SEARCH

SECURING YOUR WINDOWS NETWORK / HOW-TO GEEK SCHOOL

How-To Geek

Lesson 3: Windows Defender and a Malware-Free System

How to Improve Windows Defender’s Default Settings

If you are logged in with a user account that is set as an administrator, you can change the default settings in Windows Defender and improve them a bit. Start Windows Defender and go to the “Settings” tab, then select “Advanced” and consider enabling the following settings:

  • Scan removable drivers – when this is enabled, the full scans performed by Windows Defender will also scan the external hard drives or the flash memory sticks that are plugged into your computer.
  • Create a system restore point – when this setting is enabled, Windows Defender creates a system restore point before removing, running, or quarantining items that it considers malicious.
  • Remove quarantined files after – the default value for this setting is three months. If you don’t want Windows Defender to keep malicious items in its quarantine for this long, considering shortening this time period to a month or less.
  • Send file samples automatically when further analysis is required – leave this setting checked, as it helps Microsoft identify malware samples faster and react to them in future updates for Windows Defender.

clip_image017

When done setting things up, press “Save changes” and your new settings are applied.

Working With the Alerts Displayed by Windows Defender

One of the downsides of Windows Defender is that when it detects a threat and it cleans it, it doesn’t show much in terms of actionable information. For example, in Windows 7, MSE shares this prompt when it detects a threat but the prompt doesn’t tell you anything about it and you can’t click on it to learn more.

clip_image018

In Windows 8.x, Windows Defender shares a similar prompt. If you click or tap on it, Windows Defender is started but again, you are not shown any meaningful information that you can use to understand what is going on.

clip_image019

When threats are detected, the default behavior is to neutralize them by quarantining them. That’s why in Windows Defender you will end up using the list of quarantined items a lot more often than when using third-party security products.

How to Work with Quarantined Files in Windows Defender

After you see an alert from Windows Defender, it is best to start it and go to the “History” tab. There, select “Quarantined items” and press “View details.”

clip_image013[1]

The list with all the quarantined items is shown with the recently detected items being displayed first. If you select an item, you can view more information about it: category, description, location, the alert level, and when it was quarantined.

clip_image021

Based on this information, you can remove that item for good by pressing “Remove” or you can restore it to its original locations by pressing “Restore.” Obviously, restoring malware is not exactly something you should be doing unless you are 100 percent sure it is a false alarm. When pressing “Restore,” Windows Defender does a good job at informing you of the consequences.

clip_image022

If you want to remove all the items that are placed into the quarantine, press the “Remove all” button.

How to Turn Off Windows Defender

When you install a new security product, Windows Defender is generally turned off automatically. For example, if you are using Windows 7 and you install Microsoft Security Essentials, the old Windows Defender product is automatically turned off so you don’t have to do anything.

However, not all third-party security products disable Windows Defender on their own and you might have to do this manually.

Windows 7

If you are using Windows 7 and you want to disable Windows Defender because you want to use a third-party security product in its place, go to the Start Menu and search for the word “defender.”

Click on the “Windows Defender” search result to start it.

clip_image023

Then, go to “Tools -> Options”. Here you will find plenty of settings, split into several categories. On the column on the left, select “Administrator.” Uncheck the box that says “Use this program” and press “Save.”

clip_image025

You are informed that Windows Defender is now turned off.

clip_image026

If you have installed Microsoft Security Essentials in Windows 7 and you want to use a third-party security product in its place, disabling it means uninstalling the program just like any other. Go to “Control Panel -> Programs -> Programs and Features”. There, select “Microsoft Security Essentials,” press “Uninstall,” and follow the wizard.

clip_image028

Windows 8.x

Start Windows Defender and go to the “Settings” tab. There, select the “Administrator” category on the left and then uncheck the box that says “Turn on this app,” and then press “Save changes.”

clip_image030

You are informed that Windows Defender has been turned off and it isn’t monitoring your computer or device. Press “Close” and you are done.

clip_image032

Windows Defender is no longer enabled.

How to Turn On Windows Defender

If you want to turn Windows Defender back on, you can do this if you have not installed any third-party security products like antivirus software or Internet security suites.

You can use the “Action Center” to turn on Windows Defender.

clip_image034

You will learn about the Action Center, its role in keeping your system safe and running in good shape, as well as how to use it, in Lesson 7.

Coming up next …

This lesson ends here and we hope that you have found it useful. In the next lesson you will learn about Windows Firewall, how it keeps your system safe from network attacks and how to use it to control which applications get access to the network and the Internet and which do not.

    Continue Reading »
  • Prev
  • 1
  • 2

Ciprian Adrian Rusen is an experienced technology writer and author with several titles published internationally by Microsoft Press. You can connect with him on 7 Tutorials, Twitter, and Google+ or even buy his books on Amazon.

  • Published 05/28/14