What would you like in Windows Defender 2.0?

  • Thread starter Thread starter Joe Faulhaber[MSFT]
  • Start date Start date
J

Joe Faulhaber[MSFT]

We're planning for Windows Defender 2.0, and I'd like to gather your
feedback on what the first version doesn't have that it should.

Personally, a few thing I'd like are more software explorers, allows
allow/always block of unknowns, better history keeping, and ability to pause
scans.

How about you?

Microsoft has announced an enterprise antimalware solution named Forefront
Client Security, and OneCare is available for full malware protection and
machine maintenance/cleanup on home machines, so please consider this in
your replies (I know there's a ton of people who want Enterprise and AV
OnAccess protection, which is why I mention these. :))

Thanks in advance,
Joe
 
Joe said:
We're planning for Windows Defender 2.0, and I'd like to gather your
feedback on what the first version doesn't have that it should.

Personally, a few thing I'd like are more software explorers, allows
allow/always block of unknowns, better history keeping, and ability
to pause scans.
Click to expand...
One of the problems with many security packages is that they become
increasingly complex and bloated.

My plea is to to keep Defender simple. I like how It runs quietly in
the background and does it's job with very little interaction with me.

John
How about you?

Microsoft has announced an enterprise antimalware solution named
Forefront Client Security, and OneCare is available for full malware
protection and machine maintenance/cleanup on home machines, so
please consider this in your replies (I know there's a ton of people
who want Enterprise and AV OnAccess protection, which is why I
mention these. :))

Thanks in advance,
Joe
Click to expand...



--
 
Some way to know what the warnings mean, and what we should do about them.
Messages like: "Windows Defender made a system...known application...".
And in Event Viewer, I always read each warning message but don't know what
to do about them, or even if they are (were) harmful.






Joe
 
Joe Faulhaber said:
We're planning for Windows Defender 2.0, and I'd like to gather your
feedback on what the first version doesn't have that it should.
Click to expand...

Thanks Joe. The single most important change you could make, and the one
that would benefit the most people, is to improve the clarity of the help,
the warnings, and the general descriptions of settings etc. In short, the way
Defender communicates with the user. In this respect, the feedback you get
from people on newsgroups like this isn't useful to you. I'm thinking of the
millions and millions of people who may not know how to find their way to
this newsgroup, or, if they got here, may not know how to phrase their
question.

Almost all my friends know less about computers than I do (and that's not
much, Joe). They aren't willing to spend the time and resources that I have,
in order to understand how to use antispyware software, so I couldn't
possibly recommend to them that they install Defender on their systems,
because
(a) they would be likely to abandon the complex process of downloading it
and installing it because of the bewildering Genuine Advantage obstacle
course.
(b) they wouldn't understand any of the setup options (I hardly understand
them myself)
(c) when something happens and they consult the help section, they probably
won't find the help relevant or, if relevant, intelligible (indeed, that's my
experience, mainly).

There is a simple way to solve all this, though it will take a bit of time
and some patience. You need a group of people, basically selected at random
from the street, whose only qualification is that they own a computer and
that they're willing to help. (Any technophiles you pick up by chance are
automatically disqualified.) Sit them in front of a computer and ask them to
download and install Defender. Watch what they do; make a note of what
questions they ask. I think you'll be amazed by the elementary nature of the
problems that arise and of the questions that are asked.

Then ask them to set up Defender and run a scan. Again note the questions
and problems.

Finally, give them an infected computer to scan, and/or arrange for a few
real-time Defender popups, and see how they respond to Defender's messages.
(I believe most will be totally confused.)

In the light of these findings, rewrite all the Help section, and rephrase
the setup options and warning messages.

My understanding is that Defender is supposed to provide the average user
with something that approximates to simple, install-and-forget protection. I
think that technically it probably does do that. But its communications with
the user are just terrible, frankly, and that greatly diminishes its
usefulness - not for the techie, of course, but for the millions of people
who really need it - people who use their computers for email, and to surf
the net, and probably not much else because they aren't interested in
computers. Defender has to be able to communicate clearly with those
millions. At present, it doesn't come close to achieving that.
 
A simple download and install in place.
No need to uninstall the current version!

More update options.
1. An easy link to download the updates (Give Engel a break).

2. An option to Update thru Defender w/o using AU (WU or MU) so we can
update without needing to create a restore point (which seems to be required
by WU an MU.

3. A link so we can see what Defender is protecting against (a detected
Malware List) and what it isn't.

4. Explain what each Version/Engine update is going to change so we won't
feel like Beta Pigs trying to fiqure it out. It's out of Beta, treat us like
real people now.

5. A dedicate MS Support person to monitor this group and give or at least
approve offical solutions and/or work arounds for problems.

?:-)
Tim
Geek w/o Portfolio
 
A dedicated download area from where users can download updates for
offline installation. At present we have to rely on Engle to supply
this and the address changes virtually everytime there is a new
download. I am not just talking about the file name change!

How about set time for scanning. At present defender scans "around"
time but surely in the 21st century it should be at "time".

Updates should not happen without the checkin with the owner if windows
is set to download the updates but not to install automatically like in
windows!

hth
 
adding to everyone else's comments and all are right on the money so I will
try not to repeat are:
I took a poll of my own with my clients and other colleges and found that
most are terrified of installing WD because as alan said for a beginner WD
is way too confusing to configure.
The Help section is set up for advanced users, not beginners and most are
clueless what to do.
in Tools:
Options:
Default Actions is totally confusing and needs more simplified explanations
of what each one is and does.
Advanced Options- also needs to be explained better
Software Explorer- I had a view clients look at that and when asked them to
explain it to me they looked at me as if I had 6 heads. Even for myself it
took me a while to figure that out.

Microsoft doesn't realize not everyone is an IT person and most who will
have WD on their computers are beginners or 1+.

Thank goodness when updating or when running scans- WD doesn't set anymore
restore points.

Also If you look at one of my posts you will see i found a bug in the
limited user account.
I created a limited user account on one of my computers for my son. I
configured Office 2003 to run on this side so he could use it. WD popped up
while the installation and asked me to permit or not but everything was
grayed out to do anything. I had checked in WD to allow all users to use WD
so it should have allowed me to check "permit". What good is it if my son
goes to the internet and picks up something bad or not and WD will not allow
him to do anything about it.

Also updating a version should not have to be an uninstall, it should just
go over the prior one. Once you get this new one up we here will all have
to uninstall the old. The last time this happened nothing was saved. No
settings no nada! What happens if have stuff in quarintine and now it is
lost. You wind up rescanning again or if it deletes a file that is a system
file- when you uninstall the prior version, you now find something in
Windows is hosed.

robin
 
Way to go Robin,
One correction though,

Defender STILL creates Restore Points when updating.
It is only when using Engles link that a Restore Point is not made.

?:-)
Tim
Geek w/o Portfolio
 
Hi Joe and rest of the team, I would like to see what malware definitions are
being installed, like what Ad-Aware does. Maybe not in an email (definitions
beta testers) like what i recieve from them, just a listing like what you can
get from Spybot and Lavasoft. Many of the programs today are updating daily,
so maybe more than one update a week ? Thanks for listening.
 
I want to second this suggestion. In fact, I consider OneCare seriously
bloated in this respect. I'm disappointed that there is no complete
antimalware product for home users from Microsoft that is as simple as
Windows Defender is for anti-spyware use.

I do like all of the thoughts that Joe has mentioned--additions to software
explorers, ability to pause scans, and better ability to lock out areas or
apps from scanning.

I've heard these critiques of the update method with some regularity here:
1) a need for a way to go to a specific place and get the latest update(s).
2) the possibility of having autoupdate set to "notify only" but still have
Windows Defender updates applied automatically. I know this goes beyond the
product, but.....

On a broader level--I'd like to see a product that outshines the rest in
objective comparative reviews. I can't say that the current product does
not do that--I don't think I've seen much in the way of such reviews since
release--but the first thing we all want out of an antispyware is that it do
the designed job as well as possible.

--
 
We're planning for Windows Defender 2.0, and I'd like to gather your
feedback on what the first version doesn't have that it should.

Personally, a few thing I'd like are more software explorers, allows
allow/always block of unknowns, better history keeping, and ability to pause
scans.

How about you?

Microsoft has announced an enterprise antimalware solution named Forefront
Client Security, and OneCare is available for full malware protection and
machine maintenance/cleanup on home machines, so please consider this in
your replies (I know there's a ton of people who want Enterprise and AV
OnAccess protection, which is why I mention these. :))

Thanks in advance,
Joe

To have a similar or better detection rates than SuperAntiSpyware at least.
 
Hello Joe,

Introducing a Test

I am looking for test/download that is available to test and see if Windows
Defender is working on my computer.

Something like the EICAR.COM file that can be used to test Anti Virus apps.

This will give you clear evidence about whether real-time protection and
each security agent is, in fact, active.

Thank you.
 
Joe Faulhaber said:
We're planning for Windows Defender 2.0, and I'd like to gather your
feedback on what the first version doesn't have that it should.

Personally, a few thing I'd like are more software explorers, allows
allow/always block of unknowns, better history keeping, and ability to pause
scans.

How about you?

Microsoft has announced an enterprise antimalware solution named Forefront
Client Security, and OneCare is available for full malware protection and
machine maintenance/cleanup on home machines, so please consider this in
your replies (I know there's a ton of people who want Enterprise and AV
OnAccess protection, which is why I mention these. :))

Thanks in advance,
Joe
Click to expand...
 
Real time protection that detects the actual name of the app, e.g., Windows
Media Player, program xyz or something like what you see under Task Manager.

Extensions to Permit or Deny. You mentioned always allow. How about Kill
or Quarantine for Deny.

The ability for Windows Defender to automatically restart in Safe Mode to
remove Malware.
 
I would like to be able to use defender on windows 2000, it is because I have
put this software on over 50 pc's (all 2000) and now I have to find another
product that does all the things defender does e.g. automatically update
definitions and schedule scans. Most products I have looked around for don't
do this without paying for it.

Please bring it back for Windows 2000!!!

Hannah
 
**********************
I would like to see the "date of scan" noted after it has been completed.
The current view notes "Today" as the last scan date.
***********************
 
Great news for sure!!
Another interesting question to ask here would be what WD has now that it
shouldn't. As someone has said before most users are not computer literate
and would like to have a security tool that runs smoothly and goes unnoticed
as much as posible. If WD needs to take some action that can be carried out
automatically, then why bother the user with those request pop-ups(security
incidents) that they are not sure how to respond to ?
If WD needs to delete something for good then ask the user or quarantine it
so that they can restore it if necessary.

Desirable feature:
<-> Can't MSRT be integrated some way in wd without the necessity of being
downloaded manually?
<-> Be more proactive/intelligent: include technologies such as AI,heuristic
,behavior-based detection to offer a better protection against unwanted and
malicious software. I think that's the way to go.


Bottom line:
1) Minimize user interaction as much as possible.
2) add more intelligence to WD.

Regards,
Ken.
 
I would like to see Defender have the ability to be used as an on demand
scanner. I don't have much use for an "always on" antispyware app.
 
hannab2005 said:
I would like to be able to use defender on windows 2000, it is because I have
put this software on over 50 pc's (all 2000) and now I have to find another
product that does all the things defender does e.g. automatically update
definitions and schedule scans. Most products I have looked around for don't
do this without paying for it.

Please bring it back for Windows 2000!!!
Click to expand...

That's unlikely even though at this point it would be very simple to do, but
a second vote can't hurt.<g>

Bob Vanderveen
 
Joe Faulhaber said:
We're planning for Windows Defender 2.0, and I'd like to gather your
feedback on what the first version doesn't have that it should.

Personally, a few thing I'd like are more software explorers, allows
allow/always block of unknowns, better history keeping, and ability to pause
scans.

How about you?

Microsoft has announced an enterprise antimalware solution named Forefront
Client Security, and OneCare is available for full malware protection and
machine maintenance/cleanup on home machines, so please consider this in
your replies (I know there's a ton of people who want Enterprise and AV
OnAccess protection, which is why I mention these. :))
Click to expand...

I see some people want WD to be even more simple minded than it is already
and other want more info and control. I'd like to see very simple default
settings, but with an optional "expert" mode provided by Mark Russinovich.
<g>

Bob Vanderveen
 
Back
Top