Many people compare or read a comparison between Windows Defender with third-party's Internet Security, Total Security and so on. Most of these comparisons are not equitable because these tools have antivirus as well as other security tools such as Firewalls, Internet security and others, while Windows Defender is just an antivirus program.
What Windows built-in security services are included and enabled by default?
Windows Defender is an antivirus software that protects your system against viruses, malware, spywares and network threats. It is a Windows Service that works with other Microsoft security and maintenance services such as Windows Firewall and Microsoft SmartScreen (which is Internet security: phishing and malware filter used in several Microsoft products including Internet Explorer, Hotmail and Microsoft Edge). All of these services are enabled by default and starts at system startup, of course, if you do not have installed a third-party security software.
When you install a third party security tool, Windows turns off its corresponding security service. For instance, Windows turns off Windows Defender automatically when you install a third party antivirus and you cannot turn it back on because Windows Defender settings become inactive unless you uninstall the third party antivirus.
In addition, security updates and critical updates protect against vulnerabilities to malware and security exploits. By default these updates are downloaded and installed by Windows Update service automatically.
Moreover, Windows Update takes care of updating Windows Defender automatically. Updating Windows Defender does not require system restart.
Finally, take in your consideration that Microsoft security tools are built into the Windows operating system and fully compatible, reliable and working smoothly with fewest bugs and side effects.
How to schedule Windows Defender to run system scan?
By default, Windows Defender is scheduled to run quick scan as part of daily basis Windows Automatic Maintenance job when the system is in idle status. When the task is missed or interrupted by the user (when the user returned to use the computer), the system re-runs the scan the next time the system goes to idle status (re-runs the scan from beginning and does not resume it from the point it stopped last time).
To see what tasks are included in the system Automatic Maintenance, change the time or run the system maintenance manually in Windows 10, open "Security and Maintenance" window in Windows Control Panel (or type Security and Maintenance in the search box near to the Start menu). Then expand Maintenance section to see the Automatic Maintenance.
Security and Maintenance -> Maintenance -> Automatic Maintenance
Windows Task Scheduler service is used to schedule a Windows Defender system scan. Do not change the default quick scan to full system scan. Microsoft, the system builder and developer, sets all necessary settings of security and maintenance tasks to give you the best over-all system security and performance for most consumers to perform their normal daily works.
Windows 8 (More detailed with screenshots - Same procedures for Windows 10):
There is no need for, and I do not recommend, a daily full system scan. This (full scan) takes more computer resources for a long time and slows down your system performance. In my opinion, the best practice to perform a full system scan is when you feel that your system is infected by a virus or when you clicked on a suspicious link online or in an email message and the quick scan did not solve the problem. In these cases, run the full system scan manually. If you want, you can run the full system scan from time to time (once a month for instance) manually.
Although, you don’t need to schedule a full system scan, you can setup your own scheduled task to perform a full system scan and, again, don’t change the Microsoft default settings. For this purpose, use Windows Task Scheduler tool.
To run a Quick, Full or Custom scan manually, open Windows Defender then from the main page (Home) select a scan option and click "Scan now" button to start the scan.
Who needs to change built-in security tools?
Maybe, you need to change some of default settings, built-in tools and/or use additional security tools using higher-rated 3rd-party software, if you are working on public place and using many of others possibly infected external memories (such as Flash drives and External HDDs), connecting to an unsafe public Wi-Fi frequently, opening unknown and dangerous websites, playing with hackers or visiting their websites (maybe for downloading, installing or testing some illegal apps), visiting porn websites, and/or downloading and testing apps from unknown sources. In these cases, you are exposing to viruses and external attacks from hackers more than usual.
Although, for many of these cases, Windows built-in security tools with default settings are good enough to block these external attacks, you can use higher-rated 3rd-party tools and/or antiviruses depending on the case you have.
To increase your system security, if you want, you can install Malwarebytes Anti-Malware as a precaution.
Why we prefer third-party antiviruses?
There are some key points that most consumers prefer third-party antiviruses:
Virus and Spyware Protection:
Most of higher rated third-party antiviruses, as I saw, give you around 5% to 15% more virus detection capability than Windows Defender. If you want to play with hackers or visit unknown and dangerous websites, then you need higher rated antivirus and firewall to protect your computer. The thing that most of people do not.
Virus Scan Speed
Many of higher rated antiviruses scans for viruses faster than Windows Defender. However this is an advantage, but you will not do a full scan for viruses every day. There are situations that you need to scan a driver or full computer scan such as when you feel that your system not working properly and the quick scan did not solve the problem. Maybe, this happens once in several months and sometimes a quick-scan solves the problem, if your antivirus includes this option.
Some antiviruses needs less system CPU and memory usage to protect your pc. Although, Windows Defender has good system resource usage, some third-party software give higher rating in some tests.
What are the advantages of Windows Defender and Windows security system?
If you want to choose between Windows built-in security and a third-party security software, take the following points into consideration that many people do not think about.
- Windows security tools including Windows Defender, Windows Firewall and Microsoft SmartScreen are fully integrated in Windows operating system and working in the background. You will not even feel that they exist in normal conditions.
- When you upgrade your Windows to a newer version or install an update of current version, Windows security services are updated as well. Many third-party antiviruses have some issues when you upgrade your Windows or, sometimes, when you apply some updates to current version, and some of them stop working completely.
- Quick-scan checks the places on your computer's hard disk that spyware is most likely to infect.
- Windows Defender has a feature called Real-Time Protection (RTP). RTP is running in the context of the logged-on user. It monitors the registry and file system on the computer by using agents that monitor auto-start extensibility points (ASEP). RTP continuously monitors your computer and scans everything you download or run on your PC.
Although, many other third-party systems have this feature (RTP) and/or quick-scan option, RTP in Windows Defender with the default scheduled quick-scan kills some advantages of other higher rated third-party antiviruses such as lower system resource usage, and higher scan speed. With the existence of RTP and scheduled quick-scan, you do not need full system scan and startup scan because the RTP and quick-scan do the job. Therefore, the higher rated “higher speed of full system scan” and “lower system resource usage” are no longer advantages of third-party antiviruses. This is because you do not need startup scan and full system scan anymore except in some situations, such as when you feel that you system is infected and quick scan did not solve the problem, you perform a custom or full system scan depending on the case you face.
If you want to compare or read a comparison between Microsoft security system with other third-party security systems, such as Internet Security and Total Security tools, you have to consider Windows Defender along with Windows Firewall, Microsoft SmartScreen, Windows Update, and Windows Schedule Tasks all together to get accurate and reliable results.
If you want to give a priority to higher security, then choose a higher-rated third-party security software. In the other hand, if you want to use your computer for your daily business and give the priority to higher over-all system performance and reliability with good security level, then the best choice for you is Windows built-ins security including Windows Defender, Windows Firewall and Microsoft SmartScreen.
If you are not on a public Wi-Fi, Windows Firewall does its job efficiently and you don't need to install a third party firewall. If you chose to use a third-party product and you are not on a public Wi-Fi and you do not need extra services included in the third-party security systems, it is enough to get an anti-virus rather than a complete security set. For example, use ESET NOD32 Antivirus instead of ESET SmartSecurity or Bitdefender Antivirus instead of Bitdefender Internet/Total Security. Moreover, these extra tools usually slow down the system.
In my personal opinion, I recommend to stay on Microsoft built-in security system for a while, and do not purchase any third-party product because, as I see, most of them (if not all) have issues on windows 10 and they are not fully stable on the newly released operating system. After a couple of weeks, maybe you will find more stable security systems in the market. Then you can decide whether you want to use one of them or stay on Windows built-in security system – the most stable security system.
If you decided to stay on Windows built-in systems, you can improve your system security by using some of additional free tools. When you feel your system is infected or attacked:
Scan your system with ESET Online Scanner (free) to scan for malwares (viruses, spywares and Trojans) that Windows Defender could not catch.
You can use any other vendor’s equivalent system you trust.
Use Malwarebytes Anti-Malware (free edition), or any equivalent software, to scan for spywares in your system on demand. The premium version (paid) has Real-Time-Protection that monitors you system along with Windows security systems with no conflicts, according to Malwarebytes website.