A virus scanner is necessary on every computer connected to the Internet. Exactly such a scanner is built into Windows 10 and 11: Microsoft Defender. How do you deal with this?

Toon van Daele

There is quite a bit of malicious software, or malware, circulating that can affect both Windows and your personal files. Fortunately, there are antivirus tools that can stop and neutralize such malware, such as Norton, McAfee, Avast or Bitdefender. However, Windows’ built-in and free antivirus program, Microsoft Defender, is actually just as effective. So you have little to fear, especially if you do not install (illegal) software from dubious sources, do not visit suspicious websites and never randomly click on links from unknown senders.

1 Automatic
Microsoft Defender is automatically enabled and works in the background, so you basically don’t have to do anything yourself. This tool rarely asks for your input unless it is really necessary, for example when detecting a virus or other threat.
Please note that Microsoft Defender is automatically disabled when you use an external antivirus program 02 check mark 2installs, because two such tools can counteract each other in the background. Once you uninstall the third-party antivirus tool, Microsoft Defender will turn itself back on.

2 Check mark
To make sure the antivirus service is running, open the Windows start menu, start Institutions and navigate to Update and security (Windows 10) or Privacy and security (Windows 11), where you Windows security opens. You can see that the built-in security consists of several parts, but we only focus on the part here Virus and threat security. If there is a green check mark here (so no cross on a red background), it means that there is active antivirus protection, and that is what we assume for the time being.

03 periodic scan 23 Periodic scan
Click here Virus and threat protection. If you previously installed another antivirus program, you will see the name of that tool here. Defender is no longer running in the background, but you can choose to have it run a virus scan occasionally. Click to do this Microsoft Defender Antivirus Options and switch Periodic Scanning by pressing the button At to put and confirm with Yes.

In this article we assume that Defender is your only antivirus program.

4 Updates
In the introduction of this article we already discussed what you should pay attention to to avoid malicious software. However, in order to use Defender efficiently, it is also important that the tool can always update itself.
04 windows updates 2This usually happens automatically along with other Windows updates, but it doesn’t hurt to occasionally check whether this automatic Windows updates feature is enabled. To do this, go back to Institutions and select Windows Update. If applicable, click Resume updates or Looking for updates. If everything is fine, the message ‘Your PC has been updated’ will appear (possibly after installing available updates). You don’t have to do anything else and you can trust that Microsoft Defender is kept up to date.

5 Quick scan
Great, Defender is active and up to date. We’ll explain in a moment what happens when the tool detects something suspicious. First we will show you how to perform a virus scan yourself. Although this is not necessary in principle, since the tool works continuously in the background, there is no harm in doing it. To do this, go back to Virus- and threat protection and click the button Quick scan. The scan starts immediately and takes a few minutes. However, you can press the button at any time Cancel to press. For the time being, we assume that the result is completely satisfactory and the message ‘No actions required’ appears.

6 Other scans
06 scan types 2It may happen that a quick scan does not completely reassure you, for example if your PC is behaving strangely. In that case, you can opt for a more thorough scan. Click to do this Scan options making more scan types available, including Full scan. Select it and click Scan now. Defender checks all files on your PC, which can take considerably longer, up to an hour or more.

If you have a specific folder in mind with potentially suspicious files – such as Recent Downloads – you can create a Custom scan Selecting. When you get up Scan now Click, a file explorer will appear and you can choose the folder that Defender should check for possible malware.
You can also perform such a scan from Explorer. Right-click on a folder and choose Scan with Microsoft Defender.

7 Offline scan
If a full scan does not reveal anything suspicious, the chance that there is malicious software on your system is small, but you can never completely rule this out. If you suspect a virus infection – since there is indeed malware that hides deep in the system and is therefore not always detected by ‘normal’ scans (not even from other antivirus programs) – you can always choose the option Microsoft Defender Antivirus (offline scan).

07 offline scan in progress 2Once you get on Scan now click and confirm scanning with Yes, your computer will restart and immediately scan your system, before Windows and any malware have a chance to boot. So make sure that you first close all programs and save open documents safely.

08 message 28 Threat notification
When Defender detects a possible threat, you will immediately receive a notification in the notification center. You open this with the keyboard shortcut Windows key + N or by clicking on the date and time, which is located on the right side of the Windows taskbar. If there are more notifications, click on +[n] notifications. Clicking on a threat notification automatically opens the section Virus and threat protection, but you can always open this manually. If you are here Current threats If you don’t see anything, click Security historyso the most recently identified threats are displayed here.

9 Information
For each detected threat you get an assessment of the risk according to Microsoft, such as Severe, High and Low. You will also receive a brief description of any actions you have previously taken regarding this threat, such as Solution incomplete, Potentially unwanted app found, or Threat allowed.
09 information 2

Click on the relevant message. For additional information, such as the exact location of the file on your PC, you can then click View Details.

You will usually also find the option in this window More information. This link will take you to a Microsoft website with additional feedback, such as typical symptoms and the best way to respond.

10 actions 210 Actions
In this window you can also indicate what action you want to take against this threat. There are three options: To delete, Quarantine and Allow on device.

The option To delete is self-explanatory: this will remove the suspicious file from your computer. Choose this action and confirm with Start actions.

The option Allow on device is the ‘opposite’: you indicate that you trust the file and tell Defender that it can be ignored from now on. This is useful if you downloaded an app that you know is safe, but that Microsoft considers potentially suspicious, such as a product key or password recovery tool.

11 In quarantine
You may suspect that a file is harmless, but Microsoft does not fully trust it. Deleting the file immediately may be a shame, but allowing it without further ado entails risks. In such a situation you can choose the second option: Quarantine. When you confirm with Start actions, Defender places the file in a safe location where even a malicious file can’t do any damage. Once you’ve gathered enough information that the file is trustworthy, you can still remove it from quarantine.

12 Out of quarantine
To remove a file from quarantine, follow these steps. Go to Virus and threat protection and select Security history. Click if necessary Filters and choose Quarantined items. Select the item you want to keep and click To recover. The file will then return to the location it was in before Defender quarantined it. The opposite is also possible: through To delete Selecting will permanently delete the file.

If you’re too fast before Allow If you had selected it and now regret it because the file turns out to be suspicious on closer inspection, then click on Permitted threatsselect the item in question and choose Not allowed.

12 allowed 2

13 Switch off
It may happen that Defender is so stubborn that you fail to download or install a (program) file that you know is harmless. In this exceptional case, you may consider temporarily disabling Defender.

14 settings 2You do this via Virus and threat protectionwhere you at Virus and settings threat security on Manage settings clicks. Then adjust the switch button Real-time security (read: automatic virus protection in the background). Out and confirm with Yes. A message will now appear stating that the protection is no longer intact.

After download or installation, you can immediately enable Defender again by pressing the switch button At to put. You can also restart your PC, as Windows will then normally turn Defender back on automatically.

14 Settings
Stay tuned Manage settingsbecause you will find several other options here, such as Cloud security and Automatically submit sample. It is recommended to keep both options enabled as this is better real time provides protection. If in doubt, Defender can then send a file to the cloud for a quick and up-to-date analysis. Late too Tampering protection enabled because this feature prevents unwanted changes to your security settings. More information can be found at https://tinyurl.com/pca-cloudveilig.

There is also the option Add or remove exclusions. Of +A add exclusion you can add files to a whitelist so that Defender no longer checks it. To select a file from this list, click on it and choose To delete.


While Defender is a reliable antivirus solution that automatically checks downloaded files, it doesn’t hurt to take extra precautions. Before opening or launching recently downloaded files, you can send them to the free online antivirus service VirusTotal (www.virustotal.com) for an additional check.

Click here Choose file and select the file in question.
A moment later, a list of scan results from often 70 or more antivirus tools appears. It may happen that some antivirus programs detect a possible threat in the uploaded file. However, if only two or three (mainly unknown) programs indicate a threat, you can usually assume that the file is safe. If more programs signal a threat, be extra careful!

k1 virustotal 2