Windows Defender

In 2004, Microsoft purchased existing antispyware technology from Giant Software and rebranded it Microsoft AntiSpyware beta 1. For beta 2, Microsoft has changed the name to Windows Defender beta 2, has given the app a face-lift, and has added a much more robust scanning engine. In testing done by Download.com, Windows Defender (tested last December as Microsoft AntiSpyware beta 1) did very well, finishing near the middle of the list for removing known spyware and better than average overall. With more than 25 million users currently running Windows Defender, Microsoft plans to include this free antispyware app in all editions of Windows Vista, due for release in the fall of 2006.
During our installation, we were asked whether we wanted to join Microsoft Spynet. Spynet is one way Microsoft builds its database of spyware. Members report suspicious code, which Microsoft then analyzes, and if the code is found to be malicious, Microsoft adds it to a spyware database. We also had the option of receiving automatic database updates but not join Spynet. And, of course, there's an option not to receive automatic updates as well. With beta 2, you don't have to have administrator status on a given PC to run Windows Defender. Microsoft wants other account holders and guests to be protected against spyware, as well. And Microsoft has added support for 64-bit editions of Windows in this release.
Once installed, Windows Defender beta 2 offers a cleaner look and feel compared to that of Microsoft AntiSpyware beta 1. Scanning and removal tasks are surfaced, and all administrative tasks can be found under the Tools toolbar. Microsoft says the system tray icon will disappear whenever your system is clean, and pop-up messages warning you of dangerous activity are sized in proportion to the threat involved. For example, low threats will be a simple pop-up balloon, and severe threats to your system will involve a large dialog box in which you will have to enter a response before continuing to work.
Under the hood, Microsoft has redesigned its antispyware scan technology, offering real-time protection against potential threats. This, in addition to tighter integration with Internet Explorer 6 and Internet Explorer 7 on Windows XP SP2 or Windows Server 2003 SP1 (currently in beta), means that when you surf to a potentially dangerous Web site, you'll see the threat messages from Windows Defender as the page is loaded. Windows Defender beta 2 also has the ability to scan Microsoft Outlook file attachments.
In Windows Defender beta 2, new antispyware definitions are automatic (if you so choose)--an improvement over the original beta 1 offered last year. Moreover, automatic updates are free, making this the only free antispyware app to make such an offer. Defender gives you three levels of scan: QuickScan, Full Scan, and Custom. All three scans dig deep into compressed files, ferreting out hidden malicious executables.
Tools included within Windows Defender beta 2 include Software Explorer, which provides a snapshot of apps in your Startup folder that are currently running, along with network-connected processes and Winsock service providers, with details about each listed item. This allows you to monitor real-time processes on your PC like never before.
A controversial feature in this beta is automatic removal. In the Tools section, if you select the box next to "Apply actions on detected items during scanning," Windows Defender will automatically remove those items without you giving further consent. Other antispyware vendors have faced lawsuits with definitions and automatic removal with spyware vendors arguing that the end user should specifically remove the item, not the antipsyware app. Microsoft says that by selecting this option, you are giving permission for Windows Defender to remove future detected spyware. We'll see if this option remains in the final release.
Testing for beta 2 was unavailable at the time of this writing. , Windows AntiSpyware beta 1 ended in the middle of the pack for overall performance. A full system scan required only 6 minutes, 55 seconds and identified many of the big-name spyware programs. Each trace was assigned a threat level, making it easy to identify particularly malicious threats. Microsoft AntiSpyware beta 1 also offered thorough definitions for spyware found on our system (something that remains true in Windows Defender beta 2). However, Windows AntiSpyware beta 1 left traces behind on our test machine for BookedSpace, eXact SearchBar, and Search Exe.