ConfigureDefender – View and Change Hidden Features of Windows Defender

ConfigureDefender allows to View and Change Hidden Features of Windows Defender in Windows 10.

ConfigureDefender - View and Change Hidden Features of Windows Defender

ConfigureDefender a third party software to view and configure important Windows Defender settings on Windows 10. The app mostly uses PowerShell cmdlets (with a few exceptions). Furthermore, the user can apply one of three predefined Protection Levels – Default, High, and Max. ConfigureDefender is integrated with Hard_Configurator GUI but can be used as a standalone application, too.

Most settings available in “ConfigureDefender” are related to Windows Defender real-time protection and work only when Windows Defender real-time protection is set to “ON”. Note – These two settings (followings) should never be modified because important features like “Block at First Sight” and “Cloud Protection Level” will not work properly – “Cloud-delivered Protection” = “ON” “Automatic Sample Submission” = “Send”

ConfigureDefenderĀ  allows to view and Change Hidden Features of Windows Defender

ConfigureDefender Protection Levels (predefined settings):


Windows Defender default configuration is implemented automatically when installing the system. It offers basic antivirus protection that can be used to revert instantly any configuration to Windows default.


The utility includes enhanced configuration which activates Network Protection and maximum of the Exploit Guard (ASR) features. 3 Exploit Guard features moreover Controlled Folder Access ransomware protection is disabled to avoid false positives. This is the recommended configuration that is suitable for most of the users and gives significantly increased security.


The utility provides the superlative secure protection level which includes all advanced Windows Defender features and hides Security Center. ConfigureDefender UI Configuration allows change. The MAX settings safeguard casual users and children furthermore it can be also used to maximize the protection. It also sends notifications. This protection level commonly causes more false positives compared to the HIGH settings you might have expertise or skill.

How to ConfigureDefender custom settings

You may customize your configuration by choosing any of the three protection levels and then change individual features.

How to apply the settings

Choose a Protection Level or custom configuration, press the Refresh button and allows the tool to confirm the changes. ConfigureDefender will alert if any of your modifications have been blocked. Reboot to implement the chosen protection.

Audit mode

You are able to set Multiple ConfigureDefender options to Audit mode. In this setting, Windows Defender will log events and warn the user about processes which would otherwise be blocked with this setting “ON”. This feature is available for users to check for software incompatibilities with applied Defender settings. You can also keep incompatibilities away by adding software exclusions for Controlled Folder Access and ASR rules.

Defender Security Log

This option can gather the last 200 entries from the Windows Defender Antivirus events. These entries are reformatted and displayed in the notepad. The below event IDs are included – 1006, 1008, 1015, 1116, 1117, 1118, 1119, 1121, 1122, 1123, 1124, 1125, 1126, 1127, 1128, 3002, 5001, 5004, 5007, 5008, 5010, 5012. Analyzing the logs can be useful when a process or file execution has been blocked by Windows Defender Exploit Guard.

ConfigureDefender works on Windows 10. Windows 8.1 and earlier versions are not supported. Microsoft has added new Windows Defender features with successive Windows 10 feature updates. Below is the list of ConfigureDefender features available on different versions of Windows 10 –

At least Windows 10

Real-time Monitoring, Cloud-delivered Protection, Cloud Protection Level (Default), Cloud Check Time Limit, Automatic Sample Submission, Behavior Monitoring, Scan all downloaded files and attachments, Average CPU Load while scanning, PUA Protection.

Bonus Tip –

If you want to view Windows Defender hidden feature then simply run the following cmdlet on PowerShell (Elevated) –


You are able to use Set-MpPreference to configure them. For example, in order to disable the Behavior Monitoring feature in Microsoft Defender, you can use the below command –

Set-MpPreference DisableBehaviorMonitoring True

Download the tool.

Sharing is caring    Share Whatsapp

Topics:  Software
About Sunita
Love to play with Windows 11 and 10. Suggestion - Going for Registry change or system files edit then remember to take a backup or create a restore point before Starting.