Using Windows Defender on Your Windows 10 Laptop

By Dan Gookin

Worry not your weary head over the prospect of nasty programs descending from the Internet and infecting your Windows 10 laptop. That’s because Windows comes with an antivirus program called Windows Defender. It protects against malware and spyware. It should be active and ready to work on your laptop.

  • Rather than worry, be cautious. Computer security shouldn’t be taken lightly, even when you have a program like Windows Defender at the ready.

  • If Internet security is really, really important to you, you can obtain third-party antivirus programs, such as the popular PC security suites from Norton and McAfee.

  • Some legitimate antivirus programs are available for free on the Internet. And quite a few illegitimate antivirus programs lurk out there as well, some of which are actual viruses themselves. Therefore, you should either pay for the third-party antivirus software or obtain it from a reputable source.

Setting up Windows Defender

To confirm that Windows Defender is working, look for the Windows Defender notification icon on the taskbar. If you see that icon, Windows Defender is active and protecting your laptop. If you don’t see that icon, Windows Defender may still be active, so don’t freak out.

To confirm that Windows Defender is active, or to start it when it isn’t active, follow these steps:

  1. Click the Start button and choose Settings.

    The Settings app appears.

  2. Click the Update & Security button.

  3. On the left side of the window, choose Windows Defender.

  4. On the right side of the window, ensure that the toggle under Real Time Protection is in the On position.

    If not, click the toggle switch.

  5. Close the Settings app window.

The Windows Defender notification icon appears on the taskbar. It may change its appearance as it goes about its duties, but if the icon is there, your laptop is protected.

Using Windows Defender

Like most antivirus software, Windows Defender has two modes of operation:

  • Active: Active mode completely scans the memory, the storage system, and, finally, individual files. Everything is checked against a database of known viruses.

  • Passive: Passive mode works as files are received into your computer. Every file coming in is individually scanned and then checked against the virus database. Malicious software is intercepted and quarantined, and you’re notified of its presence.

In Windows Defender, Active mode is referred to by the verb Scan. Passive mode is called Real-Time Protection. You can confirm both settings by viewing the program window. Follow these steps:

  1. Click the Windows Defender icon, found in the notification area on the taskbar.

  2. Choose the Open command from the pop-up menu.

    Open is the only command.

    If the icon isn’t present, click the Start button and type Windows Defender. Press the Enter key to run the program.

On your laptop, confirm that real-time protection is active by looking for the word On next to Real-Time Protection.

Windows Defender.

Windows Defender.

Scanning your laptop for malware

Though Windows Defender works all the time, you will want to occasionally perform an active scan to check for signs of infection. Follow these steps when you suspect something is amiss, or just to confirm that the laptop is all peachy-keen:

  1. Start Windows Defender.

    Click the icon on the taskbar, in the notification area, and choose the Open command from the pop-up menu.

  2. Click the Quick option.

  3. Click the Scan Now button.

    Windows Defender checks your laptop for signs of infection. It looks into system files, program files, and various secret places where Internet supervillains enjoy hiding their wares.

    The scan can take some time. You’ll be alerted to any infections. If they’re found, quarantine the files.

  4. Close the Windows Defender window when the scan is complete.

You don’t need to run an active scan on your laptop frequently. You can do a quick scan maybe every few months or so. If you suspect a problem, choose the Full option (refer to Step 2), which takes more time, but it’s more thorough.

  • Some malware cannot be removed by Windows Defender. These nasty programs disable Windows Defender deliberately and prevent you from running the program or doing a scan. You can attempt to do a scan with the laptop in Safe mode, but some aggressive malware disables Safe mode as well.

  • When Windows Defender can’t run, you need to buy a second antivirus program and run it from a boot disc. The only other alternative is to turn in your PC to a repair shop where they can remove the infection for you.

  • The malware most likely infected your system due to social engineering.

Dealing with a quarantined file

When Windows Defender locates a suspect file, it places it into quarantine. This placement doesn’t delete the file, but it does prevent the malware from doing its nasty deed. It also allows you to rescue falsely accused files from imminent peril.

To review quarantined files, follow these steps:

  1. Open the Windows Defender program.

    Click the Windows Defender icon on the taskbar and choose the Open command.

  2. Click the History tab.

  3. Ensure that Quarantined Items is selected.

  4. Click the View Details button.

    You see a list of any suspect files.

It’s okay to keep the files in the list; they will do no further harm.

To rescue an incorrectly identified file, click to select it from the list, and then click the Restore button. Please be extra certain the file isn’t infected! Do an Internet search on the filename coupled with the words Windows Defender to see what others have discovered.

To remove actual infected files, select them in the list and then click the Remove All or Remove button. The infected files are obliterated and shall never harm your laptop.