This surprised me today. As I was looking for an e-mail message from my 2005 archives, I ran across a message in my Junk E-mail folder that was clearly some sort of malware. It was from a sender I didn’t recognize, with a subject line that hinted it was a picture in a Zip file.
I opened the attachment to see what was inside and saw that is was an executable file with a filename designed to fool the recipient into thinking it was a picture. Standard stuff, right?
I extracted the file onto the desktop, where I was going to scan it using an antivirus program (on this test system, I don’t have real-time antivirus protection). But before I could do that, this dialog box popped up:
Windows Defender, included with a default installation of Windows Vista, had detected this copy of what turned out to be the Bagle worm and had blocked it with a blood-red warning message.
I don’t normally think of Windows Defender as an antivirus program, but clearly it has that capability, especially for well-traveled forms of malware. I certainly wouldn’t rely on it exclusively, but in this case it did exaactly what it was supposed to do.
Ed Bott 
Gosh!! This seems like a compliment for Microsoft. I have used Defender for sometime. It has stopped 2 or 3 malicious attempts that were not picked up by the highly touted anti-spyware vendors also on my computer. I like Windows Defender.
Just a question… questions actually
why bother with the attachment in the first place, if you knew beforehand that it was malware? Why spend the time to unpack it and scan it at all, with Defender or anything else for that matter? Were you testing WD or your whole security setup? like to see if it was on its toes? I’d have just sent the file to Delete Hell. 🙂
Gord, this is a test system, and I have a couple new AV programs available for Vista, so I was curious to see how they would respond. Normally, like you, I would just press Delete.