Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Windows Defender

Update: Since this article was published, two things have happened: Windows Defender is now included in Windows 7 by default, and Microsoft has release Microsoft Security Essentials (MSE), a fully featured anti-virus and anti-spyware package that actually replaces Windows Defender when install. I now recommend MSE instead of Windows Defender.

Update #2: Since that update, Microsoft has renamed the combination of Defender and MSE to Windows Security, and it’s included by default in Windows 10 and 11.

There are several reputable anti-spyware programs available these days. Unfortunately, none of them catch every single piece of adware or spyware. But if you’re an average user, or like me, you choose to run only one package, then I recommend Microsoft Windows Defender as the one to run.

Become a Patron of Ask Leo! and go ad-free!

I recommend Microsoft Windows Defender for a couple of reasons:

  • Even though it’s technically still in Beta, the consensus seems to be that it catches the most spyware in comparison to other packages. Not all, but more.
  • It’s the easiest to use, and defaults to a safe configuration that, in other packages, you’d have to take extra steps to attain.
  • It’s free.

As I said, program installation is easy and clean, and that the default settings mean that the average user rarely needs to visit the program again. In fact, after installing, the most common interaction you’ll have with it is dismissing the dialog that shows you the results of the most recent scan, and the occasional alert that it will give you when some other application attempts to make a change to a sensitive area. For example after installing the program, I later made a change to a start-up program. Microsoft Defender presented me with a dialog describing what was happening, and giving me the option to allow, or prevent, the change.

While the spyware scan, real-time, automated or on-demand, is the primary feature of note for an anti-spyware scanner, Microsoft Windows Defender does include some additional, interesting “Advanced Tools”:

  • System Explorers that let you examine, and manage, startup programs, ActiveX controls, Internet Explorer Browser Helper Objects (BHOs), IE settings and toolbars, as well as certain Networking and Windows Shell extensions.
  • Browser Restore is a feature that lets you selectively, or all at once, restore Internet Explorer to its default configuration – quite handy if your browser has been hijacked by malware.
  • Tracks Eraser does what it sounds like: it erases your tracks from a machine in a number of places that you perhaps wouldn’t think of. Internet Explorer’s History is an obvious example, but also included are things like the list of files and folders you’ve opened recently in Microsoft Common Dialogs, the Google toolbar history, recent files in Office, Adobe Acrobat, and much, much more. It’s a surprisingly long list.

As an effective overall package, Microsoft Windows Defender is, in my opinion, the way to go.

If you’re interested in alternatives, or perhaps a second level of anti-spyware program to catch things that the Microsoft product might have missed, I’d point you at these packages:

  • Before running Microsoft Defender, I ran Spybot Search & Destroy which is freeware that does a great job of ferreting out and removing spyware. Spybot is totally free, and includes optional real time protection as well.
  • Lavasoft’s Ad-Aware version 6 is also very popular and another pseudo standard you’ll see recommended frequently.
  • Spy Sweeper from Webroot, appears to be a very complete and professional package.
  • X-RayPc is also a newer tool that I’ve used that also found traces of spyware that the others did not.

If you do choose to install more than one anti-spyware package, be sure to enable real-time protection on only one. Much like antivirus programs, two antispyware programs trying to, essentially, do the same thing at the same time can occasionally cause conflicts.

I’ll also point out HijackThis. It’s a commonly used reporting tool when working with someone remotely who’s experiencing problems. It’s really aimed at the computer geeks, and will list a fair amount of technical information, but it’s free, a quick download, and again, another pseudo-standard tool you’ll see mentioned a lot.

And finally, an additional approach is outlined by Michael Horowitz in his very detailed page on removing spyware.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

19 comments on “Windows Defender”

  1. Hi Leo,
    yah, Ms (giant) antispyware is good, but it is NOT the end-all of AS products…
    my first incarnation was infected by malware, tho a re-install and some judicious registry edits cured that…
    i reccomend the MS anti spy, but ya STILL need Spywareblaster, which will imunize your machine against most malware infections…and Adaware finds stuff that the MS misses, every time….another most excellent freeware program is the Ewido security suite which offers real-time protection for the first 14 days free….then if ya don’t wanna buy it, it becomes like most other freeware scanners…but it finds stuff the first two miss!!
    also excellent is the ASquared software, which finds many kinds of Malware..
    and Spybot Search and Destroy as well will find variants missed by the previously mentioned products.
    NONE are perfect….but these days, trusting your security to just one software can be foolish if you do ANYTHING with personal info on the net…
    personally, i’d reccomend the MS and Adaware, with your choice of spybot and ewido at the least.
    and Spywareblaster is a must…
    ya may also wanna google these programs as well:
    winpatrol, BHO daemon,spoofstick and the most excellent A squared products.

  2. Great site mate (guess where i’m from). Went with ur recommendations after checking elsewhere – lo & behold after installing & scanning with ms a/s,not a single piece of spyware. So I checked settings & did a thorough scan – same result – nothing. I surf the obligatory porn sites, have McAfee security, I share music with limewire (the cleanest of the lot i reckon). I believe the best approach is run AdAware – spybot doesn’t seem to pull anything up but I still use it & also clean up your old files & registry with Toni Arts “Easy Cleaner”. A state of mild paranoia also helps. Easy Cleaner is brilliant – how about your views on it.

  3. Hi,

    I have the following: Spybot-Search & Destroy (along with tea timer), Ad-aware SE Personal, Spyware Doctor (free version), Spywareblaster, & Wnpatrol Scotty.

    However, I don’t like MS Antispyware because it dosen’t protect firefox!!

  4. How do I deleat search history on google drop down bar. I currently use Antispyware Beta1. I’ve tried to use the advanced tools but it keeps telling me it isn’t available. I’ve searched microsoft’s site but I’m unable to find where I can download this tool. If you have any suggestions they would be much appreciated.

  5. Microsoft has never found any item of spyware for me, But, Adaware has found an awful lot, sometimes after Microsoft Beta has been run! Which Registry cleaner is safe for a basic computer user with no real skills? My machine has slowed to a terrible extent since purchased in 2004.

  6. XoftSpy has done wonders for me, finding all sorts of unsavouries in my PC that AdAware, Spybot S&D, and SystemMechanic 6 Pro’s didn’t even hint at.

    An excellent bit of software, all in all.

  7. MSASB-1 has been renamed to Windows defender Beta 2.
    Microsoft also has a malware cleaner, but if you have an anti-spyware you dont really need it.

  8. The above statments in which you comment on the features of microsoft anti-spyware holds true, however, the problem that I am having is using the track eraser. Upon requesting that track eraser removes current info that might be contain in the internet explorers history, the program performs the fuction but the contents that it was suppose to erase are still present. Currently I am using win XP pro, along with mcafee security suite which features virus scan, firewall, privacy, and spam. If you can help me with this dilemma I would appreciate it greatly.
    thank U.

  9. I have just purchased spysweeper version 5.2 with anti virus….some reviews state that Presently, Webroot includes only the On Demand Sophos virus inspection engine to check for and remove file infections. Missing is the Realtime Sophos virus engine that looks for active infections from e-mail, IM, and other vectors. Webroot says that functionality will come later, but it’s a tad misleading to suggest that Spy Sweeper 5.2 with Antivirus is a complete antivirus solution. My question is if I use a free version of avg will that possibly conflict?

  10. I have some qeustions and concearns regarding cell phone spy ware. would the person that installs this on your cell phone physically have phone in his or her possetion for this to be installed.

  11. I have been using windows defender since it came out, it has never found a single problem. I’m not sure if that’s good or bad. I also like the updated spybot but find the tea timer annoying so I disabled it using msconfig. The newer version of the paid AVG also does a good job with spyware.

  12. This is the second application I’ve used tonight after my comp’ being totally messed up…1st task manager locked….2nd redirecting my explorer to misc sites. Fingers crossed I’ll be sorted after a very frustrating day!!

  13. If i download windows defender onto my smartphone(runs windows 6.5) will it stop mobile phone spyware ect?

    No. Windows on your phone is not the same as Windows on your PC.


  14. Hey, i was wondering. I have windows 7 installed on my pc with Sophos anti-virus as well as windows defender.
    Will there be any conflicts between the two ?
    if there are conflicts, what are they most likely to be ?
    And would you recomend what i do, ie get rid of one of them or not.

    Sounds like you have one anti-virus, and one anti-spyware, which is as it should be. I wouldn’t expect conflicts.



Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.