| Most of this page uses content from Wikipedia. The original article was at Windows Defender. The page may have contained some inaccurate or outdated information, so please edit it so it contains better information.|
The list of authors can be seen in the page history. As with Malware Wiki, the text of Wikipedia is available under the Creative Common Attribution-ShareAlike 3.0 License.
Remove this template when most of the Wikipedia content has been removed or the Wikipedia information is outnumbered by non-Wikipedia information.
Windows Defender, formerly known as Microsoft AntiSpyware, is an antivirus made by Microsoft. It is included with every Windows versions after Windows XP, on Windows XP and Windows Server 2003, it has a free download.
On Windows XP, Vista, and 7, Windows Defender only removes spyware. It works best on 8.1 and 10.
Windows Defender features system scan capabilities similar to other free products on the market, and includes a number of real-time security agents that monitor several common areas of Windows for changes which may be caused by spyware. It also includes the ability to easily remove ActiveX applications that are installed. Also integrated is support for Microsoft's SpyNet network that allows users to report to Microsoft what they consider to be spyware, and what applications and device drivers they allow to be installed on their system.
There is integration with Internet Explorer which enables files to be scanned when they are downloaded to help ensure that one does not accidentally download malicious software. This implementation is similar to the real-time scanners of many antivirus products on the market. Although not combined with Firefox, Windows Defender still scans downloaded files for malicious code.
The Advanced Tools section allows users to discover potential vulnerabilities with a series of Software Explorers. They provide views of startup programs, currently running software, network connected applications, and Winsock providers (Winsock LSPs). In each Explorer, every element is rated as either "Known", "Unknown" or "Potentially Unwanted". The first and last categories carry a link to learn more about the particular item, and the second category invites users to submit the program to SpyNet for analysis by experts.
Windows Defender in Windows Vista automatically blocks all startup items that require administrator privileges to run (this is considered suspicious behavior for a startup item). This automatic blocking is related to the UAC (User Account Control) functionality in Windows Vista, and requires users to manually run each of these startup items each time they log in.
Windows Defender in XP, Vista, and 7 only remove spyware, and Windows Defender in Windows 8, 8.1 and 10 are much stronger.
See Also Edit