Windows Defender: Another look.

Discussion in 'other anti-malware software' started by Wordward, Nov 19, 2007.

Thread Status:
Not open for further replies.
  1. Wordward

    Wordward Former Poster

    Joined:
    Jan 12, 2007
    Posts:
    707
    After having finally deciding on my Security set up. Avast, ThreatFire, and Windows Firewall. (behind wireless router SPI firewall) I decided to add one Real Time AS just for the heck of it. I tried Spyware Terminator and it's a fine free program with lots of apparent RT protection, but there were a few things I personally didn't like. GUI was slow to open, its lack of signatures at this point, and it didn't seem to run well with ThreatFire. (High CPU spikes of 55 to 75k) I then tried Spyware Doctor Stater Edition which has IMO a nice GUI and it ran very well on my PC. It also boasts of having over 180,000 signatures. It doesn't have all the ON Guard features of the Full Version, (only the File Guard which I understand is because it's free) but this is what made me begin to think of Windows Defender. It seemed that WD would be a good cross between ST and SD with what all it covers and I read how it has improved over the years. I also read it uses Heuristics and is considered a HIPS in the sense of how it protects and actually doesn't do that bad of a job for RT protection. I use SuperAntiSpyware as my On Demand Scanner so I believe I have that covered, and now after thinking about giving Windows Defender another look I was wondering what some users have to say about it.
     
  2. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    WordWard,

    This setup
    - Hardware FW
    - Microsoft Defender real time with scan option unselected, select make recovery point before applying choices of the user.
    - Avast bit free with forward checking of Web, P2P, I-mail (high sensitivity) and the standard shield set to only check at writes (no execution, no read control)
    - ThreatFire free (before CyberHawk paid) with custom rules
    - Policy Sandbox/Browser with reduced rights

    This setup has kept my son (gamer) malware free for the last 3 years. I do not know whether you have a hardware FW, but Windows FW will do for inbound.

    For dodgy browsing you could run with limited rights or use a sandbox/virtualisation program.
     
  3. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Windows Defender has two things:
    - A "light" realtime IDS/policy guard which is OK.
    - A malware scanner which is too weak and lacks frequent updates.
    Since you have Threatfire onboard, the IDS of WD becomes useless.
     
  4. Wordward

    Wordward Former Poster

    Joined:
    Jan 12, 2007
    Posts:
    707
    Useless? I'm not disagreeing with you lucas1985 as I beleive you know what you are talking about, but wouldn't WD detect a few things that TF may overlook or miss? Also it shows details about the PC that TF doesn't. Kees1958 do care to weigh in on this?
     
  5. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Wordward

    What Lucas1985 says is true its real time black list is not impressive (that is why I disabled it). But the real time IDS feature (at least in Vista) covers nearly everything. Under Vista it has the option to automatically make a restore point before allowing a change. This provides an easy roll back against wrong dicisions. I can not remember whether Windows Defender also provided this in XP.

    Regards Kees
     
  6. Jon_T

    Jon_T Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    38
    :) LOL, thought you had pretty much decided on ZA AS? https://www.wilderssecurity.com/showpost.php?p=1120304&postcount=47

    Noticed in posts you were trying Online Armor which means your using Win XP?

    For someone who has be agonizing over which firewall to use why would you want to use Win XP's firewall which has no outbound monitoring/blocking? o_O

    I have NAT/SPI router but would still want a software firewall for monitoring/controlling outbound. Also been looking for easy to use software firewall for a new system (Win XP SP2) I bought. Currently still trying out Online Armor Free. Main reason have not purchased Online Armor is there still no documentation available on how to use all its features, and know nothing about using a rule based firewall -- i.e., I want more control over OA's firewall than just using it in the "Standard" (full auto) mode.

    Been using ZA since 2.0 and still have ZA Pro 5.5.094 on my old box. Have no interest in ZA Pro 6.x/7.x versions due to all the non-firewall features bloat and buggy releases. ZA AS may be acceptable. I've been reading posts at Zone Alarm User Forum and might give it a try (after making image of HD) after the holidays. I do not have anywhere near the time you seem to have to be trying out software. ;)
     
  7. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
  8. Wordward

    Wordward Former Poster

    Joined:
    Jan 12, 2007
    Posts:
    707
    That was my other personality Jon_T. I am much less paranoid and only use an AV for security. LOL. Also my other personality is unemployed that's why he uses Freeware. LOL. Seriously though, I have seen all the threads on whether an Outbound Firewall is useful, and I'm still not sure. However I think you may have my other personalty interested in ZAAS again. LOL. Hey 19monty64, I thought about Sandboxie, but then you know me well enough to have already figured that one out, right? LOL.
     
    Last edited: Nov 19, 2007
Loading...
Thread Status:
Not open for further replies.