Windows Defender

Windows Defender has some hidden features:

Controlled Folder Access

Controlled Folder Access was designed to prevent ransomware encrypting files stored in protected folders. It also blocks programs from making changes to files and folders listed as protected. So if your having trouble with a new program not working correctly, turn off Controlled Folder Access. You can White List a trusted program to allow it through Windows Defender CFA.

Defender

1. Open Windows Defender

Defender

2. Click on Virus and Threat Protection:

Defender

3. Under Virus and Threat protection settings, Click on Manage Settings:

Defender

4. Under Controlled Folder Access, click on Manage controlled folder access.

Defender

5. Make sure CFA is Turned On. To White List an app, click on Allow an app through controlled folder access.

Defender

6. Click on +

Defender

7. Click on Recently Blocked apps:

Defender

8. Select the app from the list of recently blocked.

Defender

9. 4k has been added to the list.

Defender

Malware Blocker

A hidden setting intended for organizations will boost Windows Defender’s security, making it block adware, potentially unwanted programs, PUPs, or whatever you want to call this junk.

You can enable this setting from a Windows PowerShell prompt with administrator permissions or the Command Prompt. Right-click the Start button and select Power Shell ADMIN or CMD Admin

Copy and paste the following command: Set-MpPreference -PUAProtection 1

To turn off this feature, enter the same command but with a 0 at the end instead of 1.

Sandbox

Windows 10’s built-in antivirus can now run in a sandbox. Even if an attacker compromises the antivirus engine, they wouldn’t have access to the rest of the system

To enable this feature today, launch a Command Prompt or PowerShell window as Administrator, run the following command, and then restart your PC: setx /M MP_FORCE_USE_SANDBOX 1

If you want to undo this change, run the same command, replacing the “1” with a “0,” and reboot your PC once again.

Application Guard

Windows 10’s “Windows Defender Application Guard” feature runs the Microsoft Edge browser in an isolated, virtualized container. Even if a malicious website exploited a flaw in Edge, it couldn’t compromise your PC. Application Guard is disabled by default. Starting with the April 2018 Update, anyone using Windows 10 Professional can now enable Application Guard. Previously, this feature was only available in Windows 10 Enterprise. If you have Windows 10 Home and want Application Guard, you’ll have to upgrade to Pro.

Windows Defender Application Guard, also known as Application Guard or WDAG, only works with the Microsoft Edge browser. When you enable this feature, Windows can run Edge in a protected, isolated container.

To enable this feature, head to Control Panel Programs Turn Windows Features On or Off. Check the “Windows Defender Application Guard” option in the list here, and then click the “OK” button.

This page last updated on 29 Jan 2019