How to Solve Windows Defender Problems

How to Solve Windows Defender Problems
Page content

Windows Defender Anti-Spyware

Microsoft is providing free anti-spyware program to customers using XP, Vista and Windows 7. The anti-spyware program is built-in on Vista and Windows 7 operating systems. It can be installed in XP users that have passed Windows genuine advantage validation. Windows Defender provides real-time protection from spyware and potentially unwanted software (PUPs).The program allow end-users to schedule a scan or manually run a quick, full or custom scan. Windows Defender does not scan a networked computer, which means end-users with more than 1 PC should install and run a scan on each machine to protect and detect spyware or PUPs.

Changes on critical system areas that are not rated as risk yet can be monitored by Windows Defender but it is not enabled by default. Another feature in Windows Defender is the optional Microsoft Spynet, which is also known as community-based protection or detection, where actions applied by other Windows Defender users are shared to other users of the program.

Like other software for Windows, there are also known Windows Defender problems and below are some of the common and known issues in using Windows Defender, with possible solutions.

Windows Defender Installation Issues

There are four known issues when installing Windows Defender:

  • It is not possible to install the free anti-spyware by Microsoft on remote desktop service or terminal services. Doing so will only provide an error message, “Error 1719. The Windows Installer Service could not be accessed” and the installation result is unsuccessful. The solution is to install the anti-spyware program from a console session on the terminal server.
  • End-users of Windows that are using non-English language versions of Windows may see an error message, “Error 1609. An error occurred while applying security settings. User is not a valid user or group.”. This problem has been fixed by Microsoft by releasing a new version of Windows Defender that fixes the installation in non-English version of Windows. Download a new setup file of Windows Defender from the Microsoft website.
  • When performing a custom install of Windows Defender on a 64-bit edition of Windows, the program might not work correctly. The solution is to uninstall Windows Defender using the command prompt in Windows: Click on Start, click Run, and then type cmd.exe. Click OK to open the command prompt. In command prompt window, type MsiExec.exe /x {A5CC2A09-E9D3-49EC-923D-03874BBD4C2C} and then hit enter key on the keyboard. Click Yes on the un-installation prompt. Close the command prompt window and proceed to reinstall Windows Defender using the default install options.
  • Upgrading to Windows Vista from XP systems that have Windows Defender will display an error message, “Application failed to initialize”. The same error message may appear if you tried removing Windows Defender after upgrading to a Vista system. To solve the problem, re-install Vista or run the System Restore program in Vista to restore the system prior to removing Windows Defender.

Problems Updating Windows Defender

In some cases, the definition updates for Windows Defender to detect spyware and PUPs become corrupted. When you try to update the definitions, you received an error message that Windows Defender definition updates cannot be checked, downloaded, or installed. The solution is to replace the corrupted detection signatures by downloading the definition updates from Microsoft, and then manually install it in Windows.

Another known issue in updating Windows Defender is when a computer is running Software Update Services (SUS) 1.0 to check for updates. Microsoft does not deliver updates for Windows using SUS 1.0; you will only get an error code “0x8024002b” when updating Windows Defender. The solution is to install Microsoft Windows Server Update Services (WSUS). You can download it from Microsoft Download Center website.

Performance and Usability Issues of Windows Defender

The following problems in using Windows Defender are known to Microsoft and have provided fixes or work-around:

  • High CPU usage - End-users of Windows Defender anti-spyware program may encounter performance issues on Windows with. high CPU usage of svchost.exe, and you may receive an error message, “SVCHOST.exe Application Error. The instruction at 0x0745F2780 referenced memory at 0x000000000 the memory could not be read.” This problem was corrected by Microsoft by releasing a new version of Windows Update Agent (WUA) and by providing a reliability update for Windows. Ensure that you have the latest version of Windows Update Agent and other important or recommended updates for Windows. XP users should visit the Windows Update website or use the Windows Update application in Vista and Windows 7 to download the available updates. You may also obtain the latest version of WUA from https://support.microsoft.com/kb/949104.
  • Error Code 0x800106ba - If you are receiving an error Code 0x800106ba when opening Windows Defender, the services of the program may be disabled. The same error code is displayed if required system files are corrupted or damaged. The solution is to enable Windows Defender service by typing services.msc in run box/command in Windows. Locate Windows Defender in the list of services, and then start the service. If the problem continues, proceed to register the required dll files in Windows. Click Start, click Run, type regsvr32 wuapi.dll, and then click OK. Do the same for the other dll files such as wuaueng.dll, wucltui.dll, wups.dll, wuweb.dll, atl.dll, softpub.dll, wintrust.dll, initpki.dll and mssip32.dll.
  • Windows Defender settings for all user accounts in Windows - When you change the settings of Windows Defender and then another user account logs on, you will notice that the settings of Windows Defender there are the same settings for Windows Defender that were applied. This behaviour is by design because Windows Defender does not store information per user basis but for all users’ accounts.
  • Keyboard shortcuts in using Windows Defender - When you try to use Windows Defender using common keyboard shortcuts, the program is not responding. This behaviour is by design if you are trying to use the ALT keyboard shortcut when viewing the Tools or Options page in Windows Defender. All other common keyboard shortcuts should work; e.g. arrow and enter keys.
  • Restoring quarantined files in Windows Defender fails - If you try restoring a quarantined file using Windows Defender, the restoration will not succeed. It is because the path or folder where the quarantined file originates is missing or no longer exists. Example: You have abc.exe in C:\Documents and Settings\My Music but you deleted My Music folder after Windows Defender had quarantined abc.exe. Restoring abc.exe from the quarantine will fail unless you will re-create My Music folder in C:\Documents and Settings folder as well.

Image credit: Screenshot taken by the author.