Steve said:
Steve said:
Bill Sanderson said:
Steve said:
plun said:Hi Steve
-Can you please explain why default scan period is 1/day ?
- Don´t you trusth RTP functionality within Windows Defender ?
- Is it holes that can make malware passing through and only
be detected with a scan ?
- Is it beacuse of users "feel safe" with a daily scan ?
Users leaves their PCs switched on 24/7 beacuse of meaningless
scans, it must be clarified that a PC is switched off after work and
no need for a daily/nightly scan.
And antivirus/trojan scans are much more important than a WD scan
with also beacuse of several more definition updates.
Of course it might be a good idea to scan after new WD defs......
IMHO
regards
plun
So how do you feel about the speed of a quickscan? On office machines, with
relatively low startup loads--not much "in the tray" I see times in the 1-3
minute range--haven't really checked a broad selection carefully--but it
seems fast enough that I don't see it as an obstacle.
--
plun said:Hi Steve
-Can you please explain why default scan period is 1/day ?
- Don´t you trusth RTP functionality within Windows Defender ?
- Is it holes that can make malware passing through and only
be detected with a scan ?
- Is it beacuse of users "feel safe" with a daily scan ?
Users leaves their PCs switched on 24/7 beacuse of meaningless
scans, it must be clarified that a PC is switched off after work and
no need for a daily/nightly scan.
And antivirus/trojan scans are much more important than a WD scan
with also beacuse of several more definition updates.
Of course it might be a good idea to scan after new WD defs......
IMHO
regards
plun
plun said:Hi Bill
Well, I would say that a Quick scan takes about 5-10 minutes.
A lot of users probably change this to a full scan beacuse of spyware
paranoia
I can not see any reason to make all of these scans and the highest
priority has antivirus/trojans scans.
So one full scan after new defs arrived should be enough...........
Otherwise the RTP is out of order.........
But I wanted this clarified from Mr Dodson if the RTP functionality
have some holes ???
It seems also be totally clear form this mess with updates that a lot of
users have missed Windows update and to keep their PC dated.... ;(
Maybe it´s better to put energy to Windowsupdate, antivirus/trojans then
to make WD working and make a daily scan
regards
plun
So how do you feel about the speed of a quickscan? On office machines,
with relatively low startup loads--not much "in the tray" I see times in
the 1-3 minute range--haven't really checked a broad selection
carefully--but it seems fast enough that I don't see it as an obstacle.
--
plun said:Hi Steve
-Can you please explain why default scan period is 1/day ?
- Don´t you trusth RTP functionality within Windows Defender ?
- Is it holes that can make malware passing through and only
be detected with a scan ?
- Is it beacuse of users "feel safe" with a daily scan ?
Users leaves their PCs switched on 24/7 beacuse of meaningless
scans, it must be clarified that a PC is switched off after work and
no need for a daily/nightly scan.
And antivirus/trojan scans are much more important than a WD scan
with also beacuse of several more definition updates.
Of course it might be a good idea to scan after new WD defs......
IMHO
regards
plun
As far as the scan time goes, we would expect it to take longer since
we actually scan more, and have protections in place to make sure we
are removing the correct file. Beta 1 was not able to scan all
compressed files, unicode files, etc. Therefore the scan times were
faster. It was a balance we needed to make, one which gives us high
performance, but also finds and removes malware (and not a valid
program). It is a hard balance, but one I think we have done well.
--
-steve
Steve Dodson [MSFT]
Windows Defender Beta Lead
MCSE, CISSP
http://blogs.technet.com/stevedod
--
This posting is provided "AS IS" with no warranties, and confers no
rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
Note: For the benefit of the community-at-large, all responses to this
message are best directed to the newsgroup/thread from which they
originated.
"Steve" <[email protected]>
wrote in message
My biggest disappointment in not having a separate source for download
of
update signature file is in cases where multiple machines are
networked and
share a relatively slow internet connection. The updates are sometimes
very
large and take so long that "normal" internet usage is not available
for a
considerable period of time while updates are being downloaded.
Same complaint for [non-MS] anti-virus software - updates are way too
large
and take too long on slow connection. Multiple parallel updates often
result
in FTP server timeout, and the update is not "smart" enough to resume
at
point of loss.
If a manual download was available, we could get 1 and then install on
each
machine. That would save the server some bandwidth, too.
As for "not being exposed"... in a scenario where children are
involved as
users, they sometimes exchange files via CD-ROM, or USB devices. So
there is
still the potential of being exposed that way. But I do understand the
comment.
All this aside, after a great deal of experimenting and observing, I
think
Defender is not as good as previous "Giant AntiSpyware", in particular
that
Defender is much slower to scan the machines (we have 6 - it takes
twice the
time on each of them), and we now see random periods of 100% CPU
utilization
by a process identified as "MsMpEng.exe", which last from 3 to 15
minutes,
during which the machines are virtually unusable. Can not open/close
existing
windows, windows do not get repainted, no internet or network activity
is
possible. When the task releases CPU, everything returns to "normal".
This
has been observed on all 6 computers, 3 of which run Win2000 pro, two
run XP
pro and 1 runs XP home. I find this behavior extremely annoying and
frustrating.
-- ST
:
i fear not.....read that manual updates are not possible as in:
cannot
download manually. I dont think it fits in the concept....if not
connected to
the internet, you're not exposed, so why use WinDefender is my
simplified
take on this.
-- The Dutch Italian
Coelum Non Animum Mutant Qui Trans Mare Currunt
:
Hi,
Is there any possibility to keep ap to date a computer having
Windows
defender (beta2) that is not connected to the internet?
Thanks
-- Razvan
Bill Sanderson said:
In a way I agree with you: The primary energy needs to be devoted to the
more basic things--1) firewall, 2) patching, 3) antivirus, 4) spyware.
And let's try to simplify every one of these, and have 4 be the simplest, so
that we can let the users concentrate on the more important ones.
--
plun said:Hi Bill
Well, I would say that a Quick scan takes about 5-10 minutes.
A lot of users probably change this to a full scan beacuse of spyware
paranoia
I can not see any reason to make all of these scans and the highest
priority has antivirus/trojans scans.
So one full scan after new defs arrived should be enough...........
Otherwise the RTP is out of order.........
But I wanted this clarified from Mr Dodson if the RTP functionality
have some holes ???
It seems also be totally clear form this mess with updates that a lot of
users have missed Windows update and to keep their PC dated.... ;(
Maybe it´s better to put energy to Windowsupdate, antivirus/trojans then
to make WD working and make a daily scan
regards
plun
So how do you feel about the speed of a quickscan? On office machines,
with relatively low startup loads--not much "in the tray" I see times in
the 1-3 minute range--haven't really checked a broad selection
carefully--but it seems fast enough that I don't see it as an obstacle.
--
Hi Steve
-Can you please explain why default scan period is 1/day ?
- Don´t you trusth RTP functionality within Windows Defender ?
- Is it holes that can make malware passing through and only
be detected with a scan ?
- Is it beacuse of users "feel safe" with a daily scan ?
Users leaves their PCs switched on 24/7 beacuse of meaningless
scans, it must be clarified that a PC is switched off after work and
no need for a daily/nightly scan.
And antivirus/trojan scans are much more important than a WD scan
with also beacuse of several more definition updates.
Of course it might be a good idea to scan after new WD defs......
IMHO
regards
plun
As far as the scan time goes, we would expect it to take longer since we
actually scan more, and have protections in place to make sure we are
removing the correct file. Beta 1 was not able to scan all compressed
files, unicode files, etc. Therefore the scan times were faster. It was
a balance we needed to make, one which gives us high performance, but
also finds and removes malware (and not a valid program). It is a hard
balance, but one I think we have done well.
--
-steve
Steve Dodson [MSFT]
Windows Defender Beta Lead
MCSE, CISSP
http://blogs.technet.com/stevedod
--
This posting is provided "AS IS" with no warranties, and confers no
rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
Note: For the benefit of the community-at-large, all responses to this
message are best directed to the newsgroup/thread from which they
originated.
"Steve" <[email protected]>
wrote in message
My biggest disappointment in not having a separate source for download
of
update signature file is in cases where multiple machines are networked
and
share a relatively slow internet connection. The updates are sometimes
very
large and take so long that "normal" internet usage is not available
for a
considerable period of time while updates are being downloaded.
Same complaint for [non-MS] anti-virus software - updates are way too
large
and take too long on slow connection. Multiple parallel updates often
result
in FTP server timeout, and the update is not "smart" enough to resume
at
point of loss.
If a manual download was available, we could get 1 and then install on
each
machine. That would save the server some bandwidth, too.
As for "not being exposed"... in a scenario where children are involved
as
users, they sometimes exchange files via CD-ROM, or USB devices. So
there is
still the potential of being exposed that way. But I do understand the
comment.
All this aside, after a great deal of experimenting and observing, I
think
Defender is not as good as previous "Giant AntiSpyware", in particular
that
Defender is much slower to scan the machines (we have 6 - it takes
twice the
time on each of them), and we now see random periods of 100% CPU
utilization
by a process identified as "MsMpEng.exe", which last from 3 to 15
minutes,
during which the machines are virtually unusable. Can not open/close
existing
windows, windows do not get repainted, no internet or network activity
is
possible. When the task releases CPU, everything returns to "normal".
This
has been observed on all 6 computers, 3 of which run Win2000 pro, two
run XP
pro and 1 runs XP home. I find this behavior extremely annoying and
frustrating.
-- ST
:
i fear not.....read that manual updates are not possible as in: cannot
download manually. I dont think it fits in the concept....if not
connected to
the internet, you're not exposed, so why use WinDefender is my
simplified
take on this.
-- The Dutch Italian
Coelum Non Animum Mutant Qui Trans Mare Currunt
:
Hi,
Is there any possibility to keep ap to date a computer having
Windows
defender (beta2) that is not connected to the internet?
Thanks
-- Razvan
plun said:Hi
Well something more.......
Maybe it´s time for all users to completely remove all
temporarily junk with CCleaner.
And also remove every bit/byte within Software downloading folder.
This is a mess and I´m nearly sure about that a lots of problems
is messed up PCs, "chaotic" PCs tries to run WD with severe bugs.
Within Swedish forums there is only a few remarks about problems
but nearly everyone uses CCleaner and keep their PCs junk free.
I have only seen one remark about update problems.
regards
plun
In a way I agree with you: The primary energy needs to be devoted to the
more basic things--1) firewall, 2) patching, 3) antivirus, 4) spyware.
And let's try to simplify every one of these, and have 4 be the simplest,
so that we can let the users concentrate on the more important ones.
--
plun said:Hi Bill
Well, I would say that a Quick scan takes about 5-10 minutes.
A lot of users probably change this to a full scan beacuse of spyware
paranoia
I can not see any reason to make all of these scans and the highest
priority has antivirus/trojans scans.
So one full scan after new defs arrived should be enough...........
Otherwise the RTP is out of order.........
But I wanted this clarified from Mr Dodson if the RTP functionality
have some holes ???
It seems also be totally clear form this mess with updates that a lot of
users have missed Windows update and to keep their PC dated.... ;(
Maybe it´s better to put energy to Windowsupdate, antivirus/trojans then
to make WD working and make a daily scan
regards
plun
So how do you feel about the speed of a quickscan? On office machines,
with relatively low startup loads--not much "in the tray" I see times
in the 1-3 minute range--haven't really checked a broad selection
carefully--but it seems fast enough that I don't see it as an obstacle.
--
Hi Steve
-Can you please explain why default scan period is 1/day ?
- Don´t you trusth RTP functionality within Windows Defender ?
- Is it holes that can make malware passing through and only
be detected with a scan ?
- Is it beacuse of users "feel safe" with a daily scan ?
Users leaves their PCs switched on 24/7 beacuse of meaningless
scans, it must be clarified that a PC is switched off after work and
no need for a daily/nightly scan.
And antivirus/trojan scans are much more important than a WD scan
with also beacuse of several more definition updates.
Of course it might be a good idea to scan after new WD defs......
IMHO
regards
plun
As far as the scan time goes, we would expect it to take longer since
we actually scan more, and have protections in place to make sure we
are removing the correct file. Beta 1 was not able to scan all
compressed files, unicode files, etc. Therefore the scan times were
faster. It was a balance we needed to make, one which gives us high
performance, but also finds and removes malware (and not a valid
program). It is a hard balance, but one I think we have done well.
--
-steve
Steve Dodson [MSFT]
Windows Defender Beta Lead
MCSE, CISSP
http://blogs.technet.com/stevedod
--
This posting is provided "AS IS" with no warranties, and confers no
rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
Note: For the benefit of the community-at-large, all responses to
this
message are best directed to the newsgroup/thread from which they
originated.
"Steve" <[email protected]>
wrote in message
My biggest disappointment in not having a separate source for
download of
update signature file is in cases where multiple machines are
networked and
share a relatively slow internet connection. The updates are
sometimes very
large and take so long that "normal" internet usage is not available
for a
considerable period of time while updates are being downloaded.
Same complaint for [non-MS] anti-virus software - updates are way
too large
and take too long on slow connection. Multiple parallel updates
often result
in FTP server timeout, and the update is not "smart" enough to
resume at
point of loss.
If a manual download was available, we could get 1 and then install
on each
machine. That would save the server some bandwidth, too.
As for "not being exposed"... in a scenario where children are
involved as
users, they sometimes exchange files via CD-ROM, or USB devices. So
there is
still the potential of being exposed that way. But I do understand
the
comment.
All this aside, after a great deal of experimenting and observing, I
think
Defender is not as good as previous "Giant AntiSpyware", in
particular that
Defender is much slower to scan the machines (we have 6 - it takes
twice the
time on each of them), and we now see random periods of 100% CPU
utilization
by a process identified as "MsMpEng.exe", which last from 3 to 15
minutes,
during which the machines are virtually unusable. Can not open/close
existing
windows, windows do not get repainted, no internet or network
activity is
possible. When the task releases CPU, everything returns to
"normal". This
has been observed on all 6 computers, 3 of which run Win2000 pro,
two run XP
pro and 1 runs XP home. I find this behavior extremely annoying and
frustrating.
-- ST
:
i fear not.....read that manual updates are not possible as in:
cannot
download manually. I dont think it fits in the concept....if not
connected to
the internet, you're not exposed, so why use WinDefender is my
simplified
take on this.
-- The Dutch Italian
Coelum Non Animum Mutant Qui Trans Mare Currunt
:
Hi,
Is there any possibility to keep ap to date a computer having
Windows
defender (beta2) that is not connected to the internet?
Thanks
-- Razvan
Most posters here also say that Windows Update is working perfectly--but the
idea of blowing away SoftwareDistribution probably has merit.
--
plun said:Hi
Well something more.......
Maybe it´s time for all users to completely remove all
temporarily junk with CCleaner.
And also remove every bit/byte within Software downloading folder.
This is a mess and I´m nearly sure about that a lots of problems
is messed up PCs, "chaotic" PCs tries to run WD with severe bugs.
Within Swedish forums there is only a few remarks about problems
but nearly everyone uses CCleaner and keep their PCs junk free.
I have only seen one remark about update problems.
regards
plun
In a way I agree with you: The primary energy needs to be devoted to the
more basic things--1) firewall, 2) patching, 3) antivirus, 4) spyware.
And let's try to simplify every one of these, and have 4 be the simplest,
so that we can let the users concentrate on the more important ones.
--
Hi Bill
Well, I would say that a Quick scan takes about 5-10 minutes.
A lot of users probably change this to a full scan beacuse of spyware
paranoia
I can not see any reason to make all of these scans and the highest
priority has antivirus/trojans scans.
So one full scan after new defs arrived should be enough...........
Otherwise the RTP is out of order.........
But I wanted this clarified from Mr Dodson if the RTP functionality
have some holes ???
It seems also be totally clear form this mess with updates that a lot of
users have missed Windows update and to keep their PC dated.... ;(
Maybe it´s better to put energy to Windowsupdate, antivirus/trojans then
to make WD working and make a daily scan
regards
plun
So how do you feel about the speed of a quickscan? On office machines,
with relatively low startup loads--not much "in the tray" I see times
in the 1-3 minute range--haven't really checked a broad selection
carefully--but it seems fast enough that I don't see it as an obstacle.
--
Hi Steve
-Can you please explain why default scan period is 1/day ?
- Don´t you trusth RTP functionality within Windows Defender ?
- Is it holes that can make malware passing through and only
be detected with a scan ?
- Is it beacuse of users "feel safe" with a daily scan ?
Users leaves their PCs switched on 24/7 beacuse of meaningless
scans, it must be clarified that a PC is switched off after work and
no need for a daily/nightly scan.
And antivirus/trojan scans are much more important than a WD scan
with also beacuse of several more definition updates.
Of course it might be a good idea to scan after new WD defs......
IMHO
regards
plun
As far as the scan time goes, we would expect it to take longer since
we actually scan more, and have protections in place to make sure we
are removing the correct file. Beta 1 was not able to scan all
compressed files, unicode files, etc. Therefore the scan times were
faster. It was a balance we needed to make, one which gives us high
performance, but also finds and removes malware (and not a valid
program). It is a hard balance, but one I think we have done well.
--
-steve
Steve Dodson [MSFT]
Windows Defender Beta Lead
MCSE, CISSP
http://blogs.technet.com/stevedod
--
This posting is provided "AS IS" with no warranties, and confers no
rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
Note: For the benefit of the community-at-large, all responses to
this
message are best directed to the newsgroup/thread from which they
originated.
"Steve" <[email protected]>
wrote in message
My biggest disappointment in not having a separate source for
download of
update signature file is in cases where multiple machines are
networked and
share a relatively slow internet connection. The updates are
sometimes very
large and take so long that "normal" internet usage is not available
for a
considerable period of time while updates are being downloaded.
Same complaint for [non-MS] anti-virus software - updates are way too
large
and take too long on slow connection. Multiple parallel updates often
result
in FTP server timeout, and the update is not "smart" enough to resume
at
point of loss.
If a manual download was available, we could get 1 and then install
on each
machine. That would save the server some bandwidth, too.
As for "not being exposed"... in a scenario where children are
involved as
users, they sometimes exchange files via CD-ROM, or USB devices. So
there is
still the potential of being exposed that way. But I do understand
the
comment.
All this aside, after a great deal of experimenting and observing, I
think
Defender is not as good as previous "Giant AntiSpyware", in
particular that
Defender is much slower to scan the machines (we have 6 - it takes
twice the
time on each of them), and we now see random periods of 100% CPU
utilization
by a process identified as "MsMpEng.exe", which last from 3 to 15
minutes,
during which the machines are virtually unusable. Can not open/close
existing
windows, windows do not get repainted, no internet or network
activity is
possible. When the task releases CPU, everything returns to "normal".
This
has been observed on all 6 computers, 3 of which run Win2000 pro, two
run XP
pro and 1 runs XP home. I find this behavior extremely annoying and
frustrating.
-- ST
:
i fear not.....read that manual updates are not possible as in:
cannot
download manually. I dont think it fits in the concept....if not
connected to
the internet, you're not exposed, so why use WinDefender is my
simplified
take on this.
-- The Dutch Italian
Coelum Non Animum Mutant Qui Trans Mare Currunt
:
Hi,
Is there any possibility to keep ap to date a computer having
Windows
defender (beta2) that is not connected to the internet?
Thanks
-- Razvan
Steve Dodson said:
plun said:Hi Bill
Well, I would say that a Quick scan takes about 5-10 minutes.
A lot of users probably change this to a full scan beacuse of spyware
paranoia
I can not see any reason to make all of these scans and the highest
priority has antivirus/trojans scans.
So one full scan after new defs arrived should be enough...........
Otherwise the RTP is out of order.........
But I wanted this clarified from Mr Dodson if the RTP functionality
have some holes ???
It seems also be totally clear form this mess with updates that a lot of
users have missed Windows update and to keep their PC dated.... ;(
Maybe it´s better to put energy to Windowsupdate, antivirus/trojans then
to make WD working and make a daily scan
regards
plun
So how do you feel about the speed of a quickscan? On office machines,
with relatively low startup loads--not much "in the tray" I see times in
the 1-3 minute range--haven't really checked a broad selection
carefully--but it seems fast enough that I don't see it as an obstacle.
--
plun said:Hi Steve
-Can you please explain why default scan period is 1/day ?
- Don´t you trusth RTP functionality within Windows Defender ?
- Is it holes that can make malware passing through and only
be detected with a scan ?
- Is it beacuse of users "feel safe" with a daily scan ?
Users leaves their PCs switched on 24/7 beacuse of meaningless
scans, it must be clarified that a PC is switched off after work and
no need for a daily/nightly scan.
And antivirus/trojan scans are much more important than a WD scan
with also beacuse of several more definition updates.
Of course it might be a good idea to scan after new WD defs......
IMHO
regards
plun
As far as the scan time goes, we would expect it to take longer since
we actually scan more, and have protections in place to make sure we
are removing the correct file. Beta 1 was not able to scan all
compressed files, unicode files, etc. Therefore the scan times were
faster. It was a balance we needed to make, one which gives us high
performance, but also finds and removes malware (and not a valid
program). It is a hard balance, but one I think we have done well.
--
-steve
Steve Dodson [MSFT]
Windows Defender Beta Lead
MCSE, CISSP
http://blogs.technet.com/stevedod
--
This posting is provided "AS IS" with no warranties, and confers no
rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
Note: For the benefit of the community-at-large, all responses to this
message are best directed to the newsgroup/thread from which they
originated.
"Steve" <[email protected]>
wrote in message
My biggest disappointment in not having a separate source for download
of
update signature file is in cases where multiple machines are
networked and
share a relatively slow internet connection. The updates are sometimes
very
large and take so long that "normal" internet usage is not available
for a
considerable period of time while updates are being downloaded.
Same complaint for [non-MS] anti-virus software - updates are way too
large
and take too long on slow connection. Multiple parallel updates often
result
in FTP server timeout, and the update is not "smart" enough to resume
at
point of loss.
If a manual download was available, we could get 1 and then install on
each
machine. That would save the server some bandwidth, too.
As for "not being exposed"... in a scenario where children are
involved as
users, they sometimes exchange files via CD-ROM, or USB devices. So
there is
still the potential of being exposed that way. But I do understand the
comment.
All this aside, after a great deal of experimenting and observing, I
think
Defender is not as good as previous "Giant AntiSpyware", in particular
that
Defender is much slower to scan the machines (we have 6 - it takes
twice the
time on each of them), and we now see random periods of 100% CPU
utilization
by a process identified as "MsMpEng.exe", which last from 3 to 15
minutes,
during which the machines are virtually unusable. Can not open/close
existing
windows, windows do not get repainted, no internet or network activity
is
possible. When the task releases CPU, everything returns to "normal".
This
has been observed on all 6 computers, 3 of which run Win2000 pro, two
run XP
pro and 1 runs XP home. I find this behavior extremely annoying and
frustrating.
-- ST
:
i fear not.....read that manual updates are not possible as in:
cannot
download manually. I dont think it fits in the concept....if not
connected to
the internet, you're not exposed, so why use WinDefender is my
simplified
take on this.
-- The Dutch Italian
Coelum Non Animum Mutant Qui Trans Mare Currunt
:
Hi,
Is there any possibility to keep ap to date a computer having
Windows
defender (beta2) that is not connected to the internet?
Thanks
-- Razvan