Hi

I was wondering what kind of real-time protection does Windows Defender have?

I think it has a basic form of a behavioural blocker, does it scan files in real-time?

Thanks

I have yet to receive a malware intrusion notification from Windows Defender since I've been using Vista (about a year now...I was a Linux dude prior to that time period). Makes you wonder how effective it is, don't it? But I am a safe surfer and I do keep on top of my computers security so maybe there's nothing to detect. :). A lot of people, though, have a very low opinion of Windows Defender and its capabilities. BTW, it does scan in real-time.

Later...

Hi

Thanks

So it does have signature real-time? Because I can't see that in the options.

I agree, I used to it for around one and a half years and there was no alerts.

Windows Defender does signature updates on average once a week. Sometimes the update can be over 9 mbs in size which I assume is a whole new Windows Defender install (normal updates are in the 200 kbs range). Keep in mind I'm in Vista.

I had Windows Defender turned off, and the associated service disabled, but turned it on yesterday just to see it in action for awhile. Watch and wait at this time.

If you haven't run Windows Defender in awhile, it will appear at first to use a small amount of resources, but after a few days, it should use next to zero.

If you go to 'tools', then 'Microsoft SpyNet', you can select either basic or advanced membership (or none).

Running advanced membership will alert you when any 'known' and 'unknown' processes are trying to run or perform a 'suspicious action', so in a sense, with advanced membership enabled, it is a real-time behaviour blocker.

Advanced membership will then give you the option to 'permit' or 'deny'.

Basic membership will provide fewer alerts as it excludes providing information about 'unknown' processes making changes to a system.

Overall, considering its low resource use, problem-free updating, and other aspects such as its software explorer (to remove, disable or enable), its not a bad program at all. If you try it with advanced membership, it does give you a better idea of its detection capabilities.

I don't know if this has been improved or not, but I say it anyway.
If you have a large Windows HOSTS file, it can cause a very long scan in Windows Defender.
I reported this issue to M$, but I don't use WD anymore for a very long time, so I don't know if it has been adjusted or not.
Windows Defender had in those days another name also. Don't remember which one, except the word BETA.

The scan isn't the fastest I've seen, but it doesn't appear to be too slow either.

The latest version seems to be the best version released to date (version 1.1.16).

I trialled it back then too ErikAlbert. Used to be called Microsoft AntiSpyware, which was based on the GIANT AntiSpyware product. More info here:
http://en.wikipedia.org/wiki/Windows_Defender

I used to think this software wasn't the best quality product, but since running it on my work computer (in advanced mode), am now quite happy with it. Should continue to improve.

{QUOTE-> The scan isn't the fastest I've seen, but it doesn't appear to be too slow either. <-QUOTE}
You probably don't use the Bluetack Hosts file. :)
http://www.bluetack.co.uk/forums/index.php?showtopic=8337