Windows Defender is malware protection that is included with and built into Windows 8. This software helps identify and remove viruses, spyware, and other malicious software.
Windows Defender runs in the background and notifies you when you need to take specific action. However, you can use it anytime to scan for malware if your computer isn’t working properly or if you clicked a suspicious link online or in an email message.
What is Windows Defender Offline?
Some malicious software will not allow you to access Windows Defender or other antivirus software. To help detect and remove the malware, you can start your computer by using a Windows Defender Offline CD, DVD, or USB flash drive.
Windows Defender is a bonus antivirus by Microsoft that comes bundled with Windows 10. It is one of the best antiviruses that relieves you from annoying while offering robust protection against threats.
However, if you want to strengthen your security even further, please follow these steps to enable enhanced blocking:
- If you’re using a Windows 10 Pro, you may use the Group Policy Editor to enable the tweaks, for which you can type gpedit.msc into the Start Menu to open the editor, then go to the following location:
Computer Configuration > Administrative Templates > Windows Components > Windows Defender Antivirus > MAPS
- Double-click on the Join Microsoft MAPS entry and switch it to Enabled.
- In the Options box, switch it to Advanced MAPS.
- Click OK. (It sends information to Microsoft about detected software, and is required for the advanced options to work).
- While working over MAPS folder, you need to enable Configure the “Block at First Sight” feature to perform real-time verification with Microsoft protective services on potentially infected content.
- You may choose how to send file samples with the Send file samples when further analysis is required entry.
- You must choose one of the latter two options if you have Block at First Sight enabled.
- With MAPS enabled, switch to the MpEngine folder on the left sidebar. Click the Select cloud protection level entry and set it to Enabled, then in the bottom-left options box choose High blocking level. Microsoft notes that this makes “Windows Defender . . . more aggressive when identifying suspicious files to block and scan.” Thus, you may experience more false positives pop up when using it.
- If you’re using Windows 10 Home edition, you may either use a workaround to access the Group Policy editor or do it through the Registry. For Registry, type regedit into the Start Menu and browse to this location:
- Right-click on Windows Defender, then choose New > Key and name it Spynet (another name for MAPS).
- Right-click on Spynet, and choose New > DWORD (32-bit) Value. Name this one SpynetReporting and double-click to open its properties and set it to 2.
- Again, right-click on the Windows Defender entry and use New > Key to name another key MpEngine. Right-click MpEngine and create a New > DWORD (32-bit) Value with the name MpCloudBlockLevel. Double-click this and set its value to 2 as well.
- These changes in the Group Policy editor does the Registry tweaks. But either way, this makes Windows Defender more resistant to threats.
Overall, Windows Defender is an efficient tool and you can make it work better for you by performing these changes. It may look a hassle in first place, however, the level of security you get after this is appreciated.