Posts Tagged ‘Windows Defender’

Windows Defender Final Finally Released

Looks like Microsoft has quietly released the final version of Windows Defender. This version will not run on Windows 2000 or Windows Vista, Vista will have an integrated version.

Yes, as a complete suprise it seems that Microsoft has released the final version of their long-time-in-the-making Anti-Spyware program, Windows Defender.

The build is marked as 1.1.1592.0 and it seems it can be installed over top previous versions (Beta 2, It can not be installed over top Beta 1 previously known as Microsoft Anti-Spyware Beta). Source: JCXP

Download 32 bit version here.

Download 64 bit version here.

Some of the improvements in Windows Defender:

  • Enhanced performance through a new scanning engine.

  • Streamlined, simplified user interface and alerts.
  • Improved control over programs on your computer using enhanced Software Explorer.
  • Multiple language support with globalization and localization features.
  • Protection technologies for all users, whether or not they have administrator rights on the computer.
  • Support for assistive technology for individuals who have physical or cognitive difficulties, impairments, and disabilities.
  • Support for Microsoft Windows XP Professional x64 Edition.
  • Automatic cleaning according to your settings during regularly scheduled scans.

Be the first to comment - What do you think?  Posted by Jimmy Daniels - October 24, 2006 at 4:07 am

Categories: Security, Software   Tags: ,

Windows Defender Beta 2 Review

Suzi Turner, of SpywareWarrior.com fame, had said she would do a review of Windows Defender Beta 2, and she’s finally gotten around to it. I myself plan on reviewing it, but it’s little league baseball time and I have been very busy in the evenings. I may end up waiting until my son get’s his machine all infected again.

As promised a few days ago, I finally got a virtual machine upgraded to Service Pack 2 for testing Windows Defender Beta 2. For the sake of convenience, I’ll refer to it as WD for most of this post. When I wrote about WD previously, I mentioned the review at PCMag.com where WD was tested against 6 keyloggers, which is not a particularly valuable test in my opinion.

The tests were done on a virtual machine with Windows XP with SP2, fully patched, running in VMware Workstation 5.5.1. Testing consisted of two parts. For the first test, I had WD running with all components of real-time protection turned on. I surfed to Claria’s website and downloaded two Claria apps, GotSmiley and a screensaver. When I downloaded the apps, Windows Defender presented an alert and asked whether or not to remove, get more information or ignore. I chose ignore and allowed the installation. After installation, I did the full scan and WD detected both apps correctly and asked me to select an action.

In the second test, I went to a website known to spyware researchers as a consistently reliable source of spyware. Immediately prior to going to the site, I ran InCtrl5 in order to track changes to the system. I turned off WD’s real-time protection for this test so I could test scan and removal capabilities. I had to restart the test twice because the vm quickly became so infested it froze. On the third try, after about 5 minutes on the site, I disconnected NAT, killing the internet connection for the vm, so I didn’t lose control of the machine. Before running any scans I ran InCtrl5 again. In less than 6 minutes, the spyware had added 230 registry keys, deleted 32 keys, added 386 values, deleted 82 values, changed 46 values, added 16 folders, and added 389 files. I ended up with the following:

SpySheriff
QuickLinks
CmdServices, also known as Command
ZToolbar
AzeSearch
NetMon aka Network Monitor
Paytime.exe, related to CoolWebSearch
AvenueMedia/Internet Optimizer also known as DyFuCa
Targetsavers
SurfSideKick
Smitfraud-C
CAS-Client (ConsumerAlertSystem)
AproposMedia
Trojan.VB.TG
Trojan.Downloader.VB.TW
Trojan.Tofger.CD
TagASaurus, aka enbrowser
Trojan.StartPage.GEN
ADSlime
W32.Spybot.Worm
Look2Me
drsmartload1.exe aka Troj/Drsmartl-N
MoneyTree Dialer
Service: Windows Overlay Components – file name C:\WINDOWS\tihotdj.exe, aka Trojan.Adclicker
My homepage was changed to c:\secure32.html

Click here to read the results, they are very interesting as it includes some info about the major free anti spyware programs. I just wish she would’ve included X-Cleaner in it as well, as it is one of the best programs, in my personal opinion. Suzi posted an article about the review here, but that just links to the zdnet post, the main reason to click there is to read everything else, loads and loads of spyware info, including research and info on our favorite spyware app, 180solutions.

Be the first to comment - What do you think?  Posted by Jimmy Daniels - March 8, 2006 at 2:34 pm

Categories: Reviews, Spyware Info   Tags: , , ,