Hi and sorry if this is not in the right group, but I couldn't find
a forum specifically for Windows Defender.
I have Defender installed, but I am beginning to wonder if it's even
doing anything. I don't see any alerts and I never find any trace
of it detecting spyware/tracking cookies. When I run a scan, it
never finds anything, but when I run ad-aware, it will detect a
bunch of stuff on my system.
Because you left Ad-Aware configured to list cookies in its scan
results. Cookies are NOT spyware. Learn to differentiate between
executable files and text/doc files.
Cookies are not spyware. Read the following:
http://www.edbott.com/weblog/?p=246
http://www.xblock.com/articles/article_show.php?id=64
http://thundercloud.net/infoave/answers/goodcookie-badcookie.htm
http://en.wikipedia.org/wiki/HTTP_cookie
I bet you NONE of the anti-spyware tools that you use has yet to
report the cookies (.sol files) left behind by Flash. Oooh, cookies,
big deal.
For anyone running Defender, is the program worthwhile or should I
just dump it and run ad-aware/spybot s&d?
Well, if you or software hasn't made any changes that the system
agents are looking for then why would you expect it to issue alerts on
events that have not occurred? Have you tried using msconfig to
change your startup items, or edited the Startup group, changed the
home page in your browser, or have you installed any BHOs (browser
helper objects), like Adobe's Acrobat AX control? Would you trust a
burglar alarm in your house that triggered when there were no burglars
present? That would make it unreliable and very nuisancesome with
tons of false positives more than for false negatives (malware not
caught).
One tool is not sufficient for protection. Besides anti-virus
software, you need anti-spyware, anti-malware, firewall, and perhaps
more security software to detect all pests. Not all need to run at
the same time. I have several installed but they are not continuously
running and instead used solely for on-demand scanning. I have:
AVG AntiVirus
AVG AntiRootkit (*)
AVG AntiSpyware (*)
SysInternals Rootkit Revealer (*)
Windows Defender
BOClean
System Safety Monitor (+)
Lavasoft Ad-Aware (*)
Spybot S&D (*)
SpywareBlaster (*)
HijackThis (*)
SuperAntispyware (*)
Comodo Firewall
(*) These are not loaded to run continuously. They are ran manually
to perform on-demand scans or updates.
(+) IPS (intrusion protection system) software. Definitely not for
newbie or lazy users. SSM is the free version so some features are
absent. AntiHook's prior version is free, full feature set, but
impacts my host's responsiveness way too much.
The more security programs you have running, the more your host gets
impacted and the less likely your OS and applications will behave.
Every program running incurs losses in resources (CPU cycles, memory)
and impacts responsiveness. You need to add enough to be reasonably
safe, not unreasonably safe with severe loss of use of your own host.
By the way, I don't run Windows Defender to catch malware. If it
does, great. I primarily use it to monitor system changes whether
they be made by malware or goodware because I want to be in control
or, at least, notified of those changes, like a service being added or
deleted, an entry added to the registry Run keys, home page changed
for the browser, etc. That's also why I use an IPS program so I can
regulate what can and cannot load into memory (programs can only run
if they get into memory). Even the firewall I use includes IPS. If
Comodo ever gets decent on-demand coverage for their anti-virus
product then I'll use their free AV program which also includes IPS
(but neither of their firewall or AV products with IPS match System
Safety Monitor or Antihook).
Remember the more security you have running on your host then the less
responsive and the less usable it is. Find enough to feel comfortable
without impacting the use of your own hardware.
