In this second lesson, we’ll talk about one of the most confusing security products that comes with Windows: Windows Defender.
This product has had a bad reputation in the past and for good reason — it was very limited in its ability to protect your computer from real malware. However, the latest version included in Windows 8.x operating systems is very different from the past and provides real protection to its users. The great thing about Windows Defender in its current incarnation is that it protects your system from the start, so there’s never a gap in coverage.
We’ll start this tutorial by explaining what Windows Defender is in Windows 7 and Vista compared to what’s in Windows 8, and which product to use if you’re using an earlier version. Next, we’ll look at how to use Windows Defender, how to improve its default settings, and how to deal with the warnings it displays.
As you’ll see, Windows Defender will use your Quarantined Items List much more often than other security products. That is why we will explain in detail how to work with it and permanently remove malware or restore those elements that are only false alarms.
Finally, you’ll learn how to turn off Windows Defender if you no longer want to use it and prefer a third-party security product instead, and then how to turn it back on if you change your mind about using it. Once completed, you should have a full understanding of the default anti-malware settings on your system, or how to quickly protect your system.
What is Windows Defender?
Unfortunately, there is no definitive answer to this question due to the obscure way in which Microsoft chose the name of their security products. Windows Defender is a different product, depending on the Windows operating system you are using.
If you are using Windows Vista or Windows 7, then Windows Defender is a security tool that protects your computer from spyware. It is just one form of malware that is made up of tools and applications that track your movements on the Internet or the actions you take on your computer. Spyware tends to send information that is collected to a remote server and it is subsequently used for all sorts of malicious purposes, from showing you unwanted ads to using your personal data, etc.
However, there are many other types of malware on the Internet, and this version of Windows Defender is unable to protect users from any of them. That’s why if you’re running Windows 7 or earlier, we highly recommend disabling Windows Defender and installing a more complete security product such as Microsoft Security Essentials, or third-party security products from specialized security vendors.
If you’re using Windows 8.x operating systems, then Windows Defender is the same as Microsoft Security Essentials: a decent security product that protects your computer in real time against viruses and spyware. The fact that this product also protects your computer from viruses and not just from spyware is of great importance. If you don’t want to pay for security products, then Windows Defender in Windows 8.x and Microsoft Security Essentials (in Windows 7 or earlier) are good alternatives.
Windows Defender in Windows 8.x and Microsoft Security Essentials are the same product, just a different name. In this tutorial, we’ll be using the Windows 8.x version of Windows Defender, but our instructions also apply to Microsoft Security Essentials (MSE) in Windows 7 and Windows Vista.
If you want to download Microsoft Security Essentials and try it out, we recommend that you use this page: Download Microsoft Security Essentials. There you will find both 32-bit and 64-bit versions of this product, as well as versions in several languages.
How to use and configure Windows Defender
Using Windows Defender (MSE) is very easy to use. To get started, search for «Defender» on the Windows 8.x Start screen and click or tap on the «Windows Defender» search result.
In Windows 7, search for «security» in the start menu search box and click «Microsoft Security Essentials».
Windows Defender has four tabs that provide access to the following tools and options:
Home — here you can view the security status of your system. If everything is in order, it will be colored green. If there are any warnings to be heeded then they will be colored yellow and if there are threats to be dealt with everything will be colored red.
On the right side of the Home tab, you’ll find options to scan your computer for viruses and spyware. At the bottom of the tab, you will find information about when the last scan was performed and what type of scan.
Update — here you will find information about whether this product is up-to-date. You’ll find out when it was last updated and the definition versions it uses. You can also start the update manually.
Story — here you can access quarantined items, see which items you have allowed to run on your computer, even if they were identified as malicious by Windows Defender, and view a complete list with all malicious items detected by Windows Defender on your computer. To access and work with all of these lists, you must be logged in as an administrator.
Settings is a tab where you can enable the real-time protection service, exclude files, file types, processes, and locations from your scans, and access a few more advanced settings. The only difference between Windows Defender in Windows 8.x and Microsoft Security Essentials (in Windows 7 or earlier) is that in the Settings tab, Microsoft Security Essentials allows you to specify when to run scheduled scans when Windows Defender does not have this options. ,
How to improve Windows Defender default settings
If you are logged in with a user account that is set as an administrator, you can change the default settings in Windows Defender and improve them a bit. Launch Windows Defender and go to the «Settings» tab, then select «Advanced» and consider enabling the following settings:
- Scan for replacement drivers — If enabled, Windows Defender Full Scan will also scan external hard drives or flash memory cards connected to your computer.
- Create a system restore point — If this setting is enabled, Windows Defender creates a system restore point before deleting, running, or quarantining items that it considers malicious.
- Delete files from quarantine after — The default value for this parameter is three months. If you don’t want Windows Defender to quarantine malicious items for that long, consider reducing this period to a month or less.
- Submit sample files automatically when further analysis is required — Leave this setting enabled as it helps Microsoft more quickly identify and respond to malware samples in future Windows Defender updates.
When you’re done setting up, click «Save Changes» and your new settings will be applied.
Working with warnings displayed by Windows Defender
In Windows 8.x, Windows Defender has a similar prompt. If you click or tap on it, Windows Defender will launch, but again, you won’t be shown any meaningful information that you can use to figure out what’s going on.
When threats are detected, the standard behavior is to neutralize them by quarantining them. That’s why you’ll end up using the Quarantined List much more often in Windows Defender than you would with third-party security products.
How to work with quarantined files in Windows Defender
After you see a warning from Windows Defender, the best thing to do is run it and go to the History tab. There, select Quarantined Items and click View Details.