Nirsoft's latest tool helps you manage Windows Defender Threats in bulk
WinDefThreatsView is a new freeware tool for Microsoft's Windows 10 and 8.1 operating systems by Nirsoft that assists administrators in managing threats detected by the operating system's built-in antivirus protection Windows Defender Antivirus.
Windows Defender Antivirus is the default antivirus solution on Windows 10. Users may install third-party security software which may take over but part of the userbase uses the default solution instead.
Like many other built-in Windows tools, Windows Defender Antivirus is not particular well designed when it comes to configuring and managing the application. The program displays a notification when a threat is detected but the only option to deal with those is on a one-on-one basis. Important management dashboards such as the threat history or various protections are not easily located on the system and it often takes lots of clicks and knowledge to open these menus.
WinDefThreatsView
WinDefThreatsView provides an alternative, at least when it comes to managing detected threats. The free program is provided as a 32-bit and 64-bit version for Microsoft's Windows 10 and 8.1 operating systems.
Just run the program from any location; it is provided as an archive that you need to extract first but does not need to be installed.
The application lists all detected threats in its interface. For new threats, it is necessary to hit the refresh button if the program is running already to have these picked up and listed as well. The program loads local threat data by default but you can use it to display the threat data of remote computer systems as well.
Select Options > Advanced Options to do so. You need to switch to "Load threats data from remote computer" and specify the computer name and username/password if required.
Note that you may run the tool on a Windows 7 machine to connect to a supported operating system using the remote computer option.
All threats are listed with the filename, threat name, severity, domain user and process name, time and data of initial detection and remediation, threat ID and status, action, paths, and more.
All data or a selection can be saved to various file types including txt, csv, xml and json. A right-click on a selection displays options to handle all selected threats at once.
Select "Set default action for selected threats" to select an action, e.g. quarantine, allow, block or remove, that you want applied to the threat. You may use it to manage all threats or a subset of threats at once which improves manageability significantly.
You may also run the program from the command line but only to export threats to a new file that you specify.
Closing Words
WinDefThreatsView is a handy portable program for Microsoft Windows administrators who manage systems with Windows Defender Antivirus enabled. Besides the useful option to manage multiple threats at once, it is also capable of exporting threat data to several file formats.
Now You: Which security solution do you use on your devices?
I really don’t understand why Sophos isn’t the first name anyone thinks of when it comes to threat protection. Running my own tests for years using honeypots and imaging against the top ten paid and free packages, Sophos came out number one for years. The only time it didn’t, it just missed and came in at number two.
– ClamAV
– McAfee Stinger
– Kaspersky Virus Removal Tool
This is great. Much better than having to deal with Microsoft’s crappy modern UI.
“Like many other built-in Windows tools, Windows Defender Antivirus is not particular well designed when it comes to configuring and managing the application.”
This is the truth. I pay for 3rd party AV just so I have more control over it.