Warning Microsoft Defender Problem

[History Fan]

If you're talking about restore points, shut it off & it'll delete them,
then turn it back on.

The OP was referring to "checkpoints", which are created by Windows
Defender for various reasons. I suppose these are similar to XP's "restore
points". However, Windows Defender is creating a ridiculous amount each
day, sometimes as many as 6. These take up a lot of hard drive space and
are unnecessary. Restore Points are only generated once a day, even less if
you have a smaller hard drive.

It's a pity, because until the latest engine upgrade, Windows Defender
beta 2 was working perfectly for me.

 

[kes]

You say:

I didn't like Beta 2 as well as Beta 1 and tried to go
backward, but MS would not reload the Beta 1.

No true.

1- Uninstall WD.

Then go to:
http://www.filehippo.com/download_microsoft_antispyware/

and there you will find Beta 1 (1.0.701).

It installs just fine - though its names are numbered. (79 days, as of
today)

 

[Stuart]

This solution comes from microsoft.private.security.spyware.general and it
works. The exact cause of the problem, for those who were guessing, is that
a checkpoint is created by Defender every time you reboot the system. I
reboot my system moving between two very different environments three to six
times per day. I should have thought about the link. The checkpoints are in
a push-down-stack and I came close to losing the critical pre-registry clean
checkpoint that I created manually.

Be careful regedits are no fun, but the fix follows:

In the registry editor,

Create a "REG_DWORD" Key named "DisableRestorePoint" and set it to TRUE
under the following location in the registry.

HKLM/Software/Microsoft/Windows Defender/Scan/
--------------------------------------
This needs a little interpretation:

1) find the location named above.
2) Highlight the Scan object, and right click it, choose permissions, and
give your user FULL.
3) create a value as instructed above, and set it to "1."
4) reverse your action in 2)--uncheck Full for your user.
-------------------------------------------------------

Or alternatively described by another user:
If I have correctly understood from Bill the correct sequence it is this:

1) In the registry editor, find the following location.
HKLM/Software/Microsoft/Windows Defender/Scan

2) Highlight the "Scan" object, and right click it, choose permissions, and
give your user FULL.

3) Under "Scan" key, create a "REG_DWORD" value named "DisableRestorePoint",
and set it to "1".

4) Reverse your action in 2) - uncheck FULL for your user.

However I believe that for these operations it is better not to be beginners
with the Windows Registry.

Stuart//

 

[Stuart]

I should have given this background from
microsoft.private.security.spyware.general as well.

About a month ago I did a major clean of my registry and I have the
Defender Beta. What I am concerned about is the three to six checkpoints
per day Defender is creating and whether the checkpoints are in a
push-down-stack that might cause me to loose the critical manually set
checkpoint after my registry clean a month ago. Do I need to uninstall
Defender?

Stuart//

 

[History Fan]

However I believe that for these operations it is better not to be

beginners
with the Windows Registry.

Stuart//

Thanks for the info, but I think I'll let Microsoft fix the problem
first.

 

[pcbutts1]

Additionally for the squeamish, I created a file that will merge the key for
you. You can download it here
http://www.pcbutts1.com/downloads/defenderfix.reg You MUST perform step 2
as stated by Stuart, download the file perform step 2 then double click on
the defenderfix.reg file to merge it into the registry.

For those that use the MVP.org host file then perform the steps below to fix
the issue.

Cut and paste everything between the lines and paste it into notepad. Save
the file as defenderfix.reg and save it to the desktop. make sure you change
the save as type.... drop down box to all files. Once saved double click on
the file to merge it into the registry. Reboot.


Begin cut below this line
===================================================================================
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Scan]
"DisableRestorePoint"=dword:00000001


====================================================================================
End cut above this line
Perform step 2 then double click on the defenderfix.reg file to merge it
into the registry.


--


The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com

 

[Leythos]

Additionally for the squeamish, I created a file that will merge the key for
you. You can download it here

Ask yourself if you really want to trust the advice and files provided
by a person that has all of their posts deleted, hides by 20+ different
identities, and has foul content on their website that they post links
too in Usenet.

Only download software you can validate as uncompromised - in the case
of non-vendor site you have no guarantee that the files are unmodified
or uncompromised. Anyone providing a link to a non-vendors site with a
direct download should not be trusted, the vendors sites are the safest
place to download their application.

No person of sound mind would download files from a hack site that
requires a password to access the unknown files when they are available
directly from the vendors.

Always remember - only download files from Trusted Sites.

Only a fool would download a .reg file from an anonymous poster without
fully understanding it - and if you could fully understand it you would
not need the reg file.

 

[pcbutts1]

WARNING! Leythos the stalker is back again stalking me. He has no choice but
to stalk me since he cannot stop me from posting. The fool did not even
understand my previous post because he is a dumbass, So the only thing he
could do is make an idiot post.

--


The best live web video on the internet http://www.seedsv.com/webdemo.htm
NEW Embedded system W/Linux. We now sell DVR cards.
See it all at http://www.seedsv.com/products.htm
Sharpvision simply the best http://www.seedsv.com

 

[Leythos]

WARNING! Leythos the stalker is back again stalking me. He has no choice but
to stalk me since he cannot stop me from posting. The fool did not even
understand my previous post because he is a dumbass, So the only thing he
could do is make an idiot post.

That's funny, I call you out for your posting that violate security
norms, for your pilfering of others code, and I ignore your posts that
don't do that, and you say I'm stalking you.

If I let your posts that don't violate security norms go by without
comment, and I ONLY warn unsuspecting readers of the risks about the
types of files/fixes you post, it's not stalking little chris.

To the group: Ask yourself if you really want to trust the advice and
files provided by a person that has all of their posts deleted, hides by
20+ different identities, and has foul content on their website that
they post links too in Usenet.

Only download software you can validate as uncompromised - in the case
of non-vendor site you have no guarantee that the files are unmodified
or uncompromised. Anyone providing a link to a non-vendors site with a
direct download should not be trusted, the vendors sites are the safest
place to download their application.

No person of sound mind would download files from a hack site that
requires a password to access the unknown files when they are available
directly from the vendors.

Always remember - only download files from Trusted Sites.