Jump to content

Windows Defender


JackR

Recommended Posts

Microsoft Anti Spyware is Now Windows Defender.I just downloaded the Interface is Very Cool.When installed it seems to be installed in Hide mode. I.e. there is No Icon to double click and start. Re Start, the computer after the Installation and it would load into the Tray Bar.http://www.microsoft.com/athome/security/s...re/default.mspx :rolleyes:

Edited by JackR
Link to comment
Share on other sites

Memory seems to follow this pattern Old AntiSpyware, Program Data Service 12MB + General Service 6.6MB = 18.6MBNew Defender, General Service 7.4 + Program (user Interface) 7.8 = 15.2MBIn order to Startup and provide all the functions of Win Defender the program's service has to be started (the default is Automatic), and the program's User Interface has to loaded (sits on the Traybar). The User Interface loads through the regular Startup folder, its actual location is C:\Programs\Windows Defender\MSASCui.exe (I dragged a short to the Desktop so I can have full control when I want to play around with enable disable).If Active protection is disabled (In setting Menu) the service would keep runing but the computer is Not Protected.If the setting are left at default and the User Interface is disabled at Startup the service would Run. I do not know (yet) what level of protection it provides without the User Interface running, but functions that depend on the user interface (like notification of events) would not work.So for full protection make sure that both the Service and the user interface are running. :thumbsup:

Edited by JackR
Link to comment
Share on other sites

That is incorrect.You do not need the User Interface running to have full protection. One of the reasons MS rewrote the Giant Antispyware program which was written in Visual Basic was that Giant Antispyware was a normal Windows application, and not a service. This limitation meant that it could only be used by administrator-level users, and only when a user was logged on.The new UI is literally just a front-end for the Windows Defender service, which runs constantly in the background and works properly regardless of which type of user account you're using. It even works when no one is logged on. That is the main reason to run it as a "service."This new front-end is essentially a dashboard for Windows Defender's features. After updating to the latest spyware definitions, you probably won't be interacting with the front-end much any more, unless you manually launch the application or a real problem develops.On a related note, the ever-present tray icon from Windows Antispyware Beta 1 is missing. The MS mantra for this release is that it should not be as annoying than the spyware you're trying to eradicate. So there's no tray icon, and almost no pop-up windows.

Link to comment
Share on other sites

So let me understand.You get into the GUI and you disable the protection in the General Setting Menu.After disabling, the service still runs. So never mind that deliberately disabled the Real time protection, you are still protected? B)

Link to comment
Share on other sites

So let me understand.You get into the GUI and you disable the protection in the General Setting Menu.After disabling, the service still runs. So never mind that deliberately disabled the Real time protection, you are still protected? :D
That just got my funny bone good! B)
Link to comment
Share on other sites

Guest LilBambi

Installed it on two computers so far, working well. Course since it Windows Automatic updates just came through as well, how would we know if Windows Defender was a problem or one of the new updates for February. ;)Seems to be working well for clients so far. We will see as time goes on how well it does. But the way it is intended to work seems to be very nice.

Link to comment
Share on other sites

I had hoped to use the MSAS on my laptop instead of buying a AS. However, since I am not "geek" enough to use a Beta such as this one, and with the problems some report, I am going to renew my Counterspy, or buy Spysweeper. Most seem to have no trouble withDefender, but I want to avoid any id I can.A year ago I formed the opinion that Counterspy was slightly the best AS, but recently it seems that Spysweeper is somewhat better.I have about 30 days before having to renew CS. I think the price is about $10, and that is not worth the trouble that may come with this Beta 2. The Beta 1 was not a problem, except updating several months ago.Jerry

Link to comment
Share on other sites

You get into the GUI and you disable the protection in the General Setting Menu.After disabling, the service still runs. So never mind that deliberately disabled the Real time protection, you are still protected?
If you are going to disable it in the front end GUI then why install it in the first place??? That makes no sense...After installing Defender (x64) on my laptop it proceeded with a scan. It found two files (executables - trojans) that Counterspy and SpySweeper had ignored for 4 months. I'm sticking with the Defender beta... Edited by Marsden11
Link to comment
Share on other sites

I like the simple GUI. It should make it easier to use for those who new to computing. I'm recommending it to my clients. :thumbsup:
but are you recommending a beta?will this autoupdate when a new version is coming out?and last does this beta have any timebomb in it?would be great if this is good enough 2 use right now for a non techie
Link to comment
Share on other sites

If you are going to disable it in the front end GUI then why install it in the first place??? That makes no sense...
I tried to give some info about the program, and that there is two components that loads at startup. But I guess that there is always a way to drag something down when One is set to do so.Have a nice day. :thumbsup: Edited by JackR
Link to comment
Share on other sites

I'm confused...

I tried to give some info about the program, and that there is two components that loads at startup. But I guess that there is always a way to drag something down when One is set to do so.
You claimed that there are two components that start when you boot up your system with Windows Defender installed as a Service.I can only find one and that is the Windows Defender Service. I see no evidence that the GUI front-end is started as well. I go to Start> All Programs> Windows Defender. If I click on Windows Defender, the GUI front-end opens up. MSASCui.exe does not run until you open the GUI front-end.Yes, you can disable real time protection in the GUI, but that is the heart of Windows Defender. You can choose not to use any individual component or all of them. With Real Time turned off you still have the Scanning Service running. The Real Time Protection is the key to keeping the crap off your system. Scanning finds the crap if it is there. Real Time keeps it off to begin with...Auto Start Monitors lists of programs that are allowed to automatically run when you start your computer. Spyware and other potentially unwanted software can be set to run automatically when Windows starts. That way, they can run without your knowledge and collect information. They can also make your computer start or run slowly. System Configuration (settings) Monitors security-related settings in Windows. Spyware and other potentially unwanted software can change hardware and software security settings, and then collect information that can be used to further undermine your computer's security. Internet Explorer Add-ons Monitors programs that automatically run when you start Internet Explorer. Spyware and other potentially unwanted software can masquerade as web browser add-ons and run without your knowledge. Internet Explorer Configurations (settings) Monitors browser security settings, which are your first line of defense against harmful content on the Internet. Spyware and other potentially unwanted software can try to change these settings without your knowledge. Internet Explorer Downloads Monitors files and programs that are designed to work with Internet Explorer, such as ActiveX controls and software installation programs. These files can be downloaded, installed, or run by the browser itself. Spyware and other potentially unwanted software can be included with these files and installed without your knowledge.Services and Drivers Monitors services and drivers as they interact with Windows and your programs. Because services and drivers perform essential computer functions (such as allowing devices to work with your computer), they have access to important software in the operating system. Spyware and other potentially unwanted software can use services and drivers to gain access to your computer or to try to run undetected on your computer like normal operating system components. Application Execution Monitors when programs start and any operations they perform while running. Spyware and other potentially unwanted software can use vulnerabilities in programs that you have installed to run harmful or unwanted software without your knowledge. For example, spyware can run itself in the background when you start a program that you frequently use. Windows Defender monitors your programs and alerts you if suspicious activity is detected.Application Registration Monitors tools and files in the operating system where programs can register to run at any time, not just when you start Windows or another program. Spyware and other potentially unwanted software can register a program to start without notice and run, for example, at a scheduled time each day. This allows the program to collect information about you or your computer or gain access to important software in the operating system without your knowledge.Windows Add-ons Monitors add-on programs (also known as software utilities) for Windows. Add-ons are designed to enhance your computing experience in areas such as security, browsing, productivity, and multimedia. However, add-ons can also install programs that will collect information about you or your online activities and expose sensitive, personal information, often to advertisers. Source: Windows Defender Help Edited by Marsden11
Link to comment
Share on other sites

I'm confused...
I have a policy, every time when I install a program, following the installation I check Wimndows Startup and Services to see what the Application did to my system. I consider it as security measure.So, after I installed the defender I looked at the Services and spotted a service that is set to start Auto.Then I looked at the Startup, and found this entry.Look here at the last line, http://www.ezlan.net/network/defender.jpgI would assume that the GUI starts by default but nothing is seen to the “naked eye†because of the option “–hide†at the end of the line. :hysterical: Edited by JackR
Link to comment
Share on other sites

I installed it on my Daughter's machine and did a thorough sacn and it found nothing. I then did a normal scan using Adaware SE and it detected 4 spyware items that WD missed. The program is now off all of my machines.

Link to comment
Share on other sites

Guest LilBambi

I would have to say that not finding tracking cookies would not be as big a thing as say not finding VX2, Lop, SpySheriff, SpyFalcon, WebSearch ToolBar, etc.And I would hope that everyone knows to use multiple antispyware programs at least for scanning. Only one for real time though.And I don't think Windows Defender should be your real time protection just yet. It is still Beta.However, Windows Defender seems to do a pretty decent job.I will say that it did get one false positive ... it thought a single old wav file from the early 90s (long before SpySheriff was even a gleam in its creator's eye) was SpySheriff. ;)Windows Defender also crashed once on me so far. But it is Beta. You have to expect these types of things in Beta software.And is not the only antispyware program I use, nor would it be since it is Beta.They will get the bugs worked out and I am sure it will be at least as good as MS AntiSpyware soon.

Link to comment
Share on other sites

I use Spyware Blaster, Adaware SE, and Spybot S&D. Neither one of these programs uses system resources just to be on your system. I also believe that 3 such programs is plenty. I do not need any more. I just used WD as a trial and it failed my trial. If it cannot pick up tracking cookies , what else did it miss. I should say that it detected nothing on all three of my machines. Yes it is still in Beta and has been since it was first introduced many months ago under a different name.

Link to comment
Share on other sites

I use Spyware Blaster, Adaware SE, and Spybot S&D. Neither one of these programs uses system resources just to be on your system.
The programs do not take resources if you do not use the Active Guard (Ad-Watch) part of the programs. I.e. you do Not have active on line protection.MS-Spyware could work as a scanner only without setting it the Active Guard (just as the other programs mentioned above). The newer beta WinDef. would not work without the Service running.If you disable WinDef. Active Guard the GUI goes away and the Service stays On and consumes 8MB of RAM.When you enable the Active Guard the GUI comes back and take an additional 10MB RAM.If you enable Ad-Ware’s Ad-Watch, it takes 8MB of RAM.I guess that MS decided that when the average computer that is sold today comes with 512MB RAM 8MB on security Service is Not the end of the world. ;)
Link to comment
Share on other sites

I guess that MS decided that when the average computer that is sold today comes with 512MB RAM 8MB on security Service is Not the end of the world.
I have 1 GB of ram and that is not the point. The point is that I do not need a computer that is full of nothing but anti-spyware programs. The two that I have are monitoring for spyware (SpywareBlaster) and Spybot S & D. These two do not use any system resource and better yet they work! As I stated earlier WD missed tracking cookies that Adaware SE found. You are quite right a program using 8 mb of resources is not going to hurt anything, if the program works as designed.
Link to comment
Share on other sites

but are you recommending a beta?will this autoupdate when a new version is coming out?and last does this beta have any timebomb in it?would be great if this is good enough 2 use right now for a non techie
MS actually bought this software from Giant software, I believe in late Dec of 2004. The software was already established as a fairly good anti-spyware product. MS re-released it with the MS moniker in the first part of 2005, using a beta one designation. This new product I believe has a better GUI than the old. Though designated beta two by MS, there have been few issues with the core software. Gates has stated this software would remain free. Time will tell if he keeps his word.And past releases have auto-updated. Whether this will be the case for future releases is unknown.Timebomb - no expiration is indicated on the MS site.
Link to comment
Share on other sites

The two that I have are monitoring for spyware (SpywareBlaster) and Spybot S & D. These two do not use any system resource and better yet they work!
So are you saying that when either program is actively scanning your system, neither one consumes CPUs cycles nor uses any system memory?That is a pretty neat trick... if that is the case... they are not really running are they?Since I can manually delete cookies, tracking or benign at any time... I don't consider that a huge threat and that is not a priority for spyware removal.
Link to comment
Share on other sites

So are you saying that when either program is actively scanning your system, neither one consumes CPUs cycles nor uses any system memory?That is a pretty neat trick... if that is the case... they are not really running are they?Since I can manually delete cookies, tracking or benign at any time... I don't consider that a huge threat and that is not a priority for spyware removal.
No that is not what I am saying. I am saying that SpywareBlaster protects against spyware and such without using any resources. Spybot S & D do the same.I do not manually delete cookies as I don't like to have to remember user names and such for all of the forums that I belong to. And since my default browser is Firefox , spyware is not that much of a problem.
Link to comment
Share on other sites

Guest LilBambi

SpywareBlaster does not take resources to do it's protection. It is a type of innoculation program. You update it, set it and forget it...till next week when you check for updates again.The SpyBot S&D IE defense uses TeaTimer if I remember correctly. I don't personally care for that and it can be left unchecked by not choosing to immunize and only do updates and scanning. In that state it does not use resources any more than Ad-Aware does if you are not running Ad-Watch as far as I understand it...except when you are scanning.Cookies are handled by many programs including SpyBot S&D and Ad-Aware. It would be nice if Windows Defender dealt with them as well, because not all programs handle all variations on different types of adware, cookies, spyware, malware, etc. but if someone uses these others it would not be too great of a loss.Windows Defender's engine and defs, as well as its UI, if I remember correctly, has been seriously changed/revamped from the previous MS AntiSpyware which was based solely on the Giant Software. It is basically a totally new program.There will be things to iron out.I would really like to see an option, that could still be left initally as it is currently, that would allow one to use it as a scanner only and not as a realtime protection. Also would like to see an option, that could be turned off and on regarding a system tray icon. I have no problem with it using a running service that would trigger the scanner, like Spy Sweeper does, but I have a problem with not having more control over what it does. Just my two cents.

Edited by LilBambi
Link to comment
Share on other sites

Fran - is this what you mean:Real Time Protection can be turned off - Tools - General Settings and scroll down to turn off protections completely OR to fine tune what protections you want.

Edited by Rons
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...