Defender not picking up some Spyware

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

An article by Jon Honeyball in PC Pro (UK) November edition describes how he
was asked to look at a friends pc where Vista had slowed down seriously,
took ages to boot up, continually took 100% cpu resources etc. After
checking with various tools with no sucess he finally ran HijackThis and
Spyware Doctor. The pc was riddled with spyware and when cleaned up ran
sprang back into action. This despite having Windows Firewall and Defender
running.

My own pc was exhibiting similar problems so I tried
running Spyware Doctor myself and found 315 infections from 8 threats, four
reported as serious. They were:

Adware.WSearch.O (8 registry entries)
Trojan-PWS.NewJoke (found in a file used by an app called RoboTask and
reported to them)
Adware.Agent.BN (found in Diskeeper files, will be reported)
Backdoor.Darkmoon (5 registry entries for this in Software\ksdev). This
apparently a key logging trojan.

I run Windows Defender yet these still got through. ????
 
Ian H said:
An article by Jon Honeyball in PC Pro (UK) November edition describes how
he
was asked to look at a friends pc where Vista had slowed down seriously,
took ages to boot up, continually took 100% cpu resources etc. After
checking with various tools with no sucess he finally ran HijackThis and
Spyware Doctor. The pc was riddled with spyware and when cleaned up ran
sprang back into action. This despite having Windows Firewall and Defender
running.

My own pc was exhibiting similar problems so I tried
running Spyware Doctor myself and found 315 infections from 8 threats,
four
reported as serious.
Click to expand...

This is very similar to what happened to my daughter's computer, as I
reported here some weeks ago. We were able completely to clear it of several
infections, using Superantispyware. Defender had carried on blithely
updating itself regularly, scanning daily and finding nothing. The real time
protection had, it seems, offered her no effective protection at all. That
experience has seriously shaken my confidence in the program, and it was all
the more sobering because I'd been responsible for recommending that she
install Defender in the first place. And it forces me to ask why it is that,
despite all the vast resources at its disposal, and despite all the lengthy
beta testing, Microsoft has succeeded in producing an antispyware program
that is so ineffective.

The trouble is, Defender is potentially more damaging than just another
not-very-effective antispyware program. Because of its status as the
official Microsoft product, there are millions of people out there using
Defender believing that that their computers are infection-free because
Defender is protecting them, when as likely as not (I suspect) they are not,
and it isn't.

The only solid reason why I now keep Defender running on my system is
because I value the notification of system changes that it provides, though
I presume that other programs are out there that would do this just as well
if I could be bothered to seek them out.

I've often criticised Defender in these newsgroups for failing to
communicate necessary information in clear language that can be understood
by the non-specialist users that the program was supposed to be designed
for. Such (surely elementary) suggestions seem to have had almost no effect
at all, so I don't suppose these criticisms about its detection and removal
capabilities will carry any weight either.
 
problem is Microsoft doesn't listen because if they did, defender would be
better than it is now.

I agree with AlanD on all his points. I would not rely on WD as my sole
defense against antispyware and trojans. It is not strong enough to pick the
bad ones up and I have been beta testing it from the beginning. I too feel
the help section is horrible. It is very hard to understand. It is written
for the IT person not the regular user. I have offered many times in here
and via email to Microsoft to help rewrite this help section and no one has
every emailed me back..
I also found I just put it on a new Dell Vostro notebook computer running xp
home sp2. I actually put it there for the same reason as Alan to notify the
user of changes that are happening on his computer, at least that part of WD
works very well. Everything was fine with the computer until I installed
WD. Note this is a brand new 3day old notebook.
I installed avg antispyware, spywareblaster, superantispyware (i am not
thrilled with the new spybot s&D 1.5 so i left that off) adaware 2007 (on a
new computer this one runs fine) and avg antivirus programs. I had NO
problems after each installation- I brought it up to date with all the ms
security updates also.
I put WD on and everything went haywire.
The computer slowed down to a crawl and the keyboard started to hesitate as
you type.
I uninstalled WD but that did not fix the problem. I had to do a system
restore back to the factury settings to get it to work. I had to start all
over but this time I did not install WD at all and the computer is humming
like a kitten. This was my first experinece with WD doing this. I have WD
on 7 computers with no problems. This took hours of lost work and money for
me and I will not put WD on another new computer running xp. Since it is
preinstalled in the OS in Vista it seems to have a more friendly attitude.
I was told there was going to be a WD 2.0 but that was mths ago and I have
not seen anywhere anything on this.
You would think Microsoft would check in here and see the problems and
suggestions we all have and fix it. They did when we were first beta
testing it but now they think they have this great product but they do not
and it defintetly needs a major rehaul
robin
 
Sometimes a little research is quite interesting. The first item you
mention is a Spyware Doctor false positive. The second item is a Trojan
which is usually detected by Anti-Virus programs not by Windows Defender
and in fact is in the Microsoft Anti-malware database. If you were running
OneCare the installed subscription product which includes Defender and the
Microsoft A-V, this probably would have been detected as
PWS:Win32/NewJoke.B. The third item... well now that's interesting from a
Spyware Doctor point of view...

Beyond that you're on your own research-wise, but it brings up the same old
same old point... it's probably a good idea to run multiple layers of
protection.

http://www.pctools.com/forum/showthread.php?s=daeea215a7c83287c7d6ab05793d4fd1&t=48950
http://www.microsoft.com/security/portal/SearchResults.aspx?query=NewJoke
http://forums.whatthetech.com/Need_Assistance_Remove_Adware_agent_bn_Pc_t82990.html
 
Alan D said:
The only solid reason why I now keep Defender running on my system is
because I value the notification of system changes that it provides,
though I presume that other programs are out there that would do this just
as well if I could be bothered to seek them out.

WinPatrol will notify you of system changes, as well as other programs..
Click to expand...
 
Back
Top