How to Improve Windows Defender’s Default Settings
If you are logged in with a user account that is set as an administrator, you can change the default settings in Windows Defender and improve them a bit. Start Windows Defender and go to the “Settings” tab, then select “Advanced” and consider enabling the following settings:
- Scan removable drivers – when this is enabled, the full scans performed by Windows Defender will also scan the external hard drives or the flash memory sticks that are plugged into your computer.
- Create a system restore point – when this setting is enabled, Windows Defender creates a system restore point before removing, running, or quarantining items that it considers malicious.
- Remove quarantined files after – the default value for this setting is three months. If you don’t want Windows Defender to keep malicious items in its quarantine for this long, considering shortening this time period to a month or less.
- Send file samples automatically when further analysis is required – leave this setting checked, as it helps Microsoft identify malware samples faster and react to them in future updates for Windows Defender.
When done setting things up, press “Save changes” and your new settings are applied.
Working With the Alerts Displayed by Windows Defender
One of the downsides of Windows Defender is that when it detects a threat and it cleans it, it doesn’t show much in terms of actionable information. For example, in Windows 7, MSE shares this prompt when it detects a threat but the prompt doesn’t tell you anything about it and you can’t click on it to learn more.
In Windows 8.x, Windows Defender shares a similar prompt. If you click or tap on it, Windows Defender is started but again, you are not shown any meaningful information that you can use to understand what is going on.
When threats are detected, the default behavior is to neutralize them by quarantining them. That’s why in Windows Defender you will end up using the list of quarantined items a lot more often than when using third-party security products.
How to Work with Quarantined Files in Windows Defender
After you see an alert from Windows Defender, it is best to start it and go to the “History” tab. There, select “Quarantined items” and press “View details.”
The list with all the quarantined items is shown with the recently detected items being displayed first. If you select an item, you can view more information about it: category, description, location, the alert level, and when it was quarantined.
Based on this information, you can remove that item for good by pressing “Remove” or you can restore it to its original locations by pressing “Restore.” Obviously, restoring malware is not exactly something you should be doing unless you are 100 percent sure it is a false alarm. When pressing “Restore,” Windows Defender does a good job at informing you of the consequences.
If you want to remove all the items that are placed into the quarantine, press the “Remove all” button.
How to Turn Off Windows Defender
When you install a new security product, Windows Defender is generally turned off automatically. For example, if you are using Windows 7 and you install Microsoft Security Essentials, the old Windows Defender product is automatically turned off so you don’t have to do anything.
However, not all third-party security products disable Windows Defender on their own and you might have to do this manually.
If you are using Windows 7 and you want to disable Windows Defender because you want to use a third-party security product in its place, go to the Start Menu and search for the word “defender.”
Click on the “Windows Defender” search result to start it.
Then, go to “Tools -> Options”. Here you will find plenty of settings, split into several categories. On the column on the left, select “Administrator.” Uncheck the box that says “Use this program” and press “Save.”
You are informed that Windows Defender is now turned off.
If you have installed Microsoft Security Essentials in Windows 7 and you want to use a third-party security product in its place, disabling it means uninstalling the program just like any other. Go to “Control Panel -> Programs -> Programs and Features”. There, select “Microsoft Security Essentials,” press “Uninstall,” and follow the wizard.
Start Windows Defender and go to the “Settings” tab. There, select the “Administrator” category on the left and then uncheck the box that says “Turn on this app,” and then press “Save changes.”
You are informed that Windows Defender has been turned off and it isn’t monitoring your computer or device. Press “Close” and you are done.
Windows Defender is no longer enabled.
How to Turn On Windows Defender
If you want to turn Windows Defender back on, you can do this if you have not installed any third-party security products like antivirus software or Internet security suites.
You can use the “Action Center” to turn on Windows Defender.
You will learn about the Action Center, its role in keeping your system safe and running in good shape, as well as how to use it, in Lesson 7.
Coming up next …
This lesson ends here and we hope that you have found it useful. In the next lesson you will learn about Windows Firewall, how it keeps your system safe from network attacks and how to use it to control which applications get access to the network and the Internet and which do not.