Share via

Disable Defender Notifications

Anonymous
2017-11-29T18:57:17+00:00

Is it possible to turn off the constant and very annoying "No threats" notifications from Windows Defender?

In other words, I want Defender to alert me only when it's found something, but not when it found nothing.  It's rightly assumed it found nothing if there are no alerts.

How do I make that happen?  And how soon can we expect an update if MS has overlooked this necessity?  (You may read that as, I expect this option to be available by the end of 2017, as it should have been available from RTM.)

Thank you.

* Moved from Windows 10/Security

Windows for home | Windows 10 | Security and privacy

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

8 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2017-12-01T03:49:56+00:00

    Was this answer helpful?

    4 people found this answer helpful.
    0 comments
  2. Anonymous
    2017-11-29T23:47:28+00:00

    Hi Jim,

    For us to better assist you with your query on how to disable the Windows Defender "No threats" notification, we'd like to know which build and version of Windows are your running on your computer? To check, press Windows key + R > type winver > hit Enter.

    We're looking forward to your reply.

    Was this answer helpful?

    3 people found this answer helpful.
    0 comments
  3. Anonymous
    2017-12-15T19:17:19+00:00

    This tutorial explains how to turn off the non-critical (no threats found) notifications:

    https://www.tenforums.com/tutorials/50579-turn-off-windows-defender-enhanced-notifications-windows-10-a.html

    The critical (threats found) notifications can’t be turned off. We query for detailed threat information with the PowerShell Get-MpThreatDetection command in order to find out if a threat was properly cleaned, or if we need to take additional actions to complete the cleaning.

    The problem with repeating detections for Trojan:HTML/Brocoiner!rfn seems to have subsided, and the threat catalog information was updated on 12/13/2017:

    This JavaScript code is a cryptocurrency miner that has been found on both malicious and compromised websites, including sites that offer streaming videos, adult content, and online shopping.

    When this JavaScript is loaded—whenever one opens a webpage containing it—it automatically starts to mine for Monero or other cryptocurrency. This mining activity, often initiated without user consent, consumes resources and can slow down affected PCs.

    This JavaScript code does not install itself and is simply deleted byWindows Defender Antivirus upon detection. This code might be detected multiple times during a short period if the page containing it is kept open or revisited.

    So we’re being told that repeating detections are normal for webpages that are running the detected script. But this doesn’t entirely clarify the situation, because the threads from Bleeping Computer were associating these repeating Microsoft detections for Trojan:HTML/Brocoiner!rfn with a Malwarebytes detection for Rootkit.Fileless.MTGen.

    GreginMich

    Was this answer helpful?

    1 person found this answer helpful.
    0 comments
  4. Anonymous
    2017-12-13T22:39:30+00:00

    Repeating threat detections often mean that Windows Defender just wasn’t up to the task of removing the malware that it detected. Sometimes you can complete the removal process with something as simple as running a scan with Windows Defender Offline. You can query for any additional actions that might be needed by running the PowerShell Get-MpThreatDetection command, and then examining the value of the Additional Actions Bitmask:

    https://answers.microsoft.com/en-us/protect/forum/protect_defender-protect_scanning-windows_10/windows-defender-notification-saying-it-has-found/e40c5309-d2a1-437a-b205-75c6bc7e77ca

    In many cases though, you’ll need to run a scan with a third-party malware-removal app in order to complete the malware-removal process. For example, many of the repeated detections that we’ve been seeing lately are for Trojan:HTML/Brocoiner!rfn. This Beeping Computer thread suggests that just scanning with Malwarebyes in Safe Mode might be sufficient for the removal of this threat:

    https://www.bleepingcomputer.com/forums/t/665035/infected-with-trojan-htmlbrocoinerrfn/

    Note the references to Rootkit.Fileless.MTGen in the detections.

    If scanning with Malwarebytes doesn’t stop the notifications; then follow the steps in this removal guide, which can be applied to other threats in addition to Trojan:HTML/Brocoiner!rfn:

    https://malwaretips.com/blogs/remove-trojan-html-brocoiner/ 

    Of course there are some cases where repeated detections appear to be caused by remnants of previously installed or preinstalled AV apps, so you might need to use the removal utilities for those:

    https://answers.microsoft.com/en-us/protect/forum/mse-protect_start/list-of-anti-malware-product-removal-tools/2bcb53f7-7ab4-4ef9-ab3a-6aebfa322f75

    Or by file system corruption, where you’ll need to scan with the System File Checker and DISM:

    https://answers.microsoft.com/en-us/windows/forum/windows_10-update/system-file-check-sfc-scan-and-repair-system-files/bc609315-da1f-4775-812c-695b60477a93

    GreginMich

    Was this answer helpful?

    1 person found this answer helpful.
    0 comments
  5. Anonymous
    2017-11-30T14:20:33+00:00

    Currently 1607, 1703 and 1709.  All three systems notify me that a scan was completed and nothing found.  I don't care when nothing is found.  It's only important to know when something is found.

    Was this answer helpful?

    0 comments