Jump to content
Sign in to follow this  
JackR

Windows Defender

Recommended Posts

JackR

Microsoft Anti Spyware is Now Windows Defender.I just downloaded the Interface is Very Cool.When installed it seems to be installed in Hide mode. I.e. there is No Icon to double click and start. Re Start, the computer after the Installation and it would load into the Tray Bar.http://www.microsoft.com/athome/security/s...re/default.mspx :rolleyes:

Edited by JackR

Share this post


Link to post
Share on other sites
Marsden11

It runs as a service now in the background full time regardles of the user logged in.

Share this post


Link to post
Share on other sites
Keegan

but is it any good?and how much ram does it use?

Share this post


Link to post
Share on other sites
teacher

I have not noticed any decrease in available RAM. So far, so good. I have it on two computers and ready to add it to more.

Share this post


Link to post
Share on other sites
JackR

Memory seems to follow this pattern Old AntiSpyware, Program Data Service 12MB + General Service 6.6MB = 18.6MBNew Defender, General Service 7.4 + Program (user Interface) 7.8 = 15.2MBIn order to Startup and provide all the functions of Win Defender the program's service has to be started (the default is Automatic), and the program's User Interface has to loaded (sits on the Traybar). The User Interface loads through the regular Startup folder, its actual location is C:\Programs\Windows Defender\MSASCui.exe (I dragged a short to the Desktop so I can have full control when I want to play around with enable disable).If Active protection is disabled (In setting Menu) the service would keep runing but the computer is Not Protected.If the setting are left at default and the User Interface is disabled at Startup the service would Run. I do not know (yet) what level of protection it provides without the User Interface running, but functions that depend on the user interface (like notification of events) would not work.So for full protection make sure that both the Service and the user interface are running. :thumbsup:

Edited by JackR

Share this post


Link to post
Share on other sites
Marsden11

That is incorrect.You do not need the User Interface running to have full protection. One of the reasons MS rewrote the Giant Antispyware program which was written in Visual Basic was that Giant Antispyware was a normal Windows application, and not a service. This limitation meant that it could only be used by administrator-level users, and only when a user was logged on.The new UI is literally just a front-end for the Windows Defender service, which runs constantly in the background and works properly regardless of which type of user account you're using. It even works when no one is logged on. That is the main reason to run it as a "service."This new front-end is essentially a dashboard for Windows Defender's features. After updating to the latest spyware definitions, you probably won't be interacting with the front-end much any more, unless you manually launch the application or a real problem develops.On a related note, the ever-present tray icon from Windows Antispyware Beta 1 is missing. The MS mantra for this release is that it should not be as annoying than the spyware you're trying to eradicate. So there's no tray icon, and almost no pop-up windows.

Share this post


Link to post
Share on other sites
JackR

So let me understand.You get into the GUI and you disable the protection in the General Setting Menu.After disabling, the service still runs. So never mind that deliberately disabled the Real time protection, you are still protected? B)

Share this post


Link to post
Share on other sites
Tushman
So let me understand.You get into the GUI and you disable the protection in the General Setting Menu.After disabling, the service still runs. So never mind that deliberately disabled the Real time protection, you are still protected? :D
That just got my funny bone good! B)

Share this post


Link to post
Share on other sites
Guest LilBambi

Installed it on two computers so far, working well. Course since it Windows Automatic updates just came through as well, how would we know if Windows Defender was a problem or one of the new updates for February. ;)Seems to be working well for clients so far. We will see as time goes on how well it does. But the way it is intended to work seems to be very nice.

Share this post


Link to post
Share on other sites
JerryM

I had hoped to use the MSAS on my laptop instead of buying a AS. However, since I am not "geek" enough to use a Beta such as this one, and with the problems some report, I am going to renew my Counterspy, or buy Spysweeper. Most seem to have no trouble withDefender, but I want to avoid any id I can.A year ago I formed the opinion that Counterspy was slightly the best AS, but recently it seems that Spysweeper is somewhat better.I have about 30 days before having to renew CS. I think the price is about $10, and that is not worth the trouble that may come with this Beta 2. The Beta 1 was not a problem, except updating several months ago.Jerry

Share this post


Link to post
Share on other sites
Marsden11
You get into the GUI and you disable the protection in the General Setting Menu.After disabling, the service still runs. So never mind that deliberately disabled the Real time protection, you are still protected?
If you are going to disable it in the front end GUI then why install it in the first place??? That makes no sense...After installing Defender (x64) on my laptop it proceeded with a scan. It found two files (executables - trojans) that Counterspy and SpySweeper had ignored for 4 months. I'm sticking with the Defender beta... Edited by Marsden11

Share this post


Link to post
Share on other sites
Rons

I like the simple GUI. It should make it easier to use for those who new to computing. I'm recommending it to my clients. :thumbsup:

Share this post


Link to post
Share on other sites
Keegan
I like the simple GUI. It should make it easier to use for those who new to computing. I'm recommending it to my clients. :thumbsup:
but are you recommending a beta?will this autoupdate when a new version is coming out?and last does this beta have any timebomb in it?would be great if this is good enough 2 use right now for a non techie

Share this post


Link to post
Share on other sites
JackR
If you are going to disable it in the front end GUI then why install it in the first place??? That makes no sense...
I tried to give some info about the program, and that there is two components that loads at startup. But I guess that there is always a way to drag something down when One is set to do so.Have a nice day. :thumbsup: Edited by JackR

Share this post


Link to post
Share on other sites
Gary

I am giving it a shot.

Share this post


Link to post
Share on other sites
Marsden11

I'm confused...

I tried to give some info about the program, and that there is two components that loads at startup. But I guess that there is always a way to drag something down when One is set to do so.
You claimed that there are two components that start when you boot up your system with Windows Defender installed as a Service.I can only find one and that is the Windows Defender Service. I see no evidence that the GUI front-end is started as well. I go to Start> All Programs> Windows Defender. If I click on Windows Defender, the GUI front-end opens up. MSASCui.exe does not run until you open the GUI front-end.Yes, you can disable real time protection in the GUI, but that is the heart of Windows Defender. You can choose not to use any individual component or all of them. With Real Time turned off you still have the Scanning Service running. The Real Time Protection is the key to keeping the crap off your system. Scanning finds the crap if it is there. Real Time keeps it off to begin with...Auto Start Monitors lists of programs that are allowed to automatically run when you start your computer. Spyware and other potentially unwanted software can be set to run automatically when Windows starts. That way, they can run without your knowledge and collect information. They can also make your computer start or run slowly. System Configuration (settings) Monitors security-related settings in Windows. Spyware and other potentially unwanted software can change hardware and software security settings, and then collect information that can be used to further undermine your computer's security. Internet Explorer Add-ons Monitors programs that automatically run when you start Internet Explorer. Spyware and other potentially unwanted software can masquerade as web browser add-ons and run without your knowledge. Internet Explorer Configurations (settings) Monitors browser security settings, which are your first line of defense against harmful content on the Internet. Spyware and other potentially unwanted software can try to change these settings without your knowledge. Internet Explorer Downloads Monitors files and programs that are designed to work with Internet Explorer, such as ActiveX controls and software installation programs. These files can be downloaded, installed, or run by the browser itself. Spyware and other potentially unwanted software can be included with these files and installed without your knowledge.Services and Drivers Monitors services and drivers as they interact with Windows and your programs. Because services and drivers perform essential computer functions (such as allowing devices to work with your computer), they have access to important software in the operating system. Spyware and other potentially unwanted software can use services and drivers to gain access to your computer or to try to run undetected on your computer like normal operating system components. Application Execution Monitors when programs start and any operations they perform while running. Spyware and other potentially unwanted software can use vulnerabilities in programs that you have installed to run harmful or unwanted software without your knowledge. For example, spyware can run itself in the background when you start a program that you frequently use. Windows Defender monitors your programs and alerts you if suspicious activity is detected.Application Registration Monitors tools and files in the operating system where programs can register to run at any time, not just when you start Windows or another program. Spyware and other potentially unwanted software can register a program to start without notice and run, for example, at a scheduled time each day. This allows the program to collect information about you or your computer or gain access to important software in the operating system without your knowledge.Windows Add-ons Monitors add-on programs (also known as software utilities) for Windows. Add-ons are designed to enhance your computing experience in areas such as security, browsing, productivity, and multimedia. However, add-ons can also install programs that will collect information about you or your online activities and expose sensitive, personal information, often to advertisers. Source: Windows Defender Help Edited by Marsden11

Share this post


Link to post
Share on other sites
JackR
I'm confused...
I have a policy, every time when I install a program, following the installation I check Wimndows Startup and Services to see what the Application did to my system. I consider it as security measure.So, after I installed the defender I looked at the Services and spotted a service that is set to start Auto.Then I looked at the Startup, and found this entry.Look here at the last line, http://www.ezlan.net/network/defender.jpgI would assume that the GUI starts by default but nothing is seen to the “naked eye†because of the option “–hide†at the end of the line. :hysterical: Edited by JackR

Share this post


Link to post
Share on other sites
Gary

I installed it on my Daughter's machine and did a thorough sacn and it found nothing. I then did a normal scan using Adaware SE and it detected 4 spyware items that WD missed. The program is now off all of my machines.

Share this post


Link to post
Share on other sites
Marsden11

What were the 4 items?

Share this post


Link to post
Share on other sites
Gary

Tracking cookies.

Share this post


Link to post
Share on other sites
Guest LilBambi

I would have to say that not finding tracking cookies would not be as big a thing as say not finding VX2, Lop, SpySheriff, SpyFalcon, WebSearch ToolBar, etc.And I would hope that everyone knows to use multiple antispyware programs at least for scanning. Only one for real time though.And I don't think Windows Defender should be your real time protection just yet. It is still Beta.However, Windows Defender seems to do a pretty decent job.I will say that it did get one false positive ... it thought a single old wav file from the early 90s (long before SpySheriff was even a gleam in its creator's eye) was SpySheriff. ;)Windows Defender also crashed once on me so far. But it is Beta. You have to expect these types of things in Beta software.And is not the only antispyware program I use, nor would it be since it is Beta.They will get the bugs worked out and I am sure it will be at least as good as MS AntiSpyware soon.

Share this post


Link to post
Share on other sites
Gary

I use Spyware Blaster, Adaware SE, and Spybot S&D. Neither one of these programs uses system resources just to be on your system. I also believe that 3 such programs is plenty. I do not need any more. I just used WD as a trial and it failed my trial. If it cannot pick up tracking cookies , what else did it miss. I should say that it detected nothing on all three of my machines. Yes it is still in Beta and has been since it was first introduced many months ago under a different name.

Share this post


Link to post
Share on other sites
JackR
I use Spyware Blaster, Adaware SE, and Spybot S&D. Neither one of these programs uses system resources just to be on your system.
The programs do not take resources if you do not use the Active Guard (Ad-Watch) part of the programs. I.e. you do Not have active on line protection.MS-Spyware could work as a scanner only without setting it the Active Guard (just as the other programs mentioned above). The newer beta WinDef. would not work without the Service running.If you disable WinDef. Active Guard the GUI goes away and the Service stays On and consumes 8MB of RAM.When you enable the Active Guard the GUI comes back and take an additional 10MB RAM.If you enable Ad-Ware’s Ad-Watch, it takes 8MB of RAM.I guess that MS decided that when the average computer that is sold today comes with 512MB RAM 8MB on security Service is Not the end of the world. ;)

Share this post


Link to post
Share on other sites
Gary
I guess that MS decided that when the average computer that is sold today comes with 512MB RAM 8MB on security Service is Not the end of the world.
I have 1 GB of ram and that is not the point. The point is that I do not need a computer that is full of nothing but anti-spyware programs. The two that I have are monitoring for spyware (SpywareBlaster) and Spybot S & D. These two do not use any system resource and better yet they work! As I stated earlier WD missed tracking cookies that Adaware SE found. You are quite right a program using 8 mb of resources is not going to hurt anything, if the program works as designed.

Share this post


Link to post
Share on other sites
Rons
but are you recommending a beta?will this autoupdate when a new version is coming out?and last does this beta have any timebomb in it?would be great if this is good enough 2 use right now for a non techie
MS actually bought this software from Giant software, I believe in late Dec of 2004. The software was already established as a fairly good anti-spyware product. MS re-released it with the MS moniker in the first part of 2005, using a beta one designation. This new product I believe has a better GUI than the old. Though designated beta two by MS, there have been few issues with the core software. Gates has stated this software would remain free. Time will tell if he keeps his word.And past releases have auto-updated. Whether this will be the case for future releases is unknown.Timebomb - no expiration is indicated on the MS site.

Share this post


Link to post
Share on other sites
Marsden11
The two that I have are monitoring for spyware (SpywareBlaster) and Spybot S & D. These two do not use any system resource and better yet they work!
So are you saying that when either program is actively scanning your system, neither one consumes CPUs cycles nor uses any system memory?That is a pretty neat trick... if that is the case... they are not really running are they?Since I can manually delete cookies, tracking or benign at any time... I don't consider that a huge threat and that is not a priority for spyware removal.

Share this post


Link to post
Share on other sites
Gary
So are you saying that when either program is actively scanning your system, neither one consumes CPUs cycles nor uses any system memory?That is a pretty neat trick... if that is the case... they are not really running are they?Since I can manually delete cookies, tracking or benign at any time... I don't consider that a huge threat and that is not a priority for spyware removal.
No that is not what I am saying. I am saying that SpywareBlaster protects against spyware and such without using any resources. Spybot S & D do the same.I do not manually delete cookies as I don't like to have to remember user names and such for all of the forums that I belong to. And since my default browser is Firefox , spyware is not that much of a problem.

Share this post


Link to post
Share on other sites
Guest LilBambi

SpywareBlaster does not take resources to do it's protection. It is a type of innoculation program. You update it, set it and forget it...till next week when you check for updates again.The SpyBot S&D IE defense uses TeaTimer if I remember correctly. I don't personally care for that and it can be left unchecked by not choosing to immunize and only do updates and scanning. In that state it does not use resources any more than Ad-Aware does if you are not running Ad-Watch as far as I understand it...except when you are scanning.Cookies are handled by many programs including SpyBot S&D and Ad-Aware. It would be nice if Windows Defender dealt with them as well, because not all programs handle all variations on different types of adware, cookies, spyware, malware, etc. but if someone uses these others it would not be too great of a loss.Windows Defender's engine and defs, as well as its UI, if I remember correctly, has been seriously changed/revamped from the previous MS AntiSpyware which was based solely on the Giant Software. It is basically a totally new program.There will be things to iron out.I would really like to see an option, that could still be left initally as it is currently, that would allow one to use it as a scanner only and not as a realtime protection. Also would like to see an option, that could be turned off and on regarding a system tray icon. I have no problem with it using a running service that would trigger the scanner, like Spy Sweeper does, but I have a problem with not having more control over what it does. Just my two cents.

Edited by LilBambi

Share this post


Link to post
Share on other sites
Rons

Fran - is this what you mean:Real Time Protection can be turned off - Tools - General Settings and scroll down to turn off protections completely OR to fine tune what protections you want.

Edited by Rons

Share this post


Link to post
Share on other sites
Guest LilBambi

Yes! Thank you.. missed the scroll entirely! Not sure how I missed that! :thumbsdown:

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...