Explore the Windows Defender control panel and all of the tabs including Home, Update, and History. Learn how to run a manual scan when you feel the computer has been compromised. Learn how to enable or disable Windows Defender if and when you install a third party antimalware solution. Learn how to exclude folders and file types, among other things. Locate Local Group Policy entries.
- [Instructor] Windows Defender has been part of Windows operating systems since Windows XP and has evolved from its introduction there as a simple anti-spyware program to the full-fledged anti-virus solution it is today. You can open Windows Defender by searching for it from the search box on the taskbar and clicking Windows Defender in the results. I'll maximize the window and let's take a look at the Home tab. The Home tab shows the status of Windows Defender and offers a place to perform a manual scan.
When Windows Defender looks like this everything is working as it should. You might see that Windows Defender is disabled here. This will happen automatically if you put another anti-virus solution in place, or if system protection is managed by your network administrator. You should only run one anti-virus solution at a time, because running more than one can cause conflicts. So if it's disabled for a reason make sure to keep it disabled. The Update tab shows when your computer was last updated.
You can click Update definitions to perform a manual update, although Windows Defender does that automatically, so unless you feel like you've just encountered malware there's really no reason to do anything right now. The History tab lets you view and manage Quarantined Items. I suggest you visit here once a month or so just to keep an eye on the health of your computer. If you find that there have been a rash of Quarantined Items you should look into why. In my case it's likely my kids have been accessing my machine and downloading who knows what on it.
I'll click View details to check. Looks like all's well here. If there were entries I could review them and then delete them from my PC. There's one other option I'd like to show you. It's Settings. Settings used to be a tab of its own, but now it's up here next to the Settings cog. I'll click it. This opens Settings where I can enable or disable Real-time Protection for Windows Defender. There's no need to do that though. If you put another solution into place it'll be disabled automatically. Besides if it's turned off for very long Windows will turn it back on anyway.
To disable it completely you have to use group policy, which I'll show you shortly. In addition, Cloud-based Protection and Automatic sample submission are enabled. This sends information to Microsoft about suspicious activity. I always leave this on. Sometimes you'll want to exclude specific areas of your computer that you feel don't need to be scanned for malware or viruses. Perhaps you have a very large video library that's already been scanned several times and is deemed free of security threats.
It's unlikely that a virus or malware would attack those files now, so you can exclude the entire library from the scans if you like. I'll show you how to do that, but keep in mind that new video files you download from the internet should be scanned when you obtain them, just in case. That happens automatically and isn't something you need to do manually, provided Windows Defender is enabled with the default settings. Here's how to exclude the video library. Just click Add an exclusion, in my case I'll click Exclude a folder, I'll click Videos, and then Exclude this folder.
Finally, there are a few group policy settings that apply to Windows Defender, provided you're running Windows 10 Pro or Enterprise. To see them type gpedit.msc in the search window and click it in the results. And navigate to Computer Configuration, Administrative Templates, Windows Components, and finally, Windows Defender. Here's where you turn off Windows Defender. You double-click it, click Enabled, and click OK.
I don't suggest you do that. I'm going to click Cancel. You can also drill into the folders to explore more settings. If you open Quarantine you can enable the setting to automatically remove items from the computer after a specific amount of days passes. Double-click the entry, click Enabled, and choose the number of days. From Real-time Protection back over in the left pane you can disable automatic scanning of downloads and attachments. I don't suggest you do this, but you can.
There's also the option to turn off real-time protection, among other things. Continue to look over the settings here and exit Local Group Policy when you're finished. I suggest you leave Windows Defender enabled until a time comes when you install a third-party anti-virus solution or your network administrator puts some other solution into place. Windows Defender has always done a great job of protecting my computers and I opt to keep it enabled all the time.
Note: The course also maps to the third part of MCSA exam 70-698, Installing and Configuring Windows 10. Taking this course will prepare you for objectives in the Manage and Maintain Windows domain of the test.
- Configuring Windows Update
- Updating Windows apps
- Reviewing event logs
- Using Resource Monitor and Performance Monitor
- Managing security with Windows Defender
- Creating a recovery drive
- Restoring and recovering files
- Recovering the OS with Windows Recovery
- Configuring authorization and authentication
- Securing Windows 10 with passwords
- Joining workgroups and domains
- Creating and using accounts
- Automating tasks with PowerShell