Using Windows Defender
|
527
• Multiple-language support
• Protection technologies for all users, including administrators
• Assistive technology for impaired individuals
• Support for Windows XP Professional x64 Edition
• Automated cleaning settings
Microsoft integrated Windows Defender into the Internet Explorer browser engine
to offer protection from files downloaded during your browser session. Windows
Defender scans programs in real time. This feature allows greater flexibility in the
fight against malicious code on your computer. It also helps in identifying and
removing accidental download of malicious code without your knowledge. Win-
dows Defender also allows you to schedule scanning and removal of unwanted pro-
grams. This gives you the option of choosing a specific time that works better with
your usage of the computer.
To keep the detection database up-to-date, you have the option of allowing Windows
Defender to complete automatic updates. This lets you continue working without
having to update your antispyware definitions manually. However, you should still
check the program periodically to verify that it has updated itself correctly.
Configuring Windows Defender
Microsoft offers a new interface for Windows Defender compared to previous ver-
sions of the product. There are several points of entry into the product, making it
easier to find and manage. Using the menu, you can start Windows Defender by
clicking Start
➝ All Programs ➝ Windows Defender. In the Security Center, you can
start Windows Defender by clicking the Windows Defender option in the left pane.
Figure 15-2 shows an example of the Windows Defender management window.
Figure 15-2. Checking the status of Windows Defender
528
|
Chapter 15: Protecting Your Computer with Windows Defender and Windows Firewall
You can always access the Windows Defender main page by clicking the Home but-
ton on the toolbar. In the main window, you will see the status of protection against
malicious and unwanted software. In the lower portion of the window, you will see
the status of the product, including the last scan date, scan type, scan schedule, real-
time protection status, and definition version. Windows Defender offers you several
default options on how to handle potential spyware. These default options are based
on definitions.
Windows Defender has five different alert levels, each associated with an action.
Windows Defender follows actions dictated by alert levels. Table 15-2 provides an
overview of the different alert levels, their associated descriptions, and the actions
Windows Defender takes in the default configuration state.
If you click the Tools button on the toolbar and then click Options on the Tools and
Settings page, you’ll be able to change the default configuration settings to meet your
needs. The options are divided into five broad categories:
Table 15-2. Windows Defender alert levels
Alert level Associated with… Action taken
Severe Widespread or exceptionally malicious pro-
grams, similar to viruses or worms, which nega-
tively affect your privacy and the security of your
computer, and can damage your computer.
Windows Defender removes this type of software
immediately.
High Programs that might collect your personal infor-
mation and negatively affect your privacy or
damage your computer—for example, by col-
lecting information or changing settings, typi-
cally without your knowledge or consent.
Windows Defender removes this type of software
immediately.
Medium Programs that might affect your privacy or
make changes to your computer that could neg-
atively impact your computingexperience—for
example, by collecting personal information or
changing settings.
Windows Defender alerts you. Review the alert
details to see why the software was detected. If you
do not like how the software operates or if you do
not recognize and trust the publisher, consider
blocking or removing the software.
Low Potentially unwanted software that might col-
lect information about you or your computer or
change how your computer works, but is oper-
ating in agreement with licensing terms dis-
played when you installed the software.
Windows Defender alerts you. Review the alert. This
software typically is benign when it runs on your
computer, unless it was installed without your
knowledge. If you are not sure whether to allow the
program to run, review the alert details or see if you
recognize and trust the publisher of the software.
Not Yet Classified Programs that typically are benign unless they
are installed on your computer without your
knowledge.
Windows Defender alerts you. Review the alert. If
you recognize and trust thesoftware, allow it to run.
If you do not recognize the software or the pub-
lisher, review the alert details to decide how to take
action. If you are a SpyNet community member,
check the community ratings to see if other users
trust the software.
Get Windows Vista Security: Praxisorientierte Sicherheit für Profis now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
