|
|
Our Hot Pick: Rising Antivirus 2006 - Certified by TUV & Checkmark! Get 10% discount by entering this coupon code: ONDISCOUNT10
Is it necessary to keep Windows Defender running if you've already got a
third-party antivirus and firewall running? Does Defender do anything
extra?
|
|
"Brian" <brianandlibby[ at ]verizon.net> wrote in message
news:eaWSKOuuHHA.3368[ at ]TK2MSFTNGP02.phx.gbl...
[Quoted Text] > Is it necessary to keep Windows Defender running if you've already got a
> third-party antivirus and firewall running? Does Defender do anything
> extra?
No not really but some like to use the layered protection approach, in case
a solution can be taken down by malware you have some backup,
|
|
Yes, it does. Defender targets spyware and adware so unless your antivirus
solution also does, turning it off will leave you with a hole in your
protection.
--
Richard G. Harper [MVP Shell/User] rgharper[ at ]gmail.com
* NEW! Catch my blog ... http://msmvps.com/blogs/rgharper/
* PLEASE post all messages and replies in the newsgroups
* The Website - http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm
"Brian" <brianandlibby[ at ]verizon.net> wrote in message
news:eaWSKOuuHHA.3368[ at ]TK2MSFTNGP02.phx.gbl...
[Quoted Text] > Is it necessary to keep Windows Defender running if you've already got a
> third-party antivirus and firewall running? Does Defender do anything
> extra?
|
|
Brian wrote:
[Quoted Text] > Is it necessary to keep Windows Defender running if you've already got a
> third-party antivirus and firewall running? Does Defender do anything
> extra?
Windows Defender isn't an anti-virus application; it serves the
entirely different purpose of detecting and blocking adware and spyware.
You need both an anti-virus application and an anti-spyware
application. If you prefer, you can install a 3rd-party anti-spyware
program and then disable Windows Defender.
--
Bruce Chambers
Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin
Many people would rather die than think; in fact, most do. -Bertrand Russell
|
|
Windows Defender targets spyware/malware and without it (or a similar third
party application) you are susceptible to an attack, therefore, if you don't
have third party cover it is wise to keep Windows Defender enabled. My anti
virus software, Sophos Enterprise, also scans for spyware/malware but
Windows Defender is still enabled on my system.
--
John Barnett MVP
Associate Expert
Windows - Shell/User
Web: http://xphelpandsupport.mvps.org
Web: http://vistasupport.mvps.org
The information in this mail/post is supplied "as is". No warranty of any
kind, either expressed or implied, is made in relation to the accuracy,
reliability or content of this mail/post. The Author shall not be liable for
any direct, indirect, incidental or consequential damages arising out of the
use of, or inability to use, information or opinions expressed in this
mail/post..
"Brian" <brianandlibby[ at ]verizon.net> wrote in message
news:eaWSKOuuHHA.3368[ at ]TK2MSFTNGP02.phx.gbl...
[Quoted Text] > Is it necessary to keep Windows Defender running if you've already got a
> third-party antivirus and firewall running? Does Defender do anything
> extra?
|
|
On Sat, 30 Jun 2007 02:54:41 -0400, "Brian"
<brianandlibby[ at ]verizon.net> wrote:
[Quoted Text] > Is it necessary to keep Windows Defender running if you've already got a
> third-party antivirus and firewall running? Does Defender do anything
> extra?
Yes, it does. You need three kinds of software to protect yourself
adequately:
1. Firewall
2. Anti-virus program
3. Anti-spyware program(s).
Windows Defender is that last kind, and does not substantially overlap
what your firewall and anti-virus programs do,
So, yes, you need Windows Defender, or some other anti-spyware
software. In fact, if the only anti-spyware you run is Defender, you
need *more* protection, not less. A single anti-spyware product is
*not* good enough. Note what Eric Howes, who has done extensive
testing on Anti-Spyware products, states:
"No single anti-spyware scanner removes everything. Even the
best-performing anti-spyware scanner in these tests missed fully one
quarter of the "critical" files and Registry entries" See
http://spywarewarrior.com/asw-test-guide.htm
--
Ken Blake, Microsoft MVP Windows - Shell/User
Please Reply to the Newsgroup
|
|
Not quite true.
Windows Defender is to help protect against spyware and neither anti
virus or firewall do that.
There are 4 things needed to help keep the computer secure.
1. Antivirus
2. Firewall
3. Anti spyware
4. Keep Windows up to date (Windows Update).
While there is some overlap, all 4 are intended to protect the
computer in different ways.
Since they protect for different problems, this is not "layered
protection"
Layered protection is more like a router adding another layer of
protection to the firewall.
--
Jupiter Jones [MVP]
http://www3.telus.net/dandemar
http://www.dts-l.org
"Mr. Arnold" <MR. Arnold[ at ]Arnold.com> wrote in message
news:e$BRVXuuHHA.3544[ at ]TK2MSFTNGP03.phx.gbl...
[Quoted Text] >
> "Brian" <brianandlibby[ at ]verizon.net> wrote in message
> news:eaWSKOuuHHA.3368[ at ]TK2MSFTNGP02.phx.gbl...
>> Is it necessary to keep Windows Defender running if you've already
>> got a third-party antivirus and firewall running? Does Defender do
>> anything extra?
>
> No not really but some like to use the layered protection approach,
> in case a solution can be taken down by malware you have some
> backup,
|
|
"Jupiter Jones [MVP]" <jones_jupiter[ at ]hotnomail.com> wrote in message
news:utcm2kzuHHA.1184[ at ]TK2MSFTNGP04.phx.gbl...
[Quoted Text] > Not quite true.
> Windows Defender is to help protect against spyware and neither anti virus
> or firewall do that.
> There are 4 things needed to help keep the computer secure.
> 1. Antivirus
> 2. Firewall
I agree with those two.
> 3. Anti spyware
I don't agree with that one, because all one has to do is not put his or
herself and the machine in that position to have it happen. I haven't used
any of it in years. All the stuff ever did was find cookies and the machine
cannot be attacked by cookies.
> 4. Keep Windows up to date (Windows Update).
I'll agree with that.
> While there is some overlap, all 4 are intended to protect the computer in
> different ways.
> Since they protect for different problems, this is not "layered
> protection"
>
> Layered protection is more like a router adding another layer of
> protection to the firewall.
I look at as anything that can be put on the machine to protect it for what
it's wroth.
The 5th element you left out is below.
But if he user doesn't have any common sense to practice safe hex, then
every last bit of it equals no protection.
The only thing that really protects against anything is the one sitting at
the wheel and doing the driving and using the proper tools, looking around
from time to time to see what's happening on the machine, because malware
can go around every last bit of it.
http://preview.tinyurl.com/klw1
|
|
On Sat, 30 Jun 2007 14:27:39 -0400, "Mr. Arnold" <MR.
Arnold[ at ]Arnold.com> wrote:
[Quoted Text] >
> "Jupiter Jones [MVP]" <jones_jupiter[ at ]hotnomail.com> wrote in message
> news:utcm2kzuHHA.1184[ at ]TK2MSFTNGP04.phx.gbl...
> > Not quite true.
>
> > Windows Defender is to help protect against spyware and neither anti virus
> > or firewall do that.
>
> > There are 4 things needed to help keep the computer secure.
> > 1. Antivirus
> > 2. Firewall
>
> I agree with those two.
>
> > 3. Anti spyware
>
> I don't agree with that one, because all one has to do is not put his or
> herself and the machine in that position to have it happen.
Although I agree with your point, I'm a belt and suspenders kind of
guy. Yes, you can largely avoid malware by practicing safe hex. But
none of us is perfect, and if we are tired, upset, in a hurry, etc.
it's very easy to let our guard down. My stance is that one should use
all the software protection available, but not simply rely on it.
Moreover, not everyone knows enough to protect himself without
software. Especially for people like that (and that's probably the
great majority of people) such software is essential.
--
Ken Blake, Microsoft MVP Windows - Shell/User
Please Reply to the Newsgroup
|
|
On Sat, 30 Jun 2007 14:27:39 -0400, "Mr. Arnold" <MR.
[Quoted Text] >"Jupiter Jones [MVP]" <jones_jupiter[ at ]hotnomail.com> wrote in message
>> Not quite true.
>
>> Windows Defender is to help protect against spyware and neither anti virus
>> or firewall do that.
>
>> There are 4 things needed to help keep the computer secure.
>> 1. Antivirus
>> 2. Firewall
>
>I agree with those two.
>
>> 3. Anti spyware
>
>I don't agree with that one, because all one has to do is not put his or
>herself and the machine in that position to have it happen. I haven't used
>any of it in years. All the stuff ever did was find cookies and the machine
>cannot be attacked by cookies.
I'm begining to agree with this less and less, as the line between
"nice" commercial malware and "nasty" traditional malware gets
blurred. Traditional av still often ignores commercial malware, which
is often no longer pretending to be "legit" (and thus easy to avoid or
remove), so the risk is increasing.
I still don't like to add an active "underfootware" scanner that does
what av does, but I would retain Defender, and to that I would add
Spyware Blaster. The latter does not run all the time, but confers
"static" protection by populating Restricted Zone, cookie kill-lists
etc. with entries for known "bad guys".
Note 1: There are 200+ fake "antispyware" apps out there, avoid them
all! Free "legit" ones include AdAware, Spybot, A-Squared and AVG
Antispyware (what used to be Ewido).
Note 2: At some point, and maybe still, some MS email apps would work
very slowly if there were "too many" entries in Restricted Zone, as
there would be if you actually USED this to block the large number of
malicious sites and banner URLs etc. that are out there.
>> 4. Keep Windows up to date (Windows Update).
>
>I'll agree with that.
>
>> While there is some overlap, all 4 are intended to protect the computer in
>> different ways.
>> Since they protect for different problems, this is not "layered
>> protection"
>>
>> Layered protection is more like a router adding another layer of
>> protection to the firewall.
>
>I look at as anything that can be put on the machine to protect it for what
>it's wroth.
>
>The 5th element you left out is below.
>
>But if he user doesn't have any common sense to practice safe hex, then
>every last bit of it equals no protection.
>
>The only thing that really protects against anything is the one sitting at
>the wheel and doing the driving and using the proper tools, looking around
>from time to time to see what's happening on the machine, because malware
>can go around every last bit of it.
Safe hex helps, but is undermined by unsafe UI (e.g. an Explorer that
hides file name .ext by default) and is bypassed by clickless attacks.
Most of the latter rely on exploitable code defects, hence the advice
to keep patched and use a firewall. But sometimes bad guys find and
use exploits before the good guys find and fix them, and sometimes a
yawning defect is left open because it "works as designed".
It can take YEARS to get a design defect fixed - just look at the age
of MS Office macro malware, starting before VBA and ending only quite
recently (well, becoming less common, at least).
Safe hex is like all these other tips; an essential part of defense,
but no substitute for a lack of any or all of the others.
>http://preview.tinyurl.com/klw1
Nice article :-)
>------------------------- ---- --- -- - - - -
I'm on a ten-year lunch break
>------------------------- ---- --- -- - - - -
|
|
"cquirke (MVP Windows shell/user)" <cquirkenews[ at ]nospam.mvps.org> wrote in
message news:5jrd83psclsmsdd51pmec24kbt2ugm4oom[ at ]4ax.com...
[Quoted Text] > On Sat, 30 Jun 2007 14:27:39 -0400, "Mr. Arnold" <MR.
>>> 3. Anti spyware
>>
>>I don't agree with that one, because all one has to do is not put his or
>>herself and the machine in that position to have it happen. I haven't
>>used
>>any of it in years. All the stuff ever did was find cookies and the
>>machine
>>cannot be attacked by cookies.
>
> I'm begining to agree with this less and less, as the line between
> "nice" commercial malware and "nasty" traditional malware gets
> blurred. Traditional av still often ignores commercial malware, which
> is often no longer pretending to be "legit" (and thus easy to avoid or
> remove), so the risk is increasing.
> I still don't like to add an active "underfootware" scanner that does
> what av does, but I would retain Defender, and to that I would add
> Spyware Blaster. The latter does not run all the time, but confers
> "static" protection by populating Restricted Zone, cookie kill-lists
> etc. with entries for known "bad guys".
>
> Note 1: There are 200+ fake "antispyware" apps out there, avoid them
> all! Free "legit" ones include AdAware, Spybot, A-Squared and AVG
> Antispyware (what used to be Ewido).
But the machine has to be put at risk. If the machine is never put into a
risk position and one is aware of the risks, then running of those solutions
have no value, IMHO. But of course, one has to know what he or she is doing
in this area and know what those risks are to avoid the risks.
> Most of the latter rely on exploitable code defects, hence the advice
> to keep patched and use a firewall. But sometimes bad guys find and
> use exploits before the good guys find and fix them, and sometimes a
> yawning defect is left open because it "works as designed".
I am very aware, as I could turn bad guy with ease, since I have been
programming professionally since 1980. But I am a nice guy.
>
> It can take YEARS to get a design defect fixed - just look at the age
> of MS Office macro malware, starting before VBA and ending only quite
> recently (well, becoming less common, at least).
>
> Safe hex is like all these other tips; an essential part of defense,
> but no substitute for a lack of any or all of the others.
I think if you posted this into a Security and Firewall NG you may get a lot
of opposition about solutions like Ad-Aware, Spybot, WD, etc, etc.
If one knows how to protect and not to put the machine at risk, then for
someone like that, the solutions are of no value.
|
|
On Sat, 30 Jun 2007 22:47:44 -0400, "Mr. Arnold" <MR.
[Quoted Text] >"cquirke (MVP Windows shell/user)" wrote in
>> On Sat, 30 Jun 2007 14:27:39 -0400, "Mr. Arnold" <MR.
>>>> 3. Anti spyware
>>>
>>>I don't agree with that one, because all one has to do is not put his or
>>>herself and the machine in that position to have it happen. I haven't
>>>used any of it in years. All the stuff ever did was find cookies and the
>>>machine cannot be attacked by cookies.
There was a bug fixed by MS once, where scripts within cookies could
have been executed in the anything-goes My Computer zone.
The "fix" changed things so these scripts ran "correctly" in the
Internet Zone. IOW, MS considers it to be by-design to have scripts
hidden within cookies, and doesn't block them totally.
When I read that, I kinda got a lot less relaxed about cookies.
So far, the sky is still up there where we last saw it, though :-)
>> I'm begining to agree with this less and less, as the line between
>> "nice" commercial malware and "nasty" traditional malware gets
>> blurred. Traditional av still often ignores commercial malware, which
>> is often no longer pretending to be "legit" (and thus easy to avoid or
>> remove), so the risk is increasing.
>> There are 200+ fake "antispyware" apps out there, avoid them all!
>But the machine has to be put at risk. If the machine is never put into a
>risk position and one is aware of the risks, then running of those solutions
>have no value, IMHO.
I agree with you; where we disagree, is on what constitutes "putting
the PC at risk". I'd say any Internet connectivity and any
installaton of software will expose one to this surface.
>But of course, one has to know what he or she is doing
>in this area and know what those risks are to avoid the risks.
What's changed is that we rarely find sites by entering URLs these
days - we are more likely to follow a link found by a search, or found
in a forum post, or from within a software installer.
When we get to the site, we reach not only what the webmaster put up
there, but also any hacker defacements (uncommon), banner ads (very
common) and other ads and fake links that could have been added by
commercial malware within the PC, and even by some ISPs.
In practice, a pattern I often see is a PC with no "viruses", a
functioning and up-to-date resident av (usually "Norton"), and a
metric spitload of commercial malware.
Malware begats malware, as settings and other "fences" get trampled
down, and some malware actively pulls down other malware. Defender
has value in that it can alert and block some settings changes.
Recently, I downloaded and installed Adobe Acrobat 8.1, and as usual,
I was obliged to use their "special" downloader. There was a checkbox
to opt in for their Photoshop Album freebie, which I wanted to check
out, so I checked that.
I noticed the download process pulled down the Google Toolbar, which I
didn't see mentioned anywhere in the site. WTF?
Then I noted this toolbar was active in IE, even though I specifically
UNcheck the setting to allow 3rd-party browser intrusions. Er,
"enhancements". Yup, the state of that checkbox had been silently
flipped by Adobe'Google's shovelware, and was now open to anything
else that can find its way in. And so, the system begins to rot.
Cases like these make me extend caution to software installs from CDs,
CDRs, USB sticks etc. even when off line. Unless you really trust
your av to take as active an interest in commercial malware as the
trad stuff, you may not be protected against this sort of thing.
>> Most of the latter rely on exploitable code defects, hence the advice
>> to keep patched and use a firewall. But sometimes bad guys find and
>> use exploits before the good guys find and fix them, and sometimes a
>> yawning defect is left open because it "works as designed".
>
>I am very aware, as I could turn bad guy with ease, since I have been
>programming professionally since 1980. But I am a nice guy.
Yep, me2. I'm often more amazed at what the bad guys DON'T do.
>> It can take YEARS to get a design defect fixed - just look at the age
>> of MS Office macro malware, starting before VBA and ending only quite
>> recently (well, becoming less common, at least).
>>
>> Safe hex is like all these other tips; an essential part of defense,
>> but no substitute for a lack of any or all of the others.
>
>I think if you posted this into a Security and Firewall NG you may get a lot
>of opposition about solutions like Ad-Aware, Spybot, WD, etc, etc.
The thing is, what is lumped together as "antispyware" is actually
quite a disparate bunch of technologies.
If you exclude passive protections like Spyware Blaster and some
aspects of Spybot, and exclude behavior alerters that operate like
"internal firewalls" like PrevX, All-Seeing-Eye and aspects of
Defender, you look at scanners on their own.
Even there, these work differently. Some run resident, others only on
demand, and some scan from the registry outwards, while others scan
files and then backtrack to registry, others do both. Some scan each
item for multiple baddies at a time, as av usually does; others scan
everything for a particular baddie at a time, as Spybot does.
>If one knows how to protect and not to put the machine at risk, then for
>someone like that, the solutions are of no value.
I like to have scanners for commercial malware on hand, but generally
dislike having them running resident. Defender's built in and on that
basis, I generally leave it there. Passive defenders like Spyware
Blaster are essentially free (as long as you aren't using a brain-dead
email app that is incompatible with the OS's feature set).
So at this point, I'm wondering if we really disagree at all ;-)
What I normally do, is use the old faithfuls AdAware and Spybot, along
with Spyware Blaster, as these don't impose any underfootware baggage
(I'm selective of what I use in Spybot; no Tea Timer etc.).
Then, if I have to check the system for malware, as part of the
process I will re-assert these three, and add A-Squared and AVG
Antispyware. These do run resident in a sense; A-Squared integrates
as a rt-click option, and AVG AS sits in the SysTray to update itself
and runs resident protection for a trial period.
My thinking is this; by needing a cleanup, these particular PCs are
higher-risk, and therefore may warrant extra care, and the trail
period of AVG AS's resident protection may catch things that are still
active, or that missed malware may try to pull dowm., etc.
Follow-up on such systems generally doesn't find first-month
re-infection, so the above may be "overkill". Or maybe I don't see
those re-infections because, lame as it may be, so far it works?
>---------- ----- ---- --- -- - - - -
On the 'net, *everyone* can hear you scream
>---------- ----- ---- --- -- - - - -
|
|
http://www.mvps.org/winhelp2002/hosts.htm
An excellent Hosts File to help with Safe Hex.
"Brian" <brianandlibby[ at ]verizon.net> wrote in message
news:eaWSKOuuHHA.3368[ at ]TK2MSFTNGP02.phx.gbl...
[Quoted Text] > Is it necessary to keep Windows Defender running if you've already got a
> third-party antivirus and firewall running? Does Defender do anything
> extra?
|
|
One of the extras that I like about Defender is Software Explorer. It gives
good detailed info on stuff that is running on my machine. Even though I use
other antispyware products, I keep Defender running also. And they all get
along with each other. To find Software Explorer, click on Tools at the top
.... vanilla
"Brian" <brianandlibby[ at ]verizon.net> wrote in message
news:eaWSKOuuHHA.3368[ at ]TK2MSFTNGP02.phx.gbl...
[Quoted Text] > Is it necessary to keep Windows Defender running if you've already got a
> third-party antivirus and firewall running? Does Defender do anything
> extra?
>
|
|
Hi all - I have Windows Defender currently installed on my laptop as well as
numerous other spyware defence programs. It is a Acer Vista Home Premium, and
I also have SpyBot Search and Destroy and Norton Internet Security 2006 as
well as an early edition of Internet Cleanup. I was told one week when
Windows Defender was doing a scan that it nothing at all was found. My
Windows Defender is of course updated, but when i ran SpyBot Search and
Destory after it, that signalled up around 10 things which Defender didnt
find. In my opinion, the only thing defender is any good at is blocking
start-up programs, and if RAM is short on your PC i wouldn't really bother
keeping it running.
|
|
|