Arrangement
Disabling windows defender 8.1.

Disabling windows defender 8.1.

Built-in antivirus. I am almost sure that many people have come across this antivirus before - in their independent life it was called Microsoft Security Essentials and enjoyed a certain popularity. The interface leaves no doubt that this is it - both programs look identical.

The antivirus is called "Windows Defender", or in English "Windows Defender". There are quite a lot of opinions about this decision on the Internet, and the most contradictory ones. So what is he really like? Good or bad?

Although many are interested in simpler questions, we will start with them. So:

Where is he at all?

Finding an antivirus is quite simple - and we are looking for a fad of the same name:

With that where is understood. The next question that can be heard quite often is about how to turn it on or off. Basically turn it on. And he is mainly interested in owners of newly acquired computers, on which an evaluation version of some other antivirus was originally preinstalled. After removing it and trying to poke the “defender” with a stick, he resentfully declares that “ Windows program Defender disabled does not monitor the computer."

So how do you turn on Windows Defender?

Very simple. For this we need again. Only this time - another item - "Support Center":

We click, and a window is visible, something like in the screenshot below:

Actually, this is where you can turn it on. How - I think you'll figure it out without me. And we move on and move on to the most burning issue.

How good is the built-in antivirus in Windows 8?

And really, how much? Well, for starters, if you have a desire to dig, I will send you to an article about . Who doesn’t want to go there - I’ll say that no antivirus will provide you with 100% protection, and it’s quite difficult to really assess the quality of such a product. Therefore, frankly, those who write that the built-in antivirus does not protect well - they take their opinion from the ceiling, and they are unlikely to be able to confirm it with something specific. And if they can, then it will be a special case, which has very little effect on the picture as a whole.

But is there an opinion of professionals on this topic? For such, I propose to go at least to experts from the well-known resource Virus Bulletin (http://www.virusbtn.com). And what do we see? And we see that Microsoft Security Essentials is such a strong "fighter" of the middle level. He's not that bad.

As a result - to put it bluntly, if you don’t download tons of rubbish from the network and don’t tend to stick a USB flash drive into your computer that has previously visited several Internet cafes and a computer class at a university, this antivirus will be enough for you.

Introduction

Windows Defender is the basic antivirus protection in Windows 8, 8.1 and 10. Unlike the equivalent tool in Windows XP, Vista and 7, the Windows 8/8.1/10 version protects against viruses and other types of malware, not just spyware . The product resembles Microsoft Security Essentials for Windows XP, Vista and 7, but unlike it does not have several features such as the ability to select the time or limit the CPU resources used for scheduled scans using the graphical interface, quickly launch a scan using the context menu, displaying an icon in the notification area of the taskbar, etc.

Windows Defender uses a service windows updates to download new virus signatures once a day. If the update process fails, you need to reinstall Windows Updates.

Please note that you cannot install Microsoft Security Essentials on Windows 8, 8.1, or 10. Installing a third-party antivirus program (such as Avast Free Antivirus) will disable Windows Defender automatically - there is no point in consuming extra system resources by using multiple antivirus solutions .

Setting up Windows Defender in Windows 10, 8.1 and 8

To launch Windows Defender in Windows 8 and 8.1, open the application search bar by pressing the key combination - Windows key and Q, enter the phrase "Defender" in the search bar and click on the result.

In Windows 10, open the Start menu or Search Cortana by pressing the key combination - Windows key and S, enter the phrase "Defender" in the search bar and select "Windows Defender Settings". Since all Windows Defender settings are now located in the new universal interface, it makes no sense to open the main program window.

If you previously uninstalled a third-party antivirus, you will see a dialog box stating that Windows Defender is disabled. In this case, open the Action Center from the icon in the taskbar notification area and in the "Security" section, enable the "Virus protection" and "Protection from spyware and unwanted programs" options. Alternatively, you can open the Control Panel (Windows key + X), type "Center" in the search bar, and then toggle the options in the "Security" section to the "On" state. Please be aware that in Windows 8 and 8.1 the Action Center may not display the red icon in the notification area for several days after uninstalling a third-party antivirus product.

Windows Defender settings in Windows 8 and 8.1

When the main window of Windows Defender opens, go to the "Settings" tab and make sure that you have "Turn on real-time protection (recommended)" checked. These measures are enough to activate Windows Defender Antivirus protection in Windows 8 and 8.1 after uninstalling third-party free and paid antivirus solutions.

If something is blocking activation, run Rkill to end malicious processes and services that may be preventing Windows Defender from starting. Then repeat the operation without restarting the computer.

The next 3 tabs in the “Settings” section work with exceptions: the user can prevent scanning of certain files and locations (folders), file types and processes. These settings should be used by experienced PC users who clearly understand why it is necessary to exclude scanning of certain objects.

Click on "Details" in the menu on the left. Enable the "Scan archive files" and "Scan removable media" options. The first option allows you to scan compressed folders (files with the .zip extension) for malware. The second setting allows you to scan for connected USB devices during a full scan. This is very important because malware can be distributed in these ways.

Then check the "Create a system restore point" checkbox. In this case check Point System Restore will be created each time a detected virus or malware is removed or quarantined. If your computer becomes unstable after uninstallation, you can restore it to its original state using the System Restore tool.

If you want all PC users (not just administrators) to be able to view detected objects on the “Log” tab, activate the “Allow all users to view the results of all scans” option. Set the value of the “Delete quarantined files after” parameter to “3 months”. This measure will free up some space on your hard drive.

In Windows 8.1, another setting item is presented here - “Automatically send sample files if further analysis is required”. When this setting is enabled, the system antivirus will display less annoying alerts, so it is recommended to enable this feature.

If you are seriously concerned about the privacy of your personal data, go to the “MAPS” tab and select the option “I do not want to join the MAPS service”. In this case, information about detected objects will not be sent to Microsoft. Other users can leave active the item “ A basic level of participation."

Finally, open the "Administrator" tab and make sure "Turn on Windows Defender" (in Windows 8) or "Enable application" (in Windows 8.1) is enabled. Click the Save Changes button.

The settings will be saved. You can now safely close Windows Defender by pressing the keyboard shortcut ALT + F4. Defender run in background and will monitor files and settings. The program will automatically update virus and spyware signatures once a day when the Windows Update service is running.

Windows Defender settings in Windows 10

Windows 10 makes it even easier to interact with Windows Defender settings and uses the universal Settings app for customization.

First, turn on the "Real-time protection" option in order to enable Windows Defender. If the option is disabled, the rest of the options will be unavailable (grayed out).

"Cloud protection" allows you to increase security for most users. Only if you are seriously concerned about privacy, disable this option.

"Submit Samples Automatically" is very similar to the previous setting, so leave this option enabled.

If you are not a professional IT specialist, it is better not to touch Exceptions.

You can now close the Settings app.

Windows Defender messages in Windows 8, 8.1 and 10

In Windows 8 and 8.1, Windows Defender does not have an icon in the taskbar notification area (system tray), so the best solution is to periodically check the status of the Action Center icon (white flag). If the checkbox has a red circle with an “X” label, something has gone wrong. Click on the icon to view a list of detected issues - this may not be related to Windows Defender.

Windows 10 brought back the Windows Defender icon. The icon works stably, nothing overlaps it. To open the program itself, right-click on the icon and select "Open".

If the icon has a red circle with a white cross, something has gone wrong, such as a malware infection and the user's attention is required for cleaning.

If a green circle is displayed next to the icon, then a scan is in progress - no action is required.

If Windows Defender needs to scan your computer, an appropriate alert will appear in the Action Center, just click on it to start the scan. The program performs an automatic scan every day at 3:00 by default, and the user will see notifications if the system antivirus has missed several scans.

If the Action Center displays "Update your antivirus protection (Important)" and "Update your antispyware protection (Important)" alerts, click on them to open Windows Defender to download the latest signature definitions.

If you see the messages “Turn on virus protection (Important)” or “Turn on spyware protection (Important)”, click on any of them and wait for Windows Defender to load. The computer status in the main Windows Defender window should soon turn green, after which you can safely close the window. These messages usually appear when services or Windows Defender Real Time Protection are disabled.

If you see the message "The Windows Defender service cannot be started", the antivirus protection service has been stopped or disabled. Click the "Close" button.

In Windows 8 and 8.1, open the search (Windows key + W), enter the phrase “services” and select the “View Local Services” utility. In Windows 10, open the Start menu or search for Cortana (Windows + S keyboard shortcut).

Scroll down the list of services to "Windows Defender Service" and check if the "Startup Type" field is set to "Disabled".

Windows 8 only: Call the context menu of the disabled service and select the “Properties” menu item.

In Windows 8.1 and 10, you can't change Windows Defender service settings in normal mode.

Then only in Windows 8, in the Windows Defender service settings window, change the startup type to “Automatic”. Then click the "Run" button and then "OK".

In Windows 8.1 and 10, you need to boot into Safe Mode. After authorization, the start screen and the start menu will open, enter the command regedit, right click on the result and select the "Run as administrator" option.

Go to section HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services and click on record windefend. Select an entry Start in the right panel . If the parameter value is 0x00000004 (4), the service has been disabled. Double click on the entry Start.

Enter 2 and make sure it's in hexadecimal, then click OK. The Windows Defender service will now start automatically.

Then repeat the same step for the WdNisSvc service (Windows Defender Inspection Service).

Save the changes and restart your computer in normal mode, Windows Defender should now work correctly.

If Windows Defender cannot start, run Rkill first and then perform a full scan with Malwarebytes Anti-Malware without restarting your computer.

If the Action Center says “Update virus protection” or “Update spyware protection”, click on either one to launch the Windows Defender window and download latest versions antivirus databases.

In case the signature update fails, try reinstalling Windows Updates.

When a malicious program is detected, a message (pop-up notification) appears in the upper right part of the screen. You do not need to do anything. Windows Defender automatically removes or quarantines the threats it finds.

The pop-up alert closes automatically. If no other messages appear, your computer has been cleaned successfully.

If a computer restart is required to complete the cleaning, the following notification will appear. Click it to launch Windows Defender.

Click the big "Restart Now" button in the Windows Defender window.

As with Microsoft Security Essentials, a confirmation window appears. Click "Yes" to restart your computer.

Your computer will restart and Windows Defender will remove the remaining traces of the malware.

If you see repeated messages about malware being detected and/or removed, run RKill to kill the malicious processes and then perform a full system scan with Malwarebytes Anti-Malware .

Manage Quarantined Items in Windows Defender in Windows 8, 8.1, and 10

By default, most infected objects are quarantined - a safe place where malware cannot harm the real system. Windows Defender deletes objects after three months (if the option is selected). To scan and manage quarantined objects, in Windows 8 and 8.1, open the search bar (Windows key + Q), enter the phrase “protector” in the search box, and click the result.

Users of touch screen devices can bring up the sidebar on the right side of the screen and then select the “Search” option.

In Windows 10, open the start menu, type "defender" and select the top result "Windows Defender".

Click the History tab and make sure that Quarantined Items is selected. If you have not enabled the “Allow all users to view the results of all scans” option (available in Windows 8 and 8.1) in Windows Defender settings, you must first click the “View details” button (even if you are a device administrator).

It is usually recommended to select the “Remove all” option - all objects have been quarantined for some reason. If you are curious and want to know more information about the quarantined files, you can click on the item in the list to view the description and the original location. You can also select any detected object by checking the box on the left side of the list. You can then delete the selected files using the "Delete" button.

You can also restore an object to its original location using the Restore button. Be extremely careful - false positives are rare. Never restore objects with strict, high, or medium alerts!

Configuring Windows Defender Scheduled Scans and Updates in Windows 8, 8.1, and 10

Unlike Microsoft Security Essentials, Windows Defender does not have scheduled scan settings in the program's graphical interface, but the user still has the option of automating a quick or full system scan.

In Windows 8.1 and 10, a quick scan runs daily (3am by default) in conjunction with Windows Feature Updates and other tasks. If the operation was skipped or canceled due to shutting down or restarting the computer, the scan will start the next time the computer is turned on or restarted. You will see a clock icon next to the Action Center icon in the taskbar notification area (system tray) during maintenance.

If a scan has not run for an extended period of time, the Action Center will notify you with the message “Windows Defender needs to scan your computer.”

To schedule a Windows Defender scan, in Windows 8 and 8.1, open the search bar (Windows key + W), type “schedule” and select the “Task Schedule” object.

In Windows 10, open the Start menu, type "scheduler" and select the top result "Task Scheduler".

Touch screen device users can bring up the Charms bar by swiping from the right side of the screen and then selecting the “Search” option.

Right-click on "Task Scheduler (Local)" and select the "Create a simple task" option.

The New Simple Task Wizard opens. Specify a name and descriptions for the scan task and click Next.

If you want to run quick system scans weekly, select the Weekly option (in Windows 8.1, quick scans are scheduled by default).

As full checks may continue long time, You should use “Monthly” for this purpose.

On the next screen, you can set the day of the week and time for quick checks, and the months, days, and times for full checks. Since there is no limit to the use of CPU resources, it is recommended to select the time when the computer is most likely to be idle - the scanning process reduces the performance of the computer.

When selecting the desired action, select the option “Start the program”.

Click the "Browse..." button.

Go to folder C:\Program Files\Windows Defender and double click on the MpCmdRun.exe file. This executable allows you to run basic Windows Defender tasks.

To perform a quick scan, in the “Add arguments (optional)” field: write “-Scan -ScanType 1”, and to perform a full scan, type “ -Scan -ScanType 2”.

The setup process is almost complete. Enable the option “Open a Properties window for this task after clicking the Finish button”.

The properties window will open with the General tab active. Click the “Change...” button in the “When performing tasks, use the following account user" in the "Security Settings" section.

In the “Enter the names of the objects to select” field, enter “SYSTEM” in capital letters and click the “Check Names” button. The title should be underlined. Click the "OK" button. Thus, the account with the highest priority and user rights will be selected.

We return to the “General” tab of the scheduler settings and check the “Run with highest privileges” checkbox. Thus, Windows Defender will be launched with elevated rights, which guarantees the success of complex malware removal.

Open the "Settings" tab and enable the "Run the task immediately if a scheduled start is missed" option. If the computer was turned off when it was time for a scheduled scan, the scan will be performed the next time the computer is turned on and logged into the account. Click "OK" in the "Options" window.

During scheduled operations, a command prompt window will be launched. It will close automatically when the scan is completed.

Update Windows Defender more than once a day

If you are not happy with the fact that Windows Defender only updates the databases when it checks for updates from the Windows Update service (i.e. once a day), you can follow the steps below. Create a new simple task, set the frequency to "Daily", and set the time to 12:00 AM (0:00). On the "Action" screen, specify the same MpCmdRun.exe file but with a new argument "-SignatureUpdate".

After creating a task and opening its properties, select the "Triggers" tab, select an existing schedule and click the "Edit" button.

Enable the “Repeat task every” option and set the value to “4 hours”. This value is not initially listed, but you can select “1 hour” and then manually change it to “4”. Click the OK button and close the task properties window.

Now Windows Defender will update its databases every 4 hours. Each time the command prompt window will open and close automatically.

Keep in mind that this does not mean that the Windows Update service will run every 4 hours - the operations made only apply to Windows Defender updates.

How to turn on Windows Defender?

I want to ask for advice. I have several assemblies of Windows 8.1x32bit with Defender disabled. In the descriptions it was written that it would be possible to enable it, I tried it, it didn’t work.

On the Internet, I found only a standard on / off, and a bunch of tips like: check the box, you need it, put a different antivirus and the like. Maybe people are right about something, but I want to figure it out, besides, this program suits me perfectly .Yes, and the builds are not bad, they work stably and eat little.

Now I will try to explain in detail what I was trying to do, maybe I was mistaken somewhere or did something wrong.

On disk C, in a folder Program Files present Windows folder Defender. The Defender icon is also on the home screen.

The Action Center icon in the system tray sends it to the Windows / System 32 folder, where I didn’t figure out what was what.

When you click on the Defender icon, this message appears instead of the program window:

I've tried Administrative Tools\Services and get error 577.

I wanted in the Registry Editor at )