Does Defender work?

G

Guest

One of you MVP's may want me to mail you my computer. I've got an older Acer,
souped up with a lil extra memory running Windows 2k Server, and boy is it
currently being OWNED. Downloaded Spysweeper Trial, it cleaned off a bunch of
stuff, trial ran out and everything came back. (which led me to believe
spySweeper wasn't actually cleaning anything, just holding it off
temporarily) I've installed Defender, and everythign that spySweeper found
and deleted, Defender is completly missing. I've quick and full scanned it 4
times in the last 12 hourse and it hasn't found one item worth removing. I've
got a SysProtectionpage.net home page hijack, malware.com icon blinking in my
systray, toolbar888 installed from I don't know where, dcomcfg.exe running,
regperf.exe, atmclk.exe and Monaco Gold Casino ads poppin up evey 10 minutes.
Yes..its my fault my box was hit..first major screw up in the 15 years i've
been "computing"..but i'm lil shocked Billy Gates boys could miss so much
stuff.

I'm about to blow the drive up and reinstall..but before I do, if any of you
engineers, MVP's or anyone want a log or direct connect and see for
yourself..let me know..

(e-mail address removed)
 
B

Bill Sanderson MVP

I'd recommend using F-secure's Blacklight rootkit tool before you quit.

https://europe.f-secure.com/blacklight/

(I hope that link works!)

No antispyware is perfect, or gets everything--and I know for sure that
there's at least one rootkit-based spyware implementation that Windows
Defender didn't see on a system I cleaned.
 
G

Guest

I have had the same experience with Windows Defender and it's previous
version (AKA: Microsoft AntiSpyware).

Windows Defender doesn't seem to do anything except consume system resources.

Recently, I did some testing of my own to see for myself which programs did
best by infecting an old machine of mine with many spyware/etc... programs
and Windows Defender didn't find anything while most of the others did.

Granted, I am no expert on the subject and my testing was by no means
scientific or conclusive but it does lead me to believe that Windows Defender
leaves a lot to be desired. I realize that no program could possibly find
everything but one would at least expect Windows Defender to be able to find
at least some spyware, etc...

One of the "MVP's" mentioned "rootkits" and that another scanner should be
used to find them. Personally, I believe that if it is a threat, it should be
detected with NO EXCEPTIONS. This would include rootkits, spyware, malware,
adware, cookies, and anything else that may pose a threat to privacy.

With that said I must ask... Microsoft, why does Windows Defender do so
poorly?
 
J

Jupiter Jones [MVP]

Exactly what was missed?
Cookies are not detected, but cookies are already easily managed in most
browsers including Internet Explorer.
If it is cookies, they are not a problem, if something else, post details
and perhaps someone can give you a precise answer.
 
G

Guest

To expect any single anti-threat product to be 100% effective is patently
absurd!

I have submitted numerous supect files to Virus Total, and in nearly every
instance, fewer than HALF of all popular AV scan engines failed to detect the
presence of a threat in one file or another. Virus Total employs two dozen
different products to scan each submission.

I have NEVER seen more than 20 scanners agree on any of the submission I
have made. To be fair, that is likely due to the fact that most suspect
files have been removed by my choices of resident scanners.

For links to Virus Total and a few other useful resources, check out
http://SecorConsulting.net/pages/security.html

Take particular note of the Virus Total statistic "Failures in Detection
(last 7 days". The tiny blue sliver is the number of files that *ALL* AV
engines managed to detect. Presently that is a pathetic 307 files out of
23342.

If you do not regularly use three or four online scanners to suplement your
resident anti-threat tools, you are asking to be compromised. PERIOD.
 
G

Guest

Hi Scott, funy, the link on this post is working OK. But the other (about 4
post up) is not.
 
Top