B
Brian
Is it necessary to keep Windows Defender running if you've already got a
third-party antivirus and firewall running? Does Defender do anything
extra?
third-party antivirus and firewall running? Does Defender do anything
extra?
M
Mr. Arnold
Brian said:
No not really but some like to use the layered protection approach, in case
a solution can be taken down by malware you have some backup,
R
Richard G. Harper
Yes, it does. Defender targets spyware and adware so unless your antivirus
solution also does, turning it off will leave you with a hole in your
protection.
--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* NEW! Catch my blog ... http://msmvps.com/blogs/rgharper/
* PLEASE post all messages and replies in the newsgroups
* The Website - http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm
solution also does, turning it off will leave you with a hole in your
protection.
--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* NEW! Catch my blog ... http://msmvps.com/blogs/rgharper/
* PLEASE post all messages and replies in the newsgroups
* The Website - http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm
B
Bruce Chambers
Brian said:
Windows Defender isn't an anti-virus application; it serves the
entirely different purpose of detecting and blocking adware and spyware.
You need both an anti-virus application and an anti-spyware
application. If you prefer, you can install a 3rd-party anti-spyware
program and then disable Windows Defender.
--
Bruce Chambers
Help us help you:
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin
Many people would rather die than think; in fact, most do. -Bertrand Russell
J
John Barnett MVP
Windows Defender targets spyware/malware and without it (or a similar third
party application) you are susceptible to an attack, therefore, if you don't
have third party cover it is wise to keep Windows Defender enabled. My anti
virus software, Sophos Enterprise, also scans for spyware/malware but
Windows Defender is still enabled on my system.
--
John Barnett MVP
Associate Expert
Windows - Shell/User
Web: http://xphelpandsupport.mvps.org
Web: http://vistasupport.mvps.org
The information in this mail/post is supplied "as is". No warranty of any
kind, either expressed or implied, is made in relation to the accuracy,
reliability or content of this mail/post. The Author shall not be liable for
any direct, indirect, incidental or consequential damages arising out of the
use of, or inability to use, information or opinions expressed in this
mail/post..
party application) you are susceptible to an attack, therefore, if you don't
have third party cover it is wise to keep Windows Defender enabled. My anti
virus software, Sophos Enterprise, also scans for spyware/malware but
Windows Defender is still enabled on my system.
--
John Barnett MVP
Associate Expert
Windows - Shell/User
Web: http://xphelpandsupport.mvps.org
Web: http://vistasupport.mvps.org
The information in this mail/post is supplied "as is". No warranty of any
kind, either expressed or implied, is made in relation to the accuracy,
reliability or content of this mail/post. The Author shall not be liable for
any direct, indirect, incidental or consequential damages arising out of the
use of, or inability to use, information or opinions expressed in this
mail/post..
K
Ken Blake, MVP
Yes, it does. You need three kinds of software to protect yourself
adequately:
1. Firewall
2. Anti-virus program
3. Anti-spyware program(s).
Windows Defender is that last kind, and does not substantially overlap
what your firewall and anti-virus programs do,
So, yes, you need Windows Defender, or some other anti-spyware
software. In fact, if the only anti-spyware you run is Defender, you
need *more* protection, not less. A single anti-spyware product is
*not* good enough. Note what Eric Howes, who has done extensive
testing on Anti-Spyware products, states:
"No single anti-spyware scanner removes everything. Even the
best-performing anti-spyware scanner in these tests missed fully one
quarter of the "critical" files and Registry entries" See
http://spywarewarrior.com/asw-test-guide.htm
J
Jupiter Jones [MVP]
Not quite true.
Windows Defender is to help protect against spyware and neither anti
virus or firewall do that.
There are 4 things needed to help keep the computer secure.
1. Antivirus
2. Firewall
3. Anti spyware
4. Keep Windows up to date (Windows Update).
While there is some overlap, all 4 are intended to protect the
computer in different ways.
Since they protect for different problems, this is not "layered
protection"
Layered protection is more like a router adding another layer of
protection to the firewall.
Windows Defender is to help protect against spyware and neither anti
virus or firewall do that.
There are 4 things needed to help keep the computer secure.
1. Antivirus
2. Firewall
3. Anti spyware
4. Keep Windows up to date (Windows Update).
While there is some overlap, all 4 are intended to protect the
computer in different ways.
Since they protect for different problems, this is not "layered
protection"
Layered protection is more like a router adding another layer of
protection to the firewall.
M
Mr. Arnold
Jupiter Jones said:
I agree with those two.
I don't agree with that one, because all one has to do is not put his or
herself and the machine in that position to have it happen. I haven't used
any of it in years. All the stuff ever did was find cookies and the machine
cannot be attacked by cookies.
I'll agree with that.
I look at as anything that can be put on the machine to protect it for what
it's wroth.
The 5th element you left out is below.
But if he user doesn't have any common sense to practice safe hex, then
every last bit of it equals no protection.
The only thing that really protects against anything is the one sitting at
the wheel and doing the driving and using the proper tools, looking around
from time to time to see what's happening on the machine, because malware
can go around every last bit of it.
http://preview.tinyurl.com/klw1
K
Ken Blake, MVP
On Sat, 30 Jun 2007 14:27:39 -0400, "Mr. Arnold" <MR.
Although I agree with your point, I'm a belt and suspenders kind of
guy. Yes, you can largely avoid malware by practicing safe hex. But
none of us is perfect, and if we are tired, upset, in a hurry, etc.
it's very easy to let our guard down. My stance is that one should use
all the software protection available, but not simply rely on it.
Moreover, not everyone knows enough to protect himself without
software. Especially for people like that (and that's probably the
great majority of people) such software is essential.
Although I agree with your point, I'm a belt and suspenders kind of
guy. Yes, you can largely avoid malware by practicing safe hex. But
none of us is perfect, and if we are tired, upset, in a hurry, etc.
it's very easy to let our guard down. My stance is that one should use
all the software protection available, but not simply rely on it.
Moreover, not everyone knows enough to protect himself without
software. Especially for people like that (and that's probably the
great majority of people) such software is essential.
C
cquirke (MVP Windows shell/user)
I'm begining to agree with this less and less, as the line between
"nice" commercial malware and "nasty" traditional malware gets
blurred. Traditional av still often ignores commercial malware, which
is often no longer pretending to be "legit" (and thus easy to avoid or
remove), so the risk is increasing.
I still don't like to add an active "underfootware" scanner that does
what av does, but I would retain Defender, and to that I would add
Spyware Blaster. The latter does not run all the time, but confers
"static" protection by populating Restricted Zone, cookie kill-lists
etc. with entries for known "bad guys".
Note 1: There are 200+ fake "antispyware" apps out there, avoid them
all! Free "legit" ones include AdAware, Spybot, A-Squared and AVG
Antispyware (what used to be Ewido).
Note 2: At some point, and maybe still, some MS email apps would work
very slowly if there were "too many" entries in Restricted Zone, as
there would be if you actually USED this to block the large number of
malicious sites and banner URLs etc. that are out there.
Safe hex helps, but is undermined by unsafe UI (e.g. an Explorer that
hides file name .ext by default) and is bypassed by clickless attacks.
Most of the latter rely on exploitable code defects, hence the advice
to keep patched and use a firewall. But sometimes bad guys find and
use exploits before the good guys find and fix them, and sometimes a
yawning defect is left open because it "works as designed".
It can take YEARS to get a design defect fixed - just look at the age
of MS Office macro malware, starting before VBA and ending only quite
recently (well, becoming less common, at least).
Safe hex is like all these other tips; an essential part of defense,
but no substitute for a lack of any or all of the others.
Nice article
M
Mr. Arnold
cquirke (MVP Windows shell/user) said:
But the machine has to be put at risk. If the machine is never put into a
risk position and one is aware of the risks, then running of those solutions
have no value, IMHO. But of course, one has to know what he or she is doing
in this area and know what those risks are to avoid the risks.
I am very aware, as I could turn bad guy with ease, since I have been
programming professionally since 1980. But I am a nice guy.
I think if you posted this into a Security and Firewall NG you may get a lot
of opposition about solutions like Ad-Aware, Spybot, WD, etc, etc.
If one knows how to protect and not to put the machine at risk, then for
someone like that, the solutions are of no value.
C
cquirke (MVP Windows shell/user)
There was a bug fixed by MS once, where scripts within cookies could
have been executed in the anything-goes My Computer zone.
The "fix" changed things so these scripts ran "correctly" in the
Internet Zone. IOW, MS considers it to be by-design to have scripts
hidden within cookies, and doesn't block them totally.
When I read that, I kinda got a lot less relaxed about cookies.
So far, the sky is still up there where we last saw it, though
I agree with you; where we disagree, is on what constitutes "putting
the PC at risk". I'd say any Internet connectivity and any
installaton of software will expose one to this surface.
What's changed is that we rarely find sites by entering URLs these
days - we are more likely to follow a link found by a search, or found
in a forum post, or from within a software installer.
When we get to the site, we reach not only what the webmaster put up
there, but also any hacker defacements (uncommon), banner ads (very
common) and other ads and fake links that could have been added by
commercial malware within the PC, and even by some ISPs.
In practice, a pattern I often see is a PC with no "viruses", a
functioning and up-to-date resident av (usually "Norton"), and a
metric spitload of commercial malware.
Malware begats malware, as settings and other "fences" get trampled
down, and some malware actively pulls down other malware. Defender
has value in that it can alert and block some settings changes.
Recently, I downloaded and installed Adobe Acrobat 8.1, and as usual,
I was obliged to use their "special" downloader. There was a checkbox
to opt in for their Photoshop Album freebie, which I wanted to check
out, so I checked that.
I noticed the download process pulled down the Google Toolbar, which I
didn't see mentioned anywhere in the site. WTF?
Then I noted this toolbar was active in IE, even though I specifically
UNcheck the setting to allow 3rd-party browser intrusions. Er,
"enhancements". Yup, the state of that checkbox had been silently
flipped by Adobe'Google's shovelware, and was now open to anything
else that can find its way in. And so, the system begins to rot.
Cases like these make me extend caution to software installs from CDs,
CDRs, USB sticks etc. even when off line. Unless you really trust
your av to take as active an interest in commercial malware as the
trad stuff, you may not be protected against this sort of thing.
Yep, me2. I'm often more amazed at what the bad guys DON'T do.
The thing is, what is lumped together as "antispyware" is actually
quite a disparate bunch of technologies.
If you exclude passive protections like Spyware Blaster and some
aspects of Spybot, and exclude behavior alerters that operate like
"internal firewalls" like PrevX, All-Seeing-Eye and aspects of
Defender, you look at scanners on their own.
Even there, these work differently. Some run resident, others only on
demand, and some scan from the registry outwards, while others scan
files and then backtrack to registry, others do both. Some scan each
item for multiple baddies at a time, as av usually does; others scan
everything for a particular baddie at a time, as Spybot does.
I like to have scanners for commercial malware on hand, but generally
dislike having them running resident. Defender's built in and on that
basis, I generally leave it there. Passive defenders like Spyware
Blaster are essentially free (as long as you aren't using a brain-dead
email app that is incompatible with the OS's feature set).
So at this point, I'm wondering if we really disagree at all ;-)
What I normally do, is use the old faithfuls AdAware and Spybot, along
with Spyware Blaster, as these don't impose any underfootware baggage
(I'm selective of what I use in Spybot; no Tea Timer etc.).
Then, if I have to check the system for malware, as part of the
process I will re-assert these three, and add A-Squared and AVG
Antispyware. These do run resident in a sense; A-Squared integrates
as a rt-click option, and AVG AS sits in the SysTray to update itself
and runs resident protection for a trial period.
My thinking is this; by needing a cleanup, these particular PCs are
higher-risk, and therefore may warrant extra care, and the trail
period of AVG AS's resident protection may catch things that are still
active, or that missed malware may try to pull dowm., etc.
Follow-up on such systems generally doesn't find first-month
re-infection, so the above may be "overkill". Or maybe I don't see
those re-infections because, lame as it may be, so far it works?
On the 'net, *everyone* can hear you scream
S
Spirit
V
vanilla
One of the extras that I like about Defender is Software Explorer. It gives
good detailed info on stuff that is running on my machine. Even though I use
other antispyware products, I keep Defender running also. And they all get
along with each other. To find Software Explorer, click on Tools at the top
.... vanilla
good detailed info on stuff that is running on my machine. Even though I use
other antispyware products, I keep Defender running also. And they all get
along with each other. To find Software Explorer, click on Tools at the top
.... vanilla
G
Guest
Hi all - I have Windows Defender currently installed on my laptop as well as
numerous other spyware defence programs. It is a Acer Vista Home Premium, and
I also have SpyBot Search and Destroy and Norton Internet Security 2006 as
well as an early edition of Internet Cleanup. I was told one week when
Windows Defender was doing a scan that it nothing at all was found. My
Windows Defender is of course updated, but when i ran SpyBot Search and
Destory after it, that signalled up around 10 things which Defender didnt
find. In my opinion, the only thing defender is any good at is blocking
start-up programs, and if RAM is short on your PC i wouldn't really bother
keeping it running.
numerous other spyware defence programs. It is a Acer Vista Home Premium, and
I also have SpyBot Search and Destroy and Norton Internet Security 2006 as
well as an early edition of Internet Cleanup. I was told one week when
Windows Defender was doing a scan that it nothing at all was found. My
Windows Defender is of course updated, but when i ran SpyBot Search and
Destory after it, that signalled up around 10 things which Defender didnt
find. In my opinion, the only thing defender is any good at is blocking
start-up programs, and if RAM is short on your PC i wouldn't really bother
keeping it running.
G
Guest
yes defender is useless they should have left it alone when it was giant
spyware program it was alot better just another useless service such as aero
glass ect microsoft never gets it
spyware program it was alot better just another useless service such as aero
glass ect microsoft never gets it
J
Jupiter Jones [MVP]
Exactly what was missed?
You never said.
Windows Defender does not detect cookies unlike many other anti
spyware programs.
Internet Explorer and other browsers already give the user wide
control over cookies.
Since the browser takes care of cookies, there is no reason for a
malware program to also do the same thing but less efficiently.
As far as other programs detecting cookies?
Largely marketing, nothing more.
Some spyware detectors rely on detection of cookies to spike their
numbers.
And the numbers is what they use to convince people to use their
products.
You never said.
Windows Defender does not detect cookies unlike many other anti
spyware programs.
Internet Explorer and other browsers already give the user wide
control over cookies.
Since the browser takes care of cookies, there is no reason for a
malware program to also do the same thing but less efficiently.
As far as other programs detecting cookies?
Largely marketing, nothing more.
Some spyware detectors rely on detection of cookies to spike their
numbers.
And the numbers is what they use to convince people to use their
products.
G
Guest
Brian said:
G
Guest
Spyware such as ActiveX were found. On XP Defender functions well - I have
another XP Home computer which recently became infected with a virus.
Defender found the Virus which helped me to find a soloution. Defender didn't
repair it but that isn't what it was made for. I got Windows Live One Care,
from the Microsoft Website, which repaired the problem as far as i know.
Defender has it's advantages but as i said previously, if you don't have a
lot of RAM theres probably not much point keeping it on.
another XP Home computer which recently became infected with a virus.
Defender found the Virus which helped me to find a soloution. Defender didn't
repair it but that isn't what it was made for. I got Windows Live One Care,
from the Microsoft Website, which repaired the problem as far as i know.
Defender has it's advantages but as i said previously, if you don't have a
lot of RAM theres probably not much point keeping it on.
J
Jupiter Jones [MVP]
Did you notify them exactly what the spyware was?
"ActiveX" is not necessarily spyware.
Whatever the specific description was is what they need to know.
"ActiveX" is not necessarily spyware.
Whatever the specific description was is what they need to know.