software thinks the VPN client is harmful when it isn’t.
    • This can prevent you from connecting to your Azure Virtual Network (VPN).
  2. Report the False Positive to Microsoft

    Reporting helps Microsoft improve their detection engine.

    • Go to the Microsoft Security Intelligence portal.
    • Select “Submit a file for analysis”.
    • Upload the VPN client executable. The location varies, but is often in C:Program FilesAzure VPN Client or similar. Look for files like azurevpnclient.exe.
    • Provide as much detail as possible about why you believe it’s a false positive (e.g., “Genuine Azure VPN client, used to connect to corporate network”).
  3. Temporarily Disable Real-time Protection (Use with Caution!)

    Warning: Disabling real-time protection makes your computer vulnerable. Only do this as a temporary measure while you investigate and report the issue, and re-enable it immediately afterwards.

    • Windows Security: Open “Windows Security” (search for it in the Start menu).
    • Go to “Virus & threat protection”.
    • Under “Virus & threat protection settings”, click “Manage settings”.
    • Toggle “Real-time protection” off. You may be prompted by User Account Control (UAC) – confirm the action.
  4. Add an Exclusion (If Disabling is Not Desired/Possible)

    Adding an exclusion tells your antivirus to ignore the VPN client.

    • Windows Security: Open “Windows Security”.
    • Go to “Virus & threat protection”.
    • Under “Virus & threat protection settings”, click “Manage settings”.
    • Scroll down and click “Add or remove exclusions”.
    • Click “Add an exclusion” and choose “File”.
    • Browse to the VPN client executable (azurevpnclient.exe in C:Program FilesAzure VPN Client).
  5. Update Your Antivirus Software

    Ensure you have the latest definitions.

    • Most antivirus programs update automatically, but check your software settings to confirm.
    • A recent update might already include a fix for this false positive.
  6. Restart Your Computer

    After making changes (disabling protection or adding an exclusion), restart your computer.

  7. Test the VPN Connection

    Try connecting to your Azure VPN. If it works, you’ve likely resolved the issue.

Exit mobile version