Is Windows Defender actually doing anything at all?
November 13, 2007 12:00 AM Subscribe
What the hell is Windows Defender actually doing all day? It seems do precisely nothing on my machine.
No matter what I install, I never see a single pop-up window, even when that software makes changes such as adding itself to the startup list, or when it does anything really. I also see a warning icon in the system tray every month or so saying I've not done a scan in 27 days, even though it's set to scan automatically every day at a time when the computer is almost always on.
Is the program just extraordinarily effective at detecting spyware and only spyware, or is it just sitting there wasting system resources for no reason whatsoever? Is it worth replacing with another program, like Spyware Terminator?
No matter what I install, I never see a single pop-up window, even when that software makes changes such as adding itself to the startup list, or when it does anything really. I also see a warning icon in the system tray every month or so saying I've not done a scan in 27 days, even though it's set to scan automatically every day at a time when the computer is almost always on.
Is the program just extraordinarily effective at detecting spyware and only spyware, or is it just sitting there wasting system resources for no reason whatsoever? Is it worth replacing with another program, like Spyware Terminator?
Response by poster: @Steven: I might not have done, but this wouldn't explain why it refuses to do automated scans.
Besides, I'm suspicious about assuming that the software could run for months without picking up a single false positive (and I install quite a lot of new programs every week) - I think it's much more likely that it's not doing anything.
posted by chorltonmeateater at 12:21 AM on November 13, 2007
Besides, I'm suspicious about assuming that the software could run for months without picking up a single false positive (and I install quite a lot of new programs every week) - I think it's much more likely that it's not doing anything.
posted by chorltonmeateater at 12:21 AM on November 13, 2007
is it just sitting there wasting system resources for no reason whatsoever?
Yes.
posted by flabdablet at 2:27 AM on November 13, 2007
Yes.
posted by flabdablet at 2:27 AM on November 13, 2007
According to Wikipedia it should do real-time protection.
I run MacOS but have an XP virtual machine, and Windows Defender seems always to be nagging me about either updates or the fact it hasn't scanned.
I'd uninstall it and reinstall.
posted by long haired lover from liverpool at 3:01 AM on November 13, 2007
I run MacOS but have an XP virtual machine, and Windows Defender seems always to be nagging me about either updates or the fact it hasn't scanned.
I'd uninstall it and reinstall.
posted by long haired lover from liverpool at 3:01 AM on November 13, 2007
Run something in conjunction to satisfy your mind; maybe AdAware (www.adaware.de)
Then decide? Personally, it went south for the winter a loooong time ago.
posted by DrtyBlvd at 4:44 AM on November 13, 2007
Then decide? Personally, it went south for the winter a loooong time ago.
posted by DrtyBlvd at 4:44 AM on November 13, 2007
It's possible you have malware that's disabled Windows Defender, because the automated scans aren't running. Mine complains if it hasn't run in, I think, 3 days, say, when the laptop is shutoff for that long.
I've seen malware disable the antivirus/antispyware programs before. Possibly, you may want to run an extensive scan yourself, using some other program like Spybot or AdAware. You may also want to do something more extensive, like run HiJackThis and see if there' s anything weird in its output.
posted by chengjih at 5:44 AM on November 13, 2007
I've seen malware disable the antivirus/antispyware programs before. Possibly, you may want to run an extensive scan yourself, using some other program like Spybot or AdAware. You may also want to do something more extensive, like run HiJackThis and see if there' s anything weird in its output.
posted by chengjih at 5:44 AM on November 13, 2007
...echoing the above, it's also a good idea to run any scans in Safe Mode, and to run several scans until it says your system is clean.
posted by mjklin at 7:56 AM on November 13, 2007
posted by mjklin at 7:56 AM on November 13, 2007
The current version of defender is much less verbose than the older ones. It keeps a log in the event viewer instead of popping up windows.
There's a phone number you can call here. Also there's a link to do a free 'safety scan.' I'd do that first.
posted by damn dirty ape at 8:30 AM on November 13, 2007
There's a phone number you can call here. Also there's a link to do a free 'safety scan.' I'd do that first.
posted by damn dirty ape at 8:30 AM on November 13, 2007
Response by poster: Hmm, when I look at the history, it shows some events that it decided were 'potentially dangerous', but then the action was 'permit', even though I was not given the choice. I feel an uninstall coming on...
posted by chorltonmeateater at 9:28 AM on November 13, 2007
posted by chorltonmeateater at 9:28 AM on November 13, 2007
Pretty much anything is potentially dangerous to WD. Stuff like editing the hosts file or changing what happens at startup. WD errs on the side of caution so people dont wake up with machines missing their VNC installs or their startup folder empty. It logs stuff like this just in case.
Now, when something matches its malware signatures it will take action, usually without intervention.
In a sample size of 120 or so computers I have it on, it seems to do a decent job, especially with toolbar hijackings. It wont be able to clean your more evil infections like SmitFraud, but neither will ad-aware or spybot.
Its mostly an application for non-technical users. I imagine that someone who is careful of what they are installing may not need a dedicated spyware scanner.
posted by damn dirty ape at 11:30 AM on November 13, 2007
Now, when something matches its malware signatures it will take action, usually without intervention.
In a sample size of 120 or so computers I have it on, it seems to do a decent job, especially with toolbar hijackings. It wont be able to clean your more evil infections like SmitFraud, but neither will ad-aware or spybot.
Its mostly an application for non-technical users. I imagine that someone who is careful of what they are installing may not need a dedicated spyware scanner.
posted by damn dirty ape at 11:30 AM on November 13, 2007
I followed an early set of instructions for disabling Defender, and I never get bugged anymore. Perhaps someone has done this to your machine?
posted by Mr. Gunn at 11:48 AM on November 13, 2007
posted by Mr. Gunn at 11:48 AM on November 13, 2007
Echoing DirtyBlvd, except I'd use Spybot Search & Destroy as your "control". Honestly, I think Spybot's the better tool, but YMMV.
posted by JaredSeth at 1:49 PM on November 13, 2007
posted by JaredSeth at 1:49 PM on November 13, 2007
This thread is closed to new comments.
posted by Steven C. Den Beste at 12:11 AM on November 13, 2007