Microsoft Windows Defender: still any good?

It's January 6, 2005. After the acquisition of GIANT AntiSpyware by Microsoft, Microsoft introduced "Microsoft Antispyware beta 1". Several builds have been released, and although it still was a beta product many people were enthusiastic about the product.

At the RSA Security Conference Microsoft announced the product would be named 'Windows Defender', and would be available freely for every user of a Windows NT product, starting with Windows 2000. The program entered now the beta 2 phase which meant it got a facelift and several improvements under the hood.
Several companies and schools installed it on their machines, despite the fact it was still in the beta stage.

In October 2006 the product was finished and would support Windows XP, Server 2003 and Vista (yes, they did drop Windows 2000 support). The product was going to be integrated in Windows Vista also, part of the basic system security.

What it does
---
Windows Defender is made to be an all-round system protection tool. It runs in the background and continually protects the user from the installation of malicious add-ons, drivers, auto run items, and other potentially unwanted changes. It also scans the computer now and then, looking for malicious programs. It also scans all the files a user downloads, but only when the downloads are with Internet Explorer.
http://upload.wikimedia.org/wikipedia/en/a/a1/WindowsDefenderHotbar.png.

In Windows Vista it blocks, in cooperation with UAC, all start-up programs that require administrative permissions to run.

Although Microsoft made an antivirus program in the past (Microsoft Anti-Virus for MS DOS), Windows defender isn't. It's primary task is to indentify malicious software, known as malware, and protect the system from unwanted changes. Users that want to have a full system protection were encouraged to buy Windows Live OneCare.

However: both Windows Defender and Windows LiveOneCare are going to be replaced by "Morro". Maybe better known as Microsoft Security Essentials, this new product (which is going to be freeware!) is going to be a full "free antivirus software created by Microsoft that provides protection against viruses, spyware, rootkits, and trojans for Windows XP, Vista, and 7". Basically it's going to be capable of full system protection, when talking about malware, in the same way other AV supplies do.

For now, we still have Windows Defender. And what I'm wondering: does anyone still use it?
People were very enthusiastic about Microsoft Antispyware in the beginning, but nowadays people only seem to be shutting down Windows Defender. I manage quite a lot of computers (both profession and personal), but I never ever have seen Windows Defender catching something. Neither do I know about occasions where Windows Defender was capable of preventing a system from getting infected, or cleaning up a system afterwards.

It just seems to be “the little wall in the sys tray that sits there and sometimes gets a turning wheel”.

I disable it at the systems I’m working with: either because I don’t find it useful, or I use other protection, but keep it enabled at systems I manage for other people that don’t want to have all kinds of extra programs. Nevertheless, like I’ve said, I never saw the program doing something useful.

What about you? Do you still use Windows Defender? And did it actually defend your system? And when Microsoft Security Essentials will be released, will you install it?

OneCare will be discontinued by the end of June 2009 and Windows Defender will be discontinued by the end of summer 2009. Current users will continue to get the latest Malware definition files until the end of the summer.

 

You can kill it prety much by opening the program, going to the options and disable the scheduled scan, update, en the option "enable Windows Defender". Then you can disable the service also, which pretty much silences the application.

Well, I don't think the majority of people will disable it, but a lot of power users I know do.

Well, that's a good thing. However, I think if it wasn't able to catch Eicar we should be really worried . I don't say it's a useless application, but I rarely hear any good from it. Maybe because it does it's job and people don't come aware of it, or maybe because it simply doesn't do anything. I know about several occasions where the AV catched the bad guys, and Defender didn't. But maybe it wasn't simply in Defenders scope.

It's just people use to say you had to download MS AS to keep your pc protected, and nowadays nobody says that about Defender.

It still keeps me wondering though what will happen with MSE: will it automatically upgrade Defender, or will all Vista end up with a program that has been rendered completely useless by Microsoft.

 

It won't. The RTM has been built, but MSIE is still in bèta. Besides that, the European Commission doesn't really like MS bundling anything anymore.

 

I'm not sure about that, to be honest.
At this moment I'm still running KAV 7. As soon as I click an infected link (like Eicar), the download will be terminated and I'm notified.
I use ESS 3.0 at a different pc of mine. Same behaviour.

When you say KIS 2009 doesn't scan the downloads on default, I think this is a well considered decision by Kaspersky Labs, and not a "bug" or imperfection.

If you agree with the latter it or not is a different story. I do, however, like the 'block on download'-behaviour. The early you catch it, the better.