Windows Defender

[Kevin]

Beta? After four years I think it's safe to assume Windows Defender and it's
MsMpEng.exe sucks. Maybe it's time Microsoft trashes it or they fix it,
although the latter seems unlikely.

Kevin
228.374.9491

 

[Stu]

Hi Kev.

Has it been four years? How time flies. Seems like yesterday when Giant ran
the show My MsMpEng.exe is functioning - after a fashion. What`s wrong
with yours?

Stu

 

[Kevin]

Stu,
Oh, mine is functioning but MsMpEng.exe runs constantly, or close to,
tying up sys. resources to the max. And yes I'm running it, or was, in full
scan mode. I'm now running it in quick scan and doing a full scan once or
twice a week. This helped a lot and I think is the way Microsoft recommends
running it. I have thought about going back to Search&Destroy but want to
look further at the real-time protection in Defender as it has to have some
advantages. Am also concerned how Microsoft determines what programs make the
hit list, no program will be of value if the back door is left open!

 

[Bill Sanderson]

You touched on one aspect of this program that I'd like to see some
clarification from Microsoft about: We've fairly regularly had questions
appear here about whether Defender detects thusandsuch, where thusandsuch is
a program in the category of "legal spyware." i.e. software designed,
perhaps, for parental monitoring of a childs computer.

I'm not clear on the answer to this--it seems to me to be a gray area. Does
Windows Defender attempt to detect all keyloggers?

I've not got the time or inclination to test these issues myself, but they
seem like fair questions to ask. I'm not particularly anxious to side with
teens trying to put one over on their parents--I've a couple of kids who
could be in that category themselves--but I do think it is a reasonable
question from several perspectives.

 

[Stu]

Hi Kev

Not being one to `step on Bill S`s advice` BUT. I note in your post you
mention you are running (or were) in full scan mode regularly. This mode has
been known to be heavy on system resources. My personal feeling is to
configure a `quick scan` at least once a week then go for the `heavy stuff`
once a month - preferrably when the demands on your compare are minimal.
Like when you are asleep?

Stu

 

[Stu]

Oops. Delete in toto: `Compare` and insert `Computer`.

 

[Bill Sanderson]

You aren't stepping on my advice there--that's my recommendation as well. I
only do full scans when feeling especially paranoid, or wanting to give a PC
some excercise....

 

[Dave M]

Hi;

Fair question certainly, and perhaps I've erred in being too free with
advice to errant teens and domestic cheaters, but I personally believe that
any use of keyloggers, including their use by parents or spouses is neither
ethical nor wise. We've seen examples of "legally" installed, EULA
acceptable, non-remotely installable keyloggers pass the narrow Microsoft
spyware definition hurdles and remain undetected both during the Beta and
forward. So, I tend to ignore Defender for this, and instead recommend
using one of the specialized anti-keylogger class of security monitors when
there is the slightest suspicion of keylogging. There are many fully
functional trials and one freeware product available for that, all of which
can be easily googled.

 

[Bill Sanderson]

I sure know folks on both sides of the fence about this one--the example is
"How do I recover the password for my IE Parental Controls feature?" The
obvious assumption is that someone posting this is probably not the parent.
Additionally, of course, the answer is trivially Googleable, so whoever is
posting the question is also not very computer savvy.

I'm neutral--I don't like the idea of using such software, but I can imagine
circumstances in which it might be appropriate in either a work or family
setting.

What your message really brought up for me is that life is getting more
complex, rather than simpler: Now we need:

Antivirus (antimalware??)

Antispyware (preferably more than one, by many reputable recommendations)

Antirootkit (Yes, the Malicious Software Removal tool does some of these,
but there are more...)

and

Antikeylogger.

I suspect we'll never be down to one tool fits all because of the issues you
raise--commercial products which some folks want unnoticed, and others want
to know about--to say nothing of whatever law enforcment folks might be
using...

It sure would be nice to have fewer tools required, rather than more,
though.

I suspect another approach --a hardware and software combined Trusted
Computing Platform--may be what is needed in the end. As I understand it,
such a platform would contain safeguards preventing keyloggers, for example.