I run Windows XP/SP2/HE. I have AVG for antivirus and, for spyware, I scan once a week, manually with Spybot & smart scan manually with Ad-Aware 2007 and Windows Defender.

I have 2 questions regarding Windows Defender.

1) I run Defender using real-time protection and I have the Auto Start Option on. The Windows Task Manager shows that Defender is using a lot of resources at start up and the Defender help file actually says that Auto Start can slow things down. So, is there any real point in having the Auto Start option on and would stopping it be worthwhile?

2) More generally, with the protection that I have listed above is it worthwhile running Defender in real time or would my weekly scan be enough?

You could just remove Win Defender from startup, make a shortcut to the desktop and manually open it ;D

About your security, IMO you're using pretty obsolete tools. I'd say to remove Ad-Aware and Spybot and use SUPERAnti Spyware, along with Windows Defender it will run fine.

I don't think that you need Windows Defender on real time, AVG already has the ewido engine which is very good, so I think weekly on-demand scans with Win defender and SAS will be fine.

I concur with emperordarius, and here's how you disable WD (http://www.raymond.cc/blog/archives/2008/02/14/how-to-disable-uninstall-or-remove-windows-defender-in-vista/). In addition to SAS I'd highly recommend MBAM (http://www.malwarebytes.org/mbam.php).

http://www.techsupportalert.com/best-free-adware-spyware-scumware-remover.htm

Although it's a relatively small sample size IMO it is a "real approach" as to how people are getting infected nowadays.

-{ Quote: "Hi. Actually - if I'm honest - my comment about Windows Defender was based on live experience, though after your post I re-ran the tests on the test machine using Windows Defender to get some stats. After this, I'm uninstalling it from my system, since I don't see the benefit. After checking with SuperAntiSpyware to ensure that I had a nicely infected system (note, checking - not cleaning), I let Windows Defender check. SA found 159 infections this time (including the good old rogue spyware remover, bothering me with popups again), whilst Defender found - none. Defender simply pronounced the test system clean, despite the fact that I was watching popup after popup appear while Defender was telling me how lucky I am.

Needless to say - I will be removing the recommendation.

Wed, 07/02/2008 - 19:31 — Steve Hargreaves" }-

Thanks for the replies. I think that I'll now go ahead and stop Defender working in real time and see how this effects the start up time.

I've also downloaded the recommended program, SuperAntispyware, and am trying it out. So far it doesn't seem to have caught anything that was missed by AdAware, Spybot or Defender. Hopefully, this is because I have managed to keep my PC clean.

While you are at the Malwarebytes site, take a look at RogueRemover (http://www.malwarebytes.org/products.php) and if your system is as clean as you state, the Free version might suffice as another nice weapon to have in your arsenal.

you should remove windows defender although it's good, SAS is a lot better.

AVG + SAS + Spyware Blaster = Free programs yet great protection

Run Defender with Sprynet and its a real time HIPS as well.

Arup, that's a good point worth mentioning. Running Windows Defender with advanced membership (spynet community) monitors any system changes, and gives you a prompt to permit or not.

Anyone tested Windows Defender with advanced membership on, against the usual tests? :-\

With it on, it alerted me to changes being made to my system by program *** which actually was my wireless usb modem/software.

The product does seem to be getting better. :thumb:

-{ Quote: "
Anyone tested Windows Defender with advanced membership on, against the usual tests? :-\
" }-

Yes, I have... Seriously, not worth the hassle. There's no permanent whitelisting feature in there, so it keeps nagging me about Intel NIC driver action every two hours. I don't get the thinking behind this. ::) :thumbd:

-{ Quote: "Yes, I have... Seriously, not worth the hassle. There's no permanent whitelisting feature in there, so it keeps nagging me about Intel NIC driver action every two hours. I don't get the thinking behind this. ::) :thumbd:" }-


Have you tried the do not scan feature?

-{ Quote: "Have you tried the do not scan feature?" }-

It's a behavior trigger, don't think that will work at all. Anyway, that was not my point. What's the value in such a feature when there's absolutely no way to whitelist false positives. ??? :-\

-{ Quote: "It's a behavior trigger, don't think that will work at all. Anyway, that was not my point. What's the value in such a feature when there's absolutely no way to whitelist false positives. ??? :-\" }-

Submit it to Sprynet and they would most likely remove it from their list.

-{ Quote: "Submit it to Sprynet and they would most likely remove it from their list." }-

Sorry to sound dumb, but there's no such feature like "Submit to Spynet" in this product. There's no right-click anywhere in the "History" log or anything, there's no such option on detection prompt. I thought WD does it automagically, but since this event itself was allowed 12 times, the driver is digitally signed by Intel and about one gazillion of users must be using it, I thought that should be enough to make the application STFU. No way.

As said, I only tested the application and turned it off. Not for me.

-{ Quote: "I run Windows XP/SP2/HE. I have AVG for antivirus and, for spyware, I scan once a week, manually with Spybot & smart scan manually with Ad-Aware 2007 and Windows Defender.

I have 2 questions regarding Windows Defender.

1) I run Defender using real-time protection and I have the Auto Start Option on. The Windows Task Manager shows that Defender is using a lot of resources at start up and the Defender help file actually says that Auto Start can slow things down. So, is there any real point in having the Auto Start option on and would stopping it be worthwhile?

2) More generally, with the protection that I have listed above is it worthwhile running Defender in real time or would my weekly scan be enough?" }-

What's HE ?

I don't know how Windows Defender works these days, but for a time I used it, and it was crap !

Spybot and Ad-Aware ? It doesn't seem the best antispyware protection.

I don't know your hardware, so it's difficult to make a recommendation.

I don't think AVG is the best antivirus, but doesn't it also 'protect' against spyware these days ? I'm not sure. May depend on version.

You have to be careful about security software conflicts, and the resources these programs use, as well as properly configuring and updating these programs.

I also suggest you check your system (hardware plus software) for any known vulnerabilities.

Several 'antivirus' programs offer reasonable to good (?) antispyware protection.

Good antispyware applications ? Difficult question to answer, many like 'SAS', you could use the full 15 days Counterspy 2.5.1043 trial that works as well as the purchased version, you just can't use the software after the 15 days for free. Of course, you could also try VIPRE (new, somewhat untested, includes antivirus and antispyware protection), 15 days free trial. I'll leave more suggestions to others.

Do you use a firewall ? Recommended !

There is an allowed item tab where you can specify programs you wish to be excluded from monitoring, don't know if that will work for you. I get no pop ups whatsoever and have been running Defender for months.

-{ Quote: "There is an allowed item tab where you can specify programs you wish to be excluded from monitoring, don't know if that will work for you. I get no pop ups whatsoever and have been running Defender for months." }-

Well no, that's completely useless since the items I've posted are not added to that list, and there's no way to add them manually.