Microsoft Defender is the built-in antivirus protection for Windows. If no other antivirus is active, Defender will protect you from viruses. To check if Defender is active, go to Windows icon > All apps > Windows security > Virus and threat protection and look for “Microsoft Defender Antivirus.” It constantly scans new files and regularly scans all files on your system. You can start a manual scan in “Windows Security” to see the progress of the scan, which can take several hours for large amounts of data.
To find out why Defender is slow during a scan, start a log of the virus scan by opening Powershell with administrator rights and entering the command: New-MpPerformanceRecording -RecordTo c:\Defenderscans.etl. Start a full scan in “Windows Security” and then analyze the log to see which files took the longest to scan. You can convert the log into a CSV file and open it in Excel to see which files require the most scanning time.
In our test system, we found that Defender takes around six minutes to scan an ISO file in the recycle bin. By emptying the recycle bin, we saved time for the next scan. Another command analyzes the log for the top 10 scan durations, file extensions, processes, and files.
