Microsoft has always been criticized for the security of Windows. The company's isn't deaf or blind, however, and over the years has added numerous features to its latest Windows operating systems in an attempt to shed this bad reputation. This includes applications like Windows Action Center, Microsoft Security Essentials, and Windows Defender.

Windows Defender is a built-in anti-spyware application. It is not an antivirus, for the most part, although it does have a limited ability to find and remove security threats. Its main function is to find and delete spyware that might slow your PC. Let's take a look at what Windows Defender has to offer.

Anti-Spyware Protection

windows defender

The main purpose of anti-spyware software is to protect from spyware, and alas, that's what Windows Defender does! Like most such programs, the primary method of protection is the good old-fashioned scan. There are three options available in Windows Defender - quick scan, full scan and custom scan. The quick scan and full scan features behave as you'd expect, while the custom scan lets you scan specific drives and folders instead of your entire PC.

what is windows defender

As is the case with many free anti-spyware applications, in-depth reviews are hard to come by. Back in 2007, CNET reviewed Windows Defender and found that it was actually very effective for a free solution, but it fell far behind the best paid software. Other tests were harder on Windows Defender, but again, they date to 2007. What is certain that some anti-spyware protection is better than none. Just be sure not to confuse this with an antivirus, because it isn't meant to be one, and doesn't provide (much) protection against such malware.

Windows Defender can also run scans automatically. This feature can be adjusted in the Automatic scanning section of the Options menu.

Real-Time Protection

what is windows defender

Windows Defender doesn't just attempt to find spyware when you are scanning your PC. It also has real-time protection, which is designed to stop any spyware that is detected on your system the moment it takes root. These features can be found in the Options section, under the Real-time protection section, and are turned on by default.

The real-time protection includes the ability to scan files and attachments that you're downloading to determine if they carry any spyware. If they do, Windows Defender can alert you and, if you wish, quarantine or remove the files. In addition to this, the program can intercept spyware that is actively attempting to run on your PC. As with file downloads, Defender can alert you if a program on your PC is known spyware.

The severity of Defender's reaction to detected items can be found in the Default actions section of the Options menu. By default, the program will take a recommended action based on the spyware that is discovered. However, you can adjust these settings to ensure the spyware is automatically quarantined or removed no matter what type of threat is found.

Peer Protection With SpyNet Community

windows defender

The ominously named Microsoft SpyNet is one of many recent examples of cloud malware protection. The idea behind it is that even the smartest group of security experts could never detect all spyware all the time. There will always been new spyware, or old spyware that slipped through the cracks. The only way to minimize this problem is to catch problems as they occur - and that means enlisting user computers in the fight.

Computers enlisted in SpyNet share information about the spyware they encounter through Windows Defender, creating a catalog of spyware that was not officially diagnosed but rather picked up by one of the member PCs and then determined to be spyware by Defender. This helps aid everyone's security. Microsoft is far from the only company doing this - many antivirus programs use a similar tactic.

You can opt out of the SpyNet community if you'd like. Otherwise, you have the choice of a basic or advanced membership. Both memberships send information about spyware detected, but advanced membership lets Windows Defender send information about the software impacted, including the file names of programs and documents and detailed information about the spyware's damage to your PC.

Conclusion

Windows Defender should be seen for what it is - a simple free anti-spyware program. It isn't very advanced, but it does offer basic protection and peace-of-mind.

Currently, Microsoft seems to be in a transition period, as the functionality of Defender overlaps with that of Microsoft Security Essentials, the free anti-malware software from Microsoft. I suspect that Microsoft does not ship Security Essentials with Windows 7 only because it wants to avoid any accusations of monopolistic behavior by antivirus companies. However, the information I provided here also applies directly to Security Essentials. It too offers scans and real-time protection, and it too includes Microsoft SpyNet functionality.

If you already have anti-spyware functionality provided by other software, it's wise to disable Windows Defender, as doing so will eliminate the possibility of conflict between programs.