ConfigureDefender is a small utility for configuring Windows 10/11 (and Windows Server) built-in Defender Anti-Virus settings. It is a part of the Hard_Configurator project (including source files), but it can be used as a standalone application (portable).
ConfigureDefender is a utility designed to simplify and enhance the configuration of Windows 10/11 (and Windows Server) built-in Defender Anti-Virus settings. It provides users with a user-friendly interface to manage and customize these security features effectively.
Key Features:
Standalone Operation: Runs as a portable application, allowing it to be used without installation.
System Compatibility: Supports multiple versions of Windows 10/11 and Windows Server.
Customization Options: Offers granular control over Defender settings, enabling users to tailor security protocols to their specific needs.
No Administrative Rights Required: Can configure certain settings without requiring elevated privileges.
Audience & Benefit:
Ideal for IT professionals, system administrators, and security-conscious users who require precise control over their antivirus configurations. By simplifying complex Defender settings, ConfigureDefender helps users enhance system protection while maintaining optimal performance.
README
ConfigureDefender stable version 4.0.1.1 - February 2025
ConfigureDefender is a small utility for configuring Windows 10/11 (and Windows Server) built-in Defender Anti-Virus settings. It is a part of the Hard_Configurator project (including source files), but it can be used as a standalone application (portable).
ConfigureDefender is a portable application, no installation is needed. Download and run the executable ConfigureDefender.exe - the application can run both on Windows 32-bit and Windows 64-bit.
Short program description
ConfigureDefender utility is a small GUI application to view and configure important Defender settings on Windows 10/11 and Windows Server 2019+. It uses PowerShell cmdlets (with a few exceptions) to change the Windows Defender settings. Furthermore, the user can apply one of three pre-defined protection levels: DEFAULT, HIGH, INTERACTIVE, and MAX. Changing one of the protection levels requires a reboot to take effect.
Using the Maximum Protection Level
The MAX Protection Level blocks anything suspicious via Attack Surface Reduction, Controlled Folder Access, SmartScreen (set to block), and Cloud Level (set to block). These settings are very restrictive and using them can produce many false positives even in the home environment. Such a setup is not recommended in the business environment.
Signal is an encrypted communications application.
It uses the Internet to send one-to-one and group messages, which can include files, voice notes, images and videos, and make one-to-one voice and video calls.
KeePassXC is a modern, secure, and open-source password manager that stores and manages your most sensitive information. You can run KeePassXC on Windows, macOS, and Linux systems. KeePassXC is for people with extremely high demands of secure personal data management. It saves many different types of information, such as usernames, passwords, URLs, attachments, and notes in an offline, encrypted file that can be stored in any location, including private and public cloud solutions. For easy identification and management, user-defined titles and icons can be specified for entries. In addition, entries are sorted into customizable groups. An integrated search function allows you to use advanced patterns to easily find any entry in your database. A customizable, fast, and easy-to-use password generator utility allows you to create passwords with any combination of characters or easy to remember passphrases.
The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world, it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked.
WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Initially released for the Linux kernel, it is now cross-platform (Windows, macOS, BSD, iOS, Android) and widely deployable. It is currently under heavy development, but already it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry.
Signal is an encrypted communications application.
It uses the Internet to send one-to-one and group messages, which can include files, voice notes, images and videos, and make one-to-one voice and video calls.
KeePassXC is a modern, secure, and open-source password manager that stores and manages your most sensitive information. You can run KeePassXC on Windows, macOS, and Linux systems. KeePassXC is for people with extremely high demands of secure personal data management. It saves many different types of information, such as usernames, passwords, URLs, attachments, and notes in an offline, encrypted file that can be stored in any location, including private and public cloud solutions. For easy identification and management, user-defined titles and icons can be specified for entries. In addition, entries are sorted into customizable groups. An integrated search function allows you to use advanced patterns to easily find any entry in your database. A customizable, fast, and easy-to-use password generator utility allows you to create passwords with any combination of characters or easy to remember passphrases.
The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world, it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked.
WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. Initially released for the Linux kernel, it is now cross-platform (Windows, macOS, BSD, iOS, Android) and widely deployable. It is currently under heavy development, but already it might be regarded as the most secure, easiest to use, and simplest VPN solution in the industry.
Some important remarks on the possible ways used to configure Defender (for advanced users).
Windows Defender settings are stored in the Windows Registry and most of them are not available from Windows Defender Security Center. They can be managed by using:
Group Policy Management Console (gpedit.msc is not available in Windows Home edition)
Direct Registry editing (manually, via *.reg files or scripts)
The registry keys can be changed when using Defender Security Center or PowerShell cmdlets.
Overwriting settings via Group Policy Management Console (GPO)
Administrators can use the Windows Group Policy Management Console (GPO) utility to override certain Windows Defender registry values. Group Policy settings are stored under another key (owned by ADMINISTRATORS):
Keep in mind that GPOs do not delete the normal Defender settings!
Manually changing WD settings via registry
Registry editing is usually made, under the second key (see below), the first requires system privileges.
Applying Defender settings by directly manipulating the registry under:
is not recommended (!) on Windows editions that officially support Group Policy Management Console e.g. PRO & Enterprise editions.
Those settings are not recognized by the Group Policy Management Console.
They can temporarily overwrite the GPO setup in the Registry because they share the same Registry keys. Those changes are not permanent, because Group Policy configuration is not overwritten.
After some hours, those settings are automatically and silently back-overwritten by the Group Policy Refresh feature.
Those settings cannot be changed via Defender Security Center (or PowerShell cmdlets), even if they are visible (like folders and applications related to Controlled Folder Access).
Windows Home Editions
Under Windows Home editions, someone can configure Defender settings (outside of the Defender Security Center), when using PowerShell cmdlets or via the manual Registry editing method. This may confuse some users, but the ConfigureDefender utility can remove the settings made under the policy path:
This is required, because those settings would override ConfigureDefender settings.
ConfigureDefender utility and GPOs
ConfigureDefender utility can be used on Windows Professional & Enterprise editions if an Administrator did not apply Defender policies via the Group Policy Management Console. Normally, all those policies are by default set to 'Not configured'. They can be found in the Group Policy Management Console:
Computer configuration >> Policies >> Administrative templates >> Windows components >> Windows Defender Antivirus.
The tabs: MAPS, MpEngine, Real-time Protection, Reporting, Scan, Spynet, and Windows Defender Exploit Guard, should be inspected before using ConfigureDefender. The corresponding policies have to be set to 'Not configured'. If not, then the GPO Refresh feature will override the settings applied via ConfigureDefender.
Available Windows Defender settings on different Windows versions
Configuredefender requires Windows ver. 1809 or later.
The ASR rule "Block persistence through WMI event subscription" requires Windows ver. 1903 or later.
KeePass Password Safe is a free, open source, lightweight, and easy-to-use password manager for Windows, Linux and macOS, with ports for Android, iPhone/iPad and other mobile devices.
With so many passwords to remember and the need to vary passwords to protect your valuable data, it’s nice to have KeePass to manage your passwords in a secure way.
KeePass puts all your passwords in a highly encrypted database and locks them with one master key or a key file. As a result, you only have to remember one single master password or select the key file to unlock the whole database.
And the databases are encrypted using the best and most secure encryption algorithms currently known, AES and Twofish.
KeePass Password Safe is a free, open source, lightweight, and easy-to-use password manager for Windows, Linux and macOS, with ports for Android, iPhone/iPad and other mobile devices.
With so many passwords to remember and the need to vary passwords to protect your valuable data, it’s nice to have KeePass to manage your passwords in a secure way.
KeePass puts all your passwords in a highly encrypted database and locks them with one master key or a key file. As a result, you only have to remember one single master password or select the key file to unlock the whole database.
And the databases are encrypted using the best and most secure encryption algorithms currently known, AES and Twofish.
We built ProtonVPN with extra security features to make it better at protecting your privacy than an ordinary VPN.
When you use ProtonVPN to browse the web, your Internet connection is encrypted.
By routing your connection through encrypted tunnels, ProtonVPNs advanced security features ensure that an attacker cannot eavesdrop on your connection.
It also allows you to access websites that might be blocked in your country.
We built ProtonVPN with extra security features to make it better at protecting your privacy than an ordinary VPN.
When you use ProtonVPN to browse the web, your Internet connection is encrypted.
By routing your connection through encrypted tunnels, ProtonVPNs advanced security features ensure that an attacker cannot eavesdrop on your connection.
It also allows you to access websites that might be blocked in your country.
VeraCrypt is a software for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data is automatically
encrypted right before it is saved and decrypted right after it is loaded, without any user intervention. No data stored on an encrypted volume can be read (decrypted)
without using the correct password/keyfile(s) or correct encryption keys. Entire file system is encrypted (e.g., file names, folder names, contents of every file,
free space, meta data, etc). Files can be copied to and from a mounted VeraCrypt volume just like they are copied to/from any normal disk (for example, by simple
drag-and-drop operations). Files are automatically being decrypted on the fly (in memory/RAM) while they are being read or copied from an encrypted VeraCrypt volume.
Similarly, files that are being written or copied to the VeraCrypt volume are automatically being encrypted on the fly (right before they are written to the disk) in RAM.
Note that this does not mean that the whole file that is to be encrypted/decrypted must be stored in RAM before it can be encrypted/decrypted. There are no extra memory
(RAM) requirements for VeraCrypt.
VeraCrypt is a software for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data is automatically
encrypted right before it is saved and decrypted right after it is loaded, without any user intervention. No data stored on an encrypted volume can be read (decrypted)
without using the correct password/keyfile(s) or correct encryption keys. Entire file system is encrypted (e.g., file names, folder names, contents of every file,
free space, meta data, etc). Files can be copied to and from a mounted VeraCrypt volume just like they are copied to/from any normal disk (for example, by simple
drag-and-drop operations). Files are automatically being decrypted on the fly (in memory/RAM) while they are being read or copied from an encrypted VeraCrypt volume.
Similarly, files that are being written or copied to the VeraCrypt volume are automatically being encrypted on the fly (right before they are written to the disk) in RAM.
Note that this does not mean that the whole file that is to be encrypted/decrypted must be stored in RAM before it can be encrypted/decrypted. There are no extra memory
(RAM) requirements for VeraCrypt.
AdGuard is a unique desktop program that has all the necessary features for the best web experience.
The software combines the world's most advanced ad blocker for Windows, a whole privacy protection module, and a parental control tool — all working in any browser or app.
AdGuard is a unique desktop program that has all the necessary features for the best web experience.
The software combines the world's most advanced ad blocker for Windows, a whole privacy protection module, and a parental control tool — all working in any browser or app.
AdGuard is a unique desktop program that has all the necessary features for the best web experience.
The software combines the world's most advanced ad blocker for Windows, a whole privacy protection module, and a parental control tool — all working in any browser or app.