Skip to content

I’ve given Windows Defender a try and came across a good antivirus

25 mayo, 2021

On many occasions, users, the media and the general public tend to criticize Microsoft products simply because it is theirs. It has happened with Internet Explorer, with its operating systems and more recently it has happened to Microsoft Edge, although we have had a pleasant surprise after using it thoroughly.

When I published this article a month ago, and seeing the reaction of many of you in the comments, I wondered if perhaps that ex-Mozilla engineer was not right. Perhaps many of us, including myself, were in a hurry to discard the Microsoft program, so I decided test Windows Defender as antivirus for a month. And like Edge, I was also surprised.

According to Project Zero, third-party antivirus programs generate a larger attack surface for crackers willing to exploit it. Nor should we forget that many bugs have been found in products from other brands such as Trend Micro.

So I decided to break a spear in his favor, even knowing that many of you have told us that using Windows Defender as antivirus is reckless. After a month of using it as my daily antivirus, these are the conclusions I have reached.

A simple interface and zero hassles


Before testing with Windows Defender, I was using Avast as an antivirus. Its interface is well known, perhaps somewhat overloaded. The Windows Defender is the a software that knows what it is and that offers just enough to interact with it: a tab to examine the system, another to update the virus definitions manually and another to see the history of detections.

Regarding design, far from being a visual assault. The colors are basic and I would even dare to say that they are pleasing to the eye, which is in direct contrast to Avast’s peacock complex and its heavily made-up design. It is a program with a minimalist design, which is good for what it does and does not need add-ons.

Another point that I have found interesting throughout the time that I have been testing it has been the total absence of pop-ups, that either they were trying to sell me an Avast service, or they were blatantly trying to scare me into buying more products, or I believed that their antivirus, and only their antivirus (in the Pro version, yes), was going to protect me against all wrong.

Another aspect in which Windows Defender has made clear its willingness to work quietly, at its own pace and without disturbing the user is in the very little RAM memory consumption and zero CPU consumption when in state idle. At the time of writing this article, my Task Manager is consuming 1.9 MB of RAM and an exact 0% of CPU.

Regarding the matter of virus definition updates, these arrive daily, just like in any other antivirus product. The operating system itself may be in charge of reminding you that it needs them through Windows Update, but that will be the only pop-up it will show you. Otherwise, it also has real-time detection like any other product in its class.

Low detections, a matter of interpretation

In the video that presides over these lines, you can see Chema Alonso giving an interview to Microsoft Insider. In it they ask about Windows Defender, and your answer is quite clear:

Through Windows Malicious Software Removal Tool, Microsoft collects information on security incidents that all its systems worldwide are reporting. With which you know, with clear and direct numbers, which malware, which spyware is affecting its users the most, which is more distributed, which is not and which ones have not been seen anywhere for more than eight months or more than a year. So what does he do? With all this information, it generates a very efficient antivirus system where it removes the old and adds the new.

What’s going on? That in many of the antivirus comparative tests they put samples and say “let’s see who detects more!”, And maybe they say “oh, Microsoft has only detected 70%”. Yes, it will have 70%, but if we look at only those that have Windows computers in the last six months it detects 99%.

Moreover, in some comparisons of international media, Windows Defender doesn’t even show up. In other comparisons, such as the one carried out annually by AV Comparatives, it does not appear very well for the same reason.

And it is that being a antivirus with cloud-based protection, many of the old threats are not detected. That is the main problem. In any case, and given the fast and ever-changing nature of the Internet (and the cybersecurity community in particular), I find it very difficult for any user to be infected with Blaster or Sasser at this time.

What would be irresponsible would be entrust all protection to antivirus. Regardless of whether you use Windows Defender, Avast, BitDefender or Kaspersky, it never hurts to complete this program using antimalware such as MalwareBytes or RogueKiller. They usually go further than antivirus programs, and that’s the only thing that hasn’t changed in the time I’ve been testing Windows Defender: I’ve kept RogueKiller on my hard drive.

Moving Windows Defender to my computer


When making a file system scan With Windows Defender, it is as easy as choosing between one of the three options that the program gives us in the upper right part of the window:

  • Fast– Will search for malware in the most common infection sites on the hard drive C:.
  • Full: it will scan the entire file system and hard drives on our machine for viruses.
  • Personalized: it will allow us to choose the unit or units that we want to analyze, as well as in specific folders.

From there, the program will show us on the screen the type of exam it is taking, the time it started, the time that has elapsed since the start of the analysis and the elements examined. When I finish we will see the result on the screen:


I must clarify that I have gone taking weekly exams since I uninstalled Avast, and in all of them my computer has been clean as a whistle.

If it finds threats to security, at the end of the analysis it will show them to us and ask us to let’s say what to do with them. For this, it gives us three options: remove, quarantine and allow.

If we choose to “remove” the program will try to remove the file from our hard drive. If we quarantine it, it will stay in a secure area of ​​the software where the files are encrypted and stored so that they cannot transfer the virus to other files. If on the contrary it is a false positive, then we can use the “allow” option.

Ready to be your antivirus and comply

Keyboard 956 463 1280

From the point of view of a person who regularly uses his computer, does not use warez and does not ask an antivirus for anything except to do its job, Windows Defender can be a bedside program without problems, although it does not hurt that its use is accompanied by an antimalware.

During the month that I have been testing it I have come across a robust and lightweight antivirus that he does what he promises, that he knows what his role is, that he does not make me dizzy while he tries to show me what he is capable of and that, above all, he does not try to sell me anything.

Now, I am sure that there will be those who will cry out to heaven for saying this and I am aware that everyone has their needs, but there they go: nothing and nobody assures us that third-party antivirus works better than Windows Defender. Not even the comparative ones. In these publications, at best, what is said is which is the one that detects the most malware.

Within my experience of use, for me it is important that the program does its function and that do not try to distract the user with a lot of technical characteristics that, on the other hand, will not do better than the rest of the competition. More complete? Can. Different? Sure. The rest cannot be assured.

On the other hand, and taking all this into account, I have come to the conclusion that probably we have demonized Microsoft, perhaps unfairly. In fact, the demonization process has been going on for a long time. In this article published in SFGate in 1998 by Neil McAllister, the subject is widely discussed, citing several people in charge of launching a campaign to achieve it: Apple, Sun Microsystems, Oracle and Netscape.

McAllister he said it very clearly:

For Microsoft’s competitors, it is not important that we understand the difference between a malicious and a benign monopoly, or how a monopoly is identified in the American economy. For your purposes it is enough that we acknowledge that Microsoft is a monster, and that this is our chance to lock the beast in a tower and set it on fire … or lock it in chains in the basement for a while.

It is also true that since Satya Nadella arrived Microsoft has changed a lot. It has even bridged Linux. But nevertheless, that smear campaign that its rivals launched almost 20 years ago has worked so well that today a good part of users continue to say that the Redmond company is evil and its products are not worth it. .

Does this mean that now I’m going to be an apostle of Microsoft and defend them tooth and nail? Of course not. The merits will have to be recognized, but it will also be necessary to do the same with the errors.