Windows Defender Vs Webroot Spysweeper

Discussion in 'Computer Security' started by William Leggatt - Gibberish IT Limited., Oct 24, 2006.

  1. Have had Defender installed for some time, updated daily, full scan every
    48hrs.
    I also have installed CA Anti-virus (the free 12 month trial, as suggested
    when you install Windows).
    both products have been reporting my system as clean.

    Today I install Webroot spysweeper V5.XX, run an update, and a full scan.

    And it finds 2x adware (command & maxifiles) and a trojan (trojan-busky).

    So now I have no faith in Microsoft being able to Defend windows.

    I would be interested to hear from anyone else who has also found Windows
    Defender to be useless.
     
    William Leggatt - Gibberish IT Limited., Oct 24, 2006
    #1
    1. Advertisements

  2. William Leggatt - Gibberish IT Limited.

    Ted Zieglar Guest

    Before you make a fool of yourself by pronouncing something as useless,
    you ought to learn the facts.

    The facts are that there are many types and varieties of spyware, and
    there is no single application that can detect and/or remove them all.
    That's why the wise strategy is to have one anti-spyware program running
    in the background - to hopefully catch as much spyware as possible - and
    several others that are installed without running in the background but
    for on-demand scans, to hopefully detect and remove what the full time
    spyware scanner missed.

    Even with all this, there will still be some variants that no
    anti-spyware software can detect or remove. In that case you will have
    to perform a painstaking analysis on your own to identify the problem or
    you have to do a clean install.

    That's why with spyware, prevention is much better than cure. And since
    most spyware gets installed because users weren't being careful with the
    way they use their computers, you may want to reconsider the wisdom of
    your criticism.

    In addition, the web has many reliable reviews of different anti-spyware
    programs, which you could have consulted to determine which was best for
    you.

    To sum it up, bluntly: Don't blame Microsoft for your mistakes.
     
    Ted Zieglar, Oct 24, 2006
    #2
    1. Advertisements

  3. I have leanrt "the facts".

    The 3 spyware items found, were not new, not seen before in the wild. They
    are all over 4 months old.

    Whilst I am careful with the sites and attchaments I open, one will always
    at some tim pick up a virus, or spyware. This is not a problem, it is the
    lack of detection that is.

    for your information, windows Defender Beta 2 was installed immendialty
    after a clean CD install before the machine went online. Therefore the
    product should have caught it.

    You seem to agree with me, that most spyware gets installed by users who are
    not careful with the way they use their machines. That is why we use
    products like Webroot, Windows defender etc. And they should do what they
    say on the tin, to coin an English phrase.

    for your information, I have about 15 years experience as an IT
    professional, working for both Large private corporations, and more recently
    running a small IT service company (now with 4 branches) in th UK.

    Windows Defender claims to protect your PC. My post was to bring peoples
    attention that it does not provide complete protection.
     
    William Leggatt - Gibberish IT Limited., Oct 24, 2006
    #3
  4. William Leggatt - Gibberish IT Limited.

    PA Bear Guest

    1. Windows Defender final version was released on 23 Oct-06.

    2. Every anti-spyware application (most anti-virus applications are not) is
    programmed to look for certain items and is dependent on the status of its
    definitions/reference files. It's very unusual for two or more applications
    to look for and/or find exactly the same things. This is why you need a
    multipronged approach to hijackware.

    Roll your own Free Security Suite - CastleCopsWiki
    http://wiki.castlecops.com/Roll_your_own_Free_Security_Suite
     
    PA Bear, Oct 24, 2006
    #4
  5. William Leggatt - Gibberish IT Limited.

    Ted Zieglar Guest

    "My post was to bring peoples attention that it does not provide
    complete protection."

    Apparently, this is a revelation to you, your 15 years of experience
    notwithstanding. People who learn about protecting themselves on the
    internet know that no product -- including Spy Sweeper -- provides
    complete protection, and that protection begins with the user adopting
    the right attitude.
     
    Ted Zieglar, Oct 25, 2006
    #5
  6. William Leggatt - Gibberish IT Limited.

    TracyB Guest

    The OP did generalize but his post had some value too. There are a lot
    of novices who get a false sense of security when they use a security
    app from a major player like MS. Norton Antivirus would be a perfect
    instance of this happening.

    This thread would have a lot more worth if people just post what
    combination of anti-spyware they use. I've used Ad-Aware throughout and
    leaped on the MS Antispyware/Defender bandwagon but I don't find
    Defender to my liking. It takes way too long for a full scan to
    complete and its service related exe [msmpeng.exe] constantly takes a
    bite out of my RAM even though I have explicitly disabled real-time
    protection. Typical of MS to try to play lord and master on my PC. Yes,
    they make a lot of great apps including the OS I'm running but they do
    make quite a few ill-mannered ones too. The only way out is to disable
    the Defender service and start it when I need to run the app.

    I'm curious about what others make of Webroot Spysweeper since I use
    their Window Washer and really like it. Any opinions?

    TIA
    Tracy B.
     
    TracyB, Oct 25, 2006
    #6
  7. William Leggatt - Gibberish IT Limited.

    deebs Guest

    Hmmm - it does touch on a subtle point: should any checker say "Yes your
    computer is clean" or should it say "Nothing detected"?

    There can be quite a difference between the above two options.
     
    deebs, Oct 25, 2006
    #7
  8. William Leggatt - Gibberish IT Limited.

    ThunderFire Guest

    Think I've tested just about every valid SpyWare removal program currently
    out there. I did find Webroot SpySweeper excellent.
    Windows Defender is also excellent.
    Both of these Programs have thier strengths in different areas, and I found
    the best defence against Spyware during tests to be a combination of Windows
    Defender and Webroot SpySweeper. They will happily run side by side to keep
    your system spyware free.

     
    ThunderFire, Oct 26, 2006
    #8
  9. Agreed. I'm probably a little on the paranoid side, however, I feel
    that it is difficult to be too careful unless any installed
    applications conflict with one another. I use the following: Ad-Aware
    Personal SE 1.06, Spybot Search & Destroy 1.4, Windows Defender Beta 2,
    Spyware Guard, Spyware Blaster and I've also installed IE-Spyad even
    though I am more likely to use Firefox as a web browser than IE. I am
    very vigilant with scans and I use every single program I have
    installed. It is not unusual for me to check Spyware Blaster to make
    sure I have the most recent updates, then run a scan with AdAware and
    follow up with Spybot Search & Destroy. I have Windows Defender set up
    to automatically check for updates and run full system scans daily
    during times when I know the computer will be running but is least
    likely to be being used by someone.

    Out of curiosity, today I downloaded and installed the free trial of
    Spy Sweeper and updated to the most recent set of definitions. This is
    the same detection capability as the fully licensed paid version, the
    only difference is that the trial version will not quarantine/remove
    anything it detects. Webroot wants you to buy a license before they'll
    do that. :) Can't say I blame them, either. However, I had no need
    for that anyway, because with the arsenal of free programs that I
    listed above, Spy Sweeper detected zero instances of spyware on my
    system. I thought Spy Sweeper was comparable to Windows Defender, and
    I've decided to leave the trial version of Spy Sweeper installed on my
    system for a while. I will likely run a few more scans with it and see
    if it is able to pick up anything the programs I already have installed
    do not.
     
    deinonychus73, Oct 28, 2006
    #9
  10. William Leggatt - Gibberish IT Limited.

    ThunderFire Guest

    It's all very well having several spyware scanners on your system, the only
    drawback is that, with the exception of Spyware Guard and to a lesser degree
    SpywareBlaster, they will remove the spyware after it's already in the
    system. I tend to think of this as akin to closing the door after the horse
    has bolted. OK, in most instances you will get rid of the spyware and get
    your horse back, but I have had to remove some nasty rogue code manualy from
    systems as these programs have failed to remove it. Far better with real time
    protection with Webroot SpySweeper you get an excellent level of intrusion
    prevention and with the excellent protection offered by Windows Defender,
    most noteably of the WinSock LSP Chain.Put these two programs together for an
    excellent barrier around your system.
     
    ThunderFire, Oct 28, 2006
    #10
  11. William Leggatt - Gibberish IT Limited.

    PepsiHog Guest

    My simple rule to solve all of this is....Don't keep persona
    information on your computer. I don't trust the internet, period.
    use software to protect my computer (as best as possible) but I keep an
    personal info locked in encryption or I don't keep it on my computer.

    Many if not most companies on the web include some kind of "report back
    programming. No, I'm not saying their all dishonest. But how do yo
    really know? I was just searching to see if there were any report
    about Windows Defender being spy software for Microsoft. How do yo
    know it's not?

    Ok. So don't keep personal information on your computer. Don't nam
    your computer with your real name. Invest in some program that encrypt
    your data. Or you can believe we all live in an honest world, and wh
    would take advantage of us?

    The very nature of the Web is to collect information. Don't want to b
    party to that? Don't get on the web! It might sound mean, but it i
    the HARD truth. Everything you do, everything you search for, download
    is all geared at collecting info about you. (the user) Sooner or late
    the data collected forms a picture, and that picture is all about you!

    Don't believe me? Good. You shouldn't. Do your own research. But wha
    I am saying here is TRUE! Bottom line is, you'll never be completel
    safe no matter what software you use. So every so often re-install you
    OS. Do a clean start. Yes, It's a pain, but it is a sure fire way o
    getting rid of the UNKNOWN. And you know...."YOU CAN'T KNOW TH
    UNKNOWABLE"

    Good Luck
     
    PepsiHog, Apr 30, 2010
    #11
  12. You are not really paranoid if they are really out to get you!!

    Damn PepsiHog, why did you stop taking your meds? You know it makes you
    more paranoid than usual.
    -=-
     
    Ǝиçεl, Apr 30, 2010
    #12
  13. William Leggatt - Gibberish IT Limited.

    almostbob Guest

    The tinfoil hats are out
    SING
    O its all so nice in the nuthouse
    all alone in my little padded cell
    O its all so nice in the nuthous
    coz the nurses and the doctors treat me swell
     
    almostbob, Apr 30, 2010
    #13
  14. William Leggatt - Gibberish IT Limited.

    PepsiHog Guest

    Paranoid? I don't think so, but it really doesn't matter one way or th
    other. Like I said "Don't believe me". I'm not out to teach anything.
    But regardless, the basic advice is still sound. That's the real point
    Everyone's so worried about what will work, test one against the other
    I'm not saying don't do that, because it does make sense. But how fa
    do we go with that? And if all that is needed, wouldn't it be easier t
    just start with a clean slate every so often. It's true, there is N
    way to detect ALL threats. So we have a choice, keep using softwar
    after software to try to be as safe as possible, or simply accept tha
    we will never get everything.

    I guess it's just a matter of how paranoid you are. You call m
    paranoid, but I have chosen my software defense, and I stand by tha
    choice. The only thing I do to offset things a little in my favor, i
    to do a fresh install. Ofcourse I have all my installable software o
    one drive, easy to get to, and re-install. May not be such a simpl
    matter for some, true.

    The overall point I make is "Why worry about what you can't change?"
    There is always going to be the undetectable. And if that is why yo
    call me paranoid, I have news for you. It's true. Viruses, spyware
    and such are being written by the thousands each day. A little tid bi
    most don't know - a virus use to be called a Janitor. The origina
    intent was a program that would clean up after you, when the compute
    was idle. Someone took that idea and twisted it to evil. What's m
    source? I went to college. History of computers is some of what the
    teach.

    Don't intend to prove anything to anyone, just some advice. Take it, o
    leave it. (yes, I know, you'll reply, "I'll leave it.")

    And that's cool.
    PepsiHo
     
    PepsiHog, Apr 30, 2010
    #14
  15. I don't know if you have a history of nuttiness on usenet, but at the
    risk of myself being fitted with a tinfoil hat by agreeing - I agree,
    partly.

    Quite a lot of thinking has gone into protecting information enroute,
    but the whole thing will still be only as secure as the endpoints allow.
    If you are the kind of person that knows enough about computers, you can
    be relatively secure at your end.
    Yes! In fact many will recommend making a good disk image of the cleanly
    installed OS and follow that with periodic images to include service
    packs installed since the last image. This is in addition to having
    *other* program and data backup plans implemented.
    Don't worry about 'getting everything' - just get some of them and be
    grateful you can at least do that.
    Reloading an image is both quicker and easier.
    Forget about malware for now, what about if a satellite fragment
    (meteor) hits your machine - it is good to have multiple *different*
    backups schemes. Back to malware - what about the malware "hosting" that
    you do between one fresh install and the next?
    Virus, doesn't mean the same thing as it used to. Fred Cohen has revised
    his definition to include the infection property, so there is disparity
    between worm and virus. If a self replicator can instantiate its
    progeny, it replicates without the *need* to infect a host program to do
    so.

    I'm not familiar with that name, are you talking about this (actually, a
    worm):
    http://www.wormblog.com/2006/01/history_xerox_p.html
    The "Morris Worm"?
    College students can be as misinformed from their professors as from any
    other source.
     
    FromTheRafters, Apr 30, 2010
    #15
  16. William Leggatt - Gibberish IT Limited.

    PepsiHog Guest

    I wasn't refering to a worm. Or a virus. Before worms or viruses i
    was just a program in memory. The concept of a program in memory is no
    new. It's just someone back before worms or viruses existed, twisted a
    idea for good(clean up) to bad(destruction).

    It's history of computers. It's what they teach. Yes. They could b
    wrong. We could all be wrong. But there has to be a trusted source.
    have a friend that would spell a word wrong. When shown how to spel
    it, by looking it up in the Webster dictionary, he would claim th
    dictionary was wrong. The claim that a KNOWN reliable source is wron
    is just the lack of having anything better to say.

    In regards to making an image of your hdd for a back-up, I agree 10
    percent. I use Acronis. I install what I want in my OS and then creat
    an image. Later, when needed, I just restore it. Great suggestion
     
    PepsiHog, May 2, 2010
    #16
  17. You wrote:

    "A little tid bit most don't know - a virus use to be called a Janitor.
    The original intent was a program that would clean up after you, when
    the computer was idle."

    It's either a virus or it isn't. In that case it was also a distributed
    computing application.
    Before worms or viruses, there were wormholes. ;-)

    [...]
    The access that you use (techarena) has apparently hacked-up the quoting
    somewhat. The Xerox (PARC) worm was the one I was referring to. The
    Morris Worm comment was referring to the introduction of the "bad"
    aspect to a relatively neutral "just a program in memory" sweeping up
    spare cycles from a network of computers.

    Drop Techarena and use a newsreader.
     
    FromTheRafters, May 3, 2010
    #17
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.