Skip navigation
shield_icon_laptop.jpg Getty Images

What To Do When Windows Defender Is Not Working

Windows Defender can stop working for a few reasons. Read these troubleshooting tips to figure out why it has happened and how to fix it.

Windows Defender (now referred to as Virus and Threat Protection) is Microsoft’s native antimalware technology for Windows. Normally, Windows Defender runs silently in the background, protecting your PC against various threats. Occasionally, however, you may find that Windows Defender has stopped working.

There are three common causes for why Windows Defender may have stopped running.

  1. Third-Party Product. If you are using a third-party antimalware product, it may have disabled Windows Defender so that it can do what it was designed to do unimpeded by Defender. If this is the case, it is normal and no cause for alarm.
  2. Malware Infection. Many types of malware disable Windows Defender in an effort to evade detection.
  3. Accident/Malfunction. In this case, Windows Defender has been accidentally disabled or Windows is malfunctioning.

For the purposes of this article, I am going to assume that your system is not infected with malware and that you are not running third-party antimalware software.

Check the Windows Security Service

If Windows Defender stopped working, the first thing that I recommend is to check that the Windows Security Service is running.

To do so, open an elevated PowerShell session and enter the following command:

Get-Service SecurityHealthService

In Figure 1, you can see what it looks like when Windows Security Service is running. However, if you find that the service has stopped, you can restart it by entering this PowerShell command:

Start-Service SecurityHealthService


Brien Posey\Users\Administrator>

Figure 1. Make sure that the Windows Security Service is running.

It is worth noting that the Windows Security Service is designed so that you can’t stop it by issuing a stop command through PowerShell or the Service Control Manager. Even so, it is possible for the service to simply malfunction or for the service to be forced offline through other means.

Keep in mind that starting the service alone is not enough to turn on Windows Defender. Once Windows Security Service has been started, you must check Windows Defender is running. You can do this by entering Control at the Windows Run prompt to open the Control Panel. Next, click on System and Security, followed by View in Windows Security. This will cause Windows to open the Windows Security console. Click on the Virus and Threat Protection tab, followed by Manage Settings. Make sure that Real-time Protection and Cloud-delivered Protection are turned on, as shown in Figure 2.


Brien PoseyScreenshot of Virus & threat protection setting tab in the Windows Security window. The Real-time protection feature is turned on. The Cloud-delivered protection feature is turned on.

Figure 2. Make sure that Real-time Protection and Cloud-delivered Protection are turned on.


Run Windows Update

As strange as it may sound, I have seen Windows Update fix problems that I couldn’t correct manually. It isn’t so much that Windows Update is providing a bug fix, but rather it may replace damaged system files with new versions. This is particularly true when it comes to installing feature updates.

Use the System File Checker

Another option is to run the System File Checker. The System File Checker scans all the operating system files to make sure they are valid. It will replace any damaged or outdated files.

To run the System File Checker, open an elevated command prompt window and enter the following command:

Sfc /scannow


Brien Posey\>sfc /scannow. Beginning system scan. This process will take some time. Beginning verification phase of system scan. Verification 100% complete.

Figure 3. The System File Checker can scan your system files and make replacements where necessary. In this case, the System File Checker has found and repaired some corrupt files.


Perform an Automated Fix

If the previous techniques don’t work, I recommend performing an automated fix. Before I show you how to do this, a quick word of caution: While the technique may fix Windows Defender, it can also change some of your other security settings. This technique will work on Windows 7, 8, 8.1, and 10, but it is not supported for use on Windows 11.

To perform an automated security fix, go to this Microsoft Windows support page. Once there, click the download button and follow the prompts. This tool will automatically enable the Windows Phishing Filter (Smartscreen Filter), User Account Control, Data Execution Prevention, Windows Firewall, and, of course, Windows Defender.

Brien Posey "Automatically fix Windows security issues. Windows 7, Windows 8.1, Windows 10." Instructions say, "Select the Download button on this page. In the File Download dialog box, click Run or Open..."

Figure 4. You can use Microsoft’s online tool to automatically enable Defender and several other Windows security mechanisms.


When All Else Fails

If nothing else seems to be working, then you might consider performing a clean operating system installation. While that might sound like a drastic step, keep in mind that Defender may have been damaged by malware. A clean installation (from scratch) will ensure that Windows is functional and that any traces of malware are removed.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.