Windows Defender (Beta 2) - Important, horrible experience

Hello,

Mentioned it in the other thread, no one gave it any thought.
I usually do not have any issues with softwares, beta or otherwise and conflicts I meet are rare. However, the new version of Microsoft anti-spyware is a total menace. Please be advised to the following:

Detects filseclab firewall as trojan
Detects BartPE VNC plugin as malware

Functions to ignore or allow always do not function properly - Defender takes actions that continue for 10-20 minutes without any results. Could someone else try this? Please place some fp software on the machine and ignore it.
The unsuccessful 'taking action' can only be stopped through killing the process.
Upon that, next start of Defender is followed by an error.
Upon uninstallation, the Microsoft uninstaller hangs - for 10-20 minutes without result. In one instance, it completed, in another I was forced to abort the uninstallation - upon which Defender could not longer be uninstalled, some files remained, others did not.
Upon reboot on one of the machines, there was a big boot failure. I had to restore the MBR before I was able to boot into Windows again and restore to a point before Windows Defender.
I warmly suggest anyone trying this software:
Backup lots and lots of your data.
Make sure you have handy repair tools nearby.
System restore is a total must.
Avoid it if you can.

Tested on
XP Home on Celeron 1700
XP Pro on P4 3200

Cheers,
Mrk

 

I let go of msas a few months ago. But this is interesting. Wonder what others will/have experience(d).

 

FWIW, welcome to beta testing Anyone who takes part in beta testing should be aware of the risks involved, and always take full system backups/snapshots to protect themselves.

By defintion, beta test builds of products are subject to issues, and are in the process of being field tested. Because a beta build has problems does not mean the final product will have those same problems, and it is not valid to draw quality conclusions about the (yet-to-be-released) final product based on problems you encounter in the beta.

When you encounter problems, you should report them to the developer. In MS's case, they have newsgroups which are there for that purpose.

 

Hi,
Giant-based MSAS ran flawlessly without a problem for more than a year.
Suddenly, they changed the engine and things went downhill.
That tells a lot.
Mrk

 

Then it appears you still haven't understood the nature of beta software. Since the product has not been released - it is still a beta - it is not possible yet to come to any valid conclusion concerning the WD 'engine'.

Given the early stage of the new WD beta testing, the jury is obviously still out on whether or not the new WD engine is better than the old MSAS/Giant engine. I suspect, though, you will find that in terms of anti-spyware protection WD will - in independent tests to come - appear consistently at or near the top of the league.

Sure, there are issues that the WD beta 2 is subject to. But I repeat - that is, and always will be, the nature of beta builds. If you can't cope with that, I would respectfully suggest that beta testing is not for you.

Consider also this:

1. MSAS (beta 1) was a pretty much unchanged copy of the old Giant AS, rebranded for MS and with the removel of cookie scanning, and as such was not a traditional beta. You would expect, therefore, that it was subject to fewer problems. And this was the case.

However, Giant AS was somewhat long in the tooth and suffered from serious drawbacks that prevented it from having a long-term future. One such significant drawback was its inability to protect multiple user accounts and work in a limited user account, and another was its (un)suitablility for use on future operating systems (like Vista). It was badly in need of re-architecting.

2. WD (beta 2) is the completely re-architected version that MS have now put out to public beta. Given the extent of changes that have been made, it is only reasonable to expect that, at this stage, it is subject to problems that need resolving. So, people need to be patient.

 

Hi,
I have tested enough betas.
Never, EVER did I have any critical issues with them.
Especially not something that requires fixing mbr.
So ...
Mrk

 

I'm sorry, but anyone who has been awake for the past 10 years will know the way that MS operates and the inevitability of the fate that befalls applications that they devour. To develop a new antispyware application from scratch is one thing, but to buy a product which is an excellent antispyware application and then emasculate it in the customary way (yet again) is inexcusable.

One wonders why MS bought Giant in the first place, since they obviously had no intention of retaining anything good of that product. Maybe they merely wanted to own the name, initially, so that any antispyware product they produced would have some credibility in the light of their otherwise atrocious record of security expertise.

Whatever, this issue has nothing to do with beta testing per se, particularly as this product has been in beta for absolutely ages and after such an enormous wait, we have every reason to expect something like the original Giant Antispyware but even better. In reality, things are very different and people like the original poster and myself are extremely disappointed.

The other issue is the requirement to feed back information gleaned from testing this beta to MS via the newsgroups. There is NO visible presence of MS in those groups, and little if no indication that we are being listened to. Mehinks it's Microsoft that needs lecturing to about beta testing, not the people on this forum.

 

"Beat it, buy it, squash it or copy it." - Bill Gates









Just joking. I made up the quote.

 

Actually, the issue as raised by the OP has everything to do with beta testing, and nothing to do with what your personal expectations are for the future of the product. That said, the only thing that you have every reason to expect is a product that is suitable for the vast majority of the vendor's (in this case, Microsoft's) customers. What MS have done in that respect is pretty good, I believe. Naturally, it will not be to everybody's taste, and probably not to many of the posters on this forum. So, yours and others' disapointment is to be expected. But don't delude yourself - the posters on this forum are most definitely not representative of the average user, and most have different wishes to those of the average user.

You're wrong, I'm afraid. Try looking at the posts of all those with "[MSFT]" after their name. They all represent MS.

 

In the past I've also use the MS Anti-Spyware Beta and after several months I decided to uninstall it coz I felt that it really could slow down my system. I know that beta softwares are still in the "experimental" mode and if something wrong happens then they will probably correct it in their next release until they felt that they've "perfected" it already. So I would rather use the final release than using the betas to prevent further complications on the already complicated world of mine including my pc.

 

When I ran full system scan it flagged a couple of innocent .ico files as higly dangerous (obviously a false positive, which I've reported) and also a couple of items in Bart PE VNC plugin (actually, in my case, in UBCD4Win).
I set it to allow all three detections, and it did as the OP described, after clicking take actions, it stayed in running state for a long time. I killed it, restarted, looked in WD History and it showed the items allowed, succeeded.

I then did a scan for just the folder containing the .ico files, it detected them again, set to allow, take actions worked very quickly.
Then did a third scan of just the UBCD4Win folder, same two detections, take actions took some time (about two minutes) but did complete.

So it may be a bit flaky, working properly sometimes, not completing on its own at others. As everyone has said it's a beta.

Can't repeat the experiment as I decided to move the UBCD4Win folder off my system (I have it on backup should I need it).

BTW it flags the VNC as potentially unwanted behaviour, which I think is correct, it could be misused for malicious purposes (same as NAV 2005 flags Nirsoft password viewer).

 

Windows Defender runs flawless for me. The only question here is detection rates. These will show up in tests later on.

Problems can be had with any software, beta or not. Thanks for sharing your experience, this may help others who have had similar problems although I don't understand how it could affect the MBR.

Having a restore solution is a must for all computers.

 

If you've not had major problems with betas, you've either only done very boring betas or been very very lucky. Last I knew, it was mostly the same developers working on this, just under a different umbrella with different guidance and possibly goals. It very much bares repeating that if you're not prepared to deal with serious faults, you should not install betas. The entire purpose of beta testing is to find faults just like this one and report them so that less technical users do not have to deal with these problems when the product actually goes final. To a beta tester, this is fun!