Windows Defender is a system utility available for Windows XP, and included with Windows Vista and 7. Like Microsoft’s other built-in system utilities, it makes no pretense of being a fully configurable power tool, and instead provides a set-and-forget experience for basic users.
Of course, you have to trust the maker, and there is good reason to distrust Microsoft’s antimalware offerings. Nor is Defender reliable: I have repeatedly observed it to let malware through and to allow the malware to silently deactivate it — malware that is detected by third-party tools. Defender is, however, the only no-cost antimalware I know that offers real-time protection, automatic updates, and a set-and-forget model. So while I do not recommend Defender, it is better-than-nothing for those users unwilling to invest either time or money in a more trustworthy solution.
It is frequently claimed that Microsoft Security Essentials (MSE) replaces Defender. Not true, says Microsoft: A superset of Windows Defender, MSE bundles Defender with an antivirus. Both Defender and MSE are under active development and serve different needs.
Further muddying the waters is Microsoft’s bad habit of giving materially different products identical names. Defender for Windows 8 is a different product. In Microsoft’s words, “Windows Defender on Windows 8 is more like MSE than like Windows Defender on older versions of Windows.” This article considers only Defender for XP, Vista, and 7, and does not consider the identically named but materially different Defender for Windows 8.
FIRST TIME CONFIGURATION
With the Control Panel in Icon view, open Defender. (Defender is not visible in the Control Panel in category view.) Once open, go to Tools – Options, and go through each item in the left column:
- In “Automatic Exam,” set it to update its definition files before beginning. Set other options as desired. I usually set it to perform an automatic quick scan daily at noon or another time likely to be idle, and to begin a scan only when the system is idle.
- In “Default Actions” and “Real Time Protection,” set the actions desired. For most users, the default settings are a good starting point. If you also have other spyware scanners installed, keep in mind that you should not have more than one scanner providing real-time protection.
- In “Excluded Files and Folders” and “Excluded File Types”, exclude nothing unless you have reason to.
- In “Advanced” and “Administrator,” select all options unless you have reason to do otherwise.
Once you have selected your changes, save them. Then open Tools – Microsoft Spynet and choose the option desired. Microsoft has not earned my trust, so I opt out of participation.
In Tools – Permitted Elements, insure that nothing is set to bypass Defender supervision. If you later need to have Defender skip something, you can add it here.
In the task bar at the top of Defender, click on the small down arrow to the immediate right of “Examine” and select “Full Exam”. A scan will begin and will probably take some time to complete. When finished, examine the results to insure that all went well.
If set up as described above, the computer will now have automatic protection adequate for most users, with both real-time protection and a daily background scan enabled.
Is Defender not what you’re looking for? See my list of other spyware scanners.