Windows Defender Checkpoints

[Guest]

Good evening,

While making a restore point a few minutes ago in preparation for tomorrows
Microsoft Security Updates I noticed I have restore points established from
July 5 to the present. The majority of these restore points are mainly
'Windows Defender Checkpoints'.

It seems these 'checkpoints' are eating up the majority of available restore
points for my computer.

Is there any way to limit the number of times each day that Windows Defender
establishes a 'checkpoint restore point'?

Some times I have as many as 10 of these Defender restore points in a given
day.

I would rather have more days available with restore points than multiple
restore points for a single day.

Thanks and regards,

2harts4ever

 

[Guest]

I quote a Bill S.

I know of no change to this issue. However, we do have a set of registry
editing instructions to create a new key which will modify this behavior--so
if doing that is acceptable to you I'll post that (once I find it!)
------------------------------------------------------------------------------
Steve Dodson has posted a workaround to eliminate the behavior, and I
have taken the liberty of expanding on his somewhat terse treatment:

-------------------------------------------------------------------------
It is possible to stop this activity, but it takes some care and registry
editing.

Important: This message contains information about how to modify the
registry. Make sure to back up the registry before you modify it. Make
sure that you know how to restore the registry if a problem occurs. For
more
information about how to back up, restore, and modify the registry, click
the following article number to view the article in the Microsoft
Knowledge Base:
256986 (http://support.microsoft.com/kb/256986/) Description of the
Microsoft Windows registry

Start, run, Regedit <enter>

Navigate to:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Scan

Right click that folder in the left tree view, and choose "Permissions"
With your username highlighted, click Full Control in the Allow column,
and "Apply"

With the Scan folder highlighted choose:

Edit, New, DWORD value, and type in "DisableRestorePoint"
and hit enter.

Double-click DisableRestorePoint in the right column, and set the Value
to 1, hexadecimal.

Right-click Scan in the left tree view, and choose "Permissions"
With your username highlighted, Uncheck "Full Control" in the Allow
column, and "Apply"

Close the registry editor by hitting the X in the upper right corner, or
File, Exit.
--
For the benefit of the community reading this post, please rate the pºst.

I hope this post is helpful.

Let us know how it works ºut.

Еиçеl
--

 

[Guest]

It seems these 'checkpoints' are eating up the majority of available restore
points for my computer.

Is there any way to limit the number of times each day that Windows Defender
establishes a 'checkpoint restore point'?

If, like me, you're unwilling to embark on the registry-editing fix
mentioned by Engel, a simpler solution is to turn off Defender's Real-time
Protection until the bug has been fixed. That's what I've done.

 

[Guest]

Morning Engel and Alan D,

I have decided to take the less risky approach as far as the registry is
concerned and just turn off "Defenders" 'real-time' protection for the time
being.

Like Alan I hope a program fix will be forthcoming soon to alleviate this
problem. I couldn't swear on it, but I am sure 'Windows Defender' didn't
eat up most of my alloted restore point disk space when I first started using
it.

Thank you both for taking the time to respond and have a great day!

Regards,

2harts4ever

 

[Robin]

I did the same thing till MS fixes this
robin

If, like me, you're unwilling to embark on the registry-editing fix
mentioned by Engel, a simpler solution is to turn off Defender's Real-time
Protection until the bug has been fixed. That's what I've done.

 

[Guest]

Turning off real-time protection is asking for more trouble than you might be
willing to attend. The registry tweak is far more useful and doers not let
down your guard,

Set a restore point before editing the registry, in case you are exceedingly
clumsy in your use of RegEdit. That will guard against errant keystrokes.

 

[Guest]

Turning off real-time protection is asking for more trouble than you might be
willing to attend. The registry tweak is far more useful and doers not let
down your guard,

No, no, no. I really can't agree here. The difference is between the slight
risk of not having RTP (assuming safe browsing habits), and the near certain
catastrophe of me bumbling around in the registry, not having the faintest
idea what I'm doing.

But the safest solution of all, of course, is for Microsoft to fix the bug -
sooner rather than later.

 

[Guest]

I have talked countless newbie through aREEdit sesion. It is no more
difficult than learnng a new text editor. The consequences of "bad grammar"
are a bit more harsh, however. That's why you set a restore point
beforehand. This makes even the biggest catastrophe readily reversible.

What does "safe browsing habits" have to do with much of anything?

Do you read email as HTML? STOP IT! Embedded malicious scripts and rogue
links will teach you a lesson you may not soon forget. Do you ICQ or IM?
They are legendary harbors of malware. Have you shared a CD/DVD or "thumb
drive" with a friend? Great way to destroy your data, I dare say.

Then again, do you open ANY attachment ... especially from friends and
coworkers that you know and trust? Who's to say that it was not sent from a
remote location AFTER your frined's Address Book was forwarded?

Now you know why I say that "only the paranoid survive".

Please keep in mind that you have nine more installs before you get to
contribute to the Bill and Melissa Gates Foundation. So feel free to perform
unprotected hex with whomever you like. ;-)

 

[Guest]

I have talked countless newbie through aREEdit sesion. It is no more
difficult than learnng a new text editor. The consequences of "bad grammar"
are a bit more harsh, however. That's why you set a restore point
beforehand. This makes even the biggest catastrophe readily reversible.

From where I sit, knowing my limitations (and I suspect there are millions
like me), I find that too optimistic. I'm sure you've helped an enormous
number of people with your expertise; but I don't have the benefit of you
sitting by my shoulder, and I would say there is a 50% probability that if I
attempt to edit the registry I will trash my system merely through ignorance.
And I have no confidence in my ability to get up and running again if it
won't boot, no matter how many system restore points I have.

In the short time I've been consulting this newsgroup, I've learned that
there are as many views about internet safety as there are posters, and
almost as many varying pieces of advice. I can't follow them all. Some of
them are contradictory. I can only sift through them and try to reach some
kind of sensible decision short of paranoia.

Now: I know that there is an important issue with Defender's RTP on my
machine. (RTP on Microsoft Antispyware caused some issues too.) So I don't
trust these RTP systems yet. I am assuming (and certainly hoping) that very
soon Microsoft will issue a fix for the checkpoint bug.

So I've reached a kind of temporary compromise in which I do a series of
regular checks using an increasing range of programs and online scanners. I
never open emails from sources I don't recognise. I never open an attachment
even from friends unless they've specifically mentioned the attachment in the
email. And yes, there's still a risk. But there's a risk in crossing the
road, even if you have looked both ways.

But I repeat. There is only one clear and satisfactory solution, and that is
for Microsoft to issue a new version with this bug fixed. Very soon,
preferably.

 

[Robin]

I could not have said that better Alan
I totally agree with you
robin

 

[plun]

Hi Alan

It´s much more important to have RTP in action then to have RPs.
If someone Hijacks your PC you will probably directly see it.
Often a bombardment with popups and a really slow PC.

So use RTP and perhaps skip some daily scans to save RPs......

For a normal user which knows about "risky sites" there is
only a minor risk that something happens, no need for "paranoia".

It´s also much more important with a daily antivirus scans beacuse
mostly all trojans and really malicious code are defined within
antivirus definitions.

So WD is a "little helper" to avoid som dumb "applications" which
business without scruples and the bad guys serves us.

And..... your drive can "explode" beacuse of mechanical failure within
next second so don´t forget to backup personal data, burn to CD or DVD.
or transfer to a another drive.

So RPs is a little problem in the end.......

But hopefully MS makes it better.

regards
plun

 

[Guest]

Hi Alan

It´s much more important to have RTP in action then to have RPs.
So use RTP and perhaps skip some daily scans to save RPs......

I'm reluctant to do this, because most of the checkpoints are nothing to do
with my daily scans. It generates them every time I start up because of
conflicts with (I think) an AOL driver, and I can't stop that.

For a normal user which knows about "risky sites" there is
only a minor risk that something happens, no need for "paranoia".

I entirely agree. I don't feel this is a significant risk in my case.

It´s also much more important with a daily antivirus scans beacuse
mostly all trojans and really malicious code are defined within
antivirus definitions.
So WD is a "little helper" to avoid som dumb "applications" which
business without scruples and the bad guys serves us.

Exactly. I have Norton's RTP running all the time. I think the risk in
switching off Defender's RTP until they fix it is small - provided they fix
this bug soon!

And..... your drive can "explode" beacuse of mechanical failure within
next second so don´t forget to backup personal data, burn to CD or DVD.
or transfer to a another drive.

I learned this lesson the hard way, last year. I always back up.

So RPs is a little problem in the end.......
But hopefully MS makes it better.

I'll echo that, but louder. One more time:
MICROSOFT, MAKE IT BETTER SOON, PLEASE.