Today if we do not have good Internet protection we are sold. To protect us, Microsoft has developed a free tool called Windows Defender. Here we are going to know what it is, how we can use it and how to proceed against false positives in Windows Defender.
What is Windows Defender and what does it offer us
Windows Defender It is Microsoft’s next-generation protection component to protect our connection and computer. In short, it is a security program whose purpose is to prevent, remove and quarantine spyware or harmful software in the Microsoft operating system. It is currently also known as Microsoft Defender.
Thus, the next-generation protection services that Windows Defender offers us are:
- Virus protection behavior-based, heuristic, and real-time.
- A protection delivered in the cloud that has detection and blocking of new and emerging threats almost immediately.
- Updates to the antivirus and the program itself.
Without a doubt, it is a good protection tool that we must keep active in Windows 10, unless we have other antivirus software.
Access Windows Defender, scan our computer and more
If we want to access Windows Defender we will follow these steps:
- We are going to Start Menu.
- Windows Settings.
Then we will get a screen like this:
The next step we have to take is to click on Update and security. Next, in the section on the left we look for Windows security.
If we want to see the starting place where the security of our equipment is administered we have to click on Open Windows Security.
Here the one that interests us in relation to false positives in Windows Defender is the section on Antivirus and threat protection. This is one of the results that it can show you:
In this case, instead of Windows Defender antivirus, it indicates that Avast Antivirus is being used. If we wanted to use it, we should deactivate the current antivirus. In RedesZone we recommend having Windows defender or other antivirus software installed. On the other hand, if we do not have an antivirus installed, a screen like this will appear:
Here, if we click on Quick test will scan our system for viruses and threats. In this case, after carrying it out, as can be seen, no problem has been found. Further down in Exam options you can choose the degree to which we want the analysis to be carried out. Also on the same screen we can manage the antivirus settings and check for updates.
How Windows Defender Notifies We Have a Problem
Threats and false positives in Windows Defender have a specific way of alerting us. In this case it is usually quite common that occasionally in the notification area we find a Windows Defender icon in various colors:
- If he icon have a exclamation mark in yellow is about torecommended actions but what should be done.
- Whereas in Red refers to necessary actions that we must fix to keep our equipment safe.
- On the other hand, the icon in green tells us that everything is in order.
Here is an example that shows a yellow icon and other green ones that indicate that everything is correct.
What are false positives and what can we do to fix it?
A false positive we could define it as a file or a process, which was detected and identified as malicious, although in reality it is not really a threat. The correct way to proceed with false positives in Windows Defender would be the following:
- Review and classify alerts.
- Review the corrective actions that we have carried out.
- Review and definition of exclusions.
- Submit that file for analysis.
- Review and adjust Windows defender settings.
Now we are going to explain a simple way to proceed when we find a yellow or red icon in the “Virus and threat protection”.
Here what we would have to do is give to Search for updates to make sure you have the latest update installed. Then we will proceed to perform a Quick test, and if all goes well, that warning icon will turn green. In case the problem is not solved in Windows in this same security center, we should also check if the Windows firewall is activated.
Also the false positives in Windows Defender can be due to how we have configured the notifications. Thus, to solve it we would follow these steps:
- Let’s go to Windows start menu.
- Once inside we have to click on System.
- We go to the section Notifications and actions.
- There what you have to do is disable mShow notifications from these senders.
Next, we head to the Windows Defender settings. There we will check if we need lock files on the net or put quarantined files. Then we open the task manager and click on the Windows Defender notifications icon. Then with the right button we tap on Finish homework. This should solve the problem, although most likely we will have to restart the computer first.
Another option we can do is clear the notification cache using the registry editor. To start using it, just type regedit in the Windows start menu.
The route we have to follow is the following:
HKEY_CURRENT_USER> Software> Classes> Local Settings> Software> Microsoft> Windows> CurrentVersion> TrayNotify.
Then a screen like this will appear:
Here what we have to do is delete the registry keys Icon Streams and Past Icons Stream. We restart the computer and check that everything is in order.
What to do with false positive files in Windows Defender
On some occasion, after verifying that a file is a false positive with an antivirus and antimalware tools, we keep getting the message that not everything works correctly. In addition, for greater security before doing anything we could use VirusTotal. It is a tool that does not require installation with which we could verify false positives in Windows Defender. There, an analysis will be shown in which it will be verified that we are free of threats with more than 40 antivirus engines and harmful software.
Once we have verified that this file is not dangerous, we follow these steps:
- We open the Windows Defender security center.
- Click on Antivirus and threat protection.
- There we click on the option Manage settings.
- In Exclusions we click on Add or remove exclusions.
- On the button Add exclusion We can add a file, a folder, a type of file or a process.
Finally, with all these options we have learned to avoid false positives in Windows Defender. Remember also that you always have to have an active antivirus, be it Windows Defender or another.