Microsoft Defender Review: Decent Antivirus, No Installation Required
Microsoft Defender Antivirus comes pre-installed with Windows 10 and 11, providing a baseline level of malware protection for any PC that doesn’t have a third-party antivirus program running. It automatically steps aside when you install another antivirus but works quietly in the background otherwise. While it offers solid protection and is convenient since no installation is needed, it doesn’t quite measure up to some of the best free antivirus alternatives available. In fact, we’ve awarded Editors’ Choice status to two free antivirus apps: if you want straightforward antivirus protection at no cost, AVG AntiVirus Free is a strong pick. For a more complete security solution with a wide array of additional features, Avast One Essential is a better choice.
Deep Research: Standout Sourcing
Deep research capabilities through AI tools like ChatGPT are impressive. This feature enables you to ask detailed questions or choose topics for the AI to investigate and then produce an extensive report. In my testing, these reports often stretch to dozens of pages and cite 50 or more sources. I used this feature to research everything from selecting a showerhead to tweaking BIOS settings for overclocking a Ryzen 7 9800X3D processor. The reports generated are akin to spending a long time scouring the internet, reading multiple articles, and browsing forum discussions. Although the AI sometimes draws inaccurate conclusions, that is a risk inherent to any research process.
Gemini, another AI tool similar to ChatGPT, also offers deep research for free. I used both to investigate why OpenRGB, a program used to control RGB lighting, wasn’t loading my saved profile correctly. Both tools generated thorough reports that ultimately contained the solution to my issue.
Setup: No Installation Required
It’s important not to confuse Microsoft Defender Antivirus with Microsoft Defender for Business, which is a more advanced, enterprise-grade endpoint protection platform that requires a paid subscription.
One of the advantages of Microsoft Defender Antivirus is that it comes pre-installed on Windows PCs, meaning there’s no need to download or install anything extra. If you are using Windows, you already have it running in the background. Opening the Defender interface is simple—clicking its icon in the notification area launches the Windows Security app, which presents a clean main screen featuring large icons representing eight different security categories. The most critical sections for Defender’s antivirus functionality are Virus & Threat Protection, App & Browser Control, and the Protection History, each accessible either through the main screen or the sidebar menu.
Scan Choices
Unlike many antivirus programs that place a large scan button front and center, Microsoft Defender’s scanning options are part of the broader Virus & Threat Protection page. Defender emphasizes real-time protection over manual scanning.
During my tests, running a full system scan was notably slow, taking nearly four hours to complete. This was a stark increase compared to a previous test where it took only about 26 minutes. Defender’s own time estimates were often off, at one point suggesting that the scan would require an additional 31 hours midway through. Although the estimate gradually decreased, the overall scan time was almost double the current average for full scans. I carefully monitored the process, confirming the total duration of about 3 hours and 50 minutes. Interestingly, Defender’s own report at the end claimed the scan lasted only 2 hours and 11 minutes.
Even though I had removed all test malware samples before the scan, Defender still detected 97 threats, all originating from cache files associated with Microsoft Edge. It’s possible Defender has unique access to scan files in this cache in a way that other antivirus programs cannot.
Many antivirus programs use their initial full scan as a way to optimize later scans, resulting in significantly faster performance on subsequent attempts. For example, Bitdefender reduced its scan time by 92% on the second run, and ESET NOD32 Antivirus cut it by 91%. McAfee also showed similar improvements, going from over eight hours on the first full scan to under an hour on the second. I tested Microsoft Defender with a second scan to see if it would exhibit this behavior. Early into the scan, it indicated about 50 minutes remaining and then maintained that estimate for more than an hour without improvement. Seeing no evidence of a speed boost, I ended the test early.
Besides the standard Quick, Full, and Custom scans, Microsoft Defender also provides an Offline Scan option. This scan targets persistent malware that may resist removal during a normal scan by restarting the system and scanning before Windows fully loads. Because the scan runs before any malware processes can start, it can tackle threats that hide during regular operation. If you suspect malware remains after a standard scan, running the offline scan is a good next step.
Defender’s offline scan takes place during the Windows boot process, but other antivirus solutions with similar boot-time scanning functionality often boot into a separate Linux environment. This approach prevents any Windows-based malware from running at all during the scan. For example, Bitdefender’s Rescue Environment makes booting into Linux easy for removing stubborn malware.
