ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

Windows Security Essentials

<< < (17/28) > >>

Innuendo:
I'm guessing it's a tip of the iceburg Cloud Computing thing. ...Which is not IMO a good sign.-Stoic Joker (October 17, 2009, 02:39 PM)
--- End quote ---

When someone mentions "Cloud Computing" I always picture a dark cloud. Raining on me. :(   Cloud computing seems to me like a method to take away control and choice from the end users.

On the Firewall thing I've yet to see an SPI implementation in a residential class device that wasn't more trouble than it was worth (performance under load = dropped connections).
--- End quote ---

For home use I recommend people seriously look into buying a router that's capable of running one of the community-driven firmware products like DD-WRT, OpenWRT, or Tomato. They're all based on Linux which is a pretty solid foundation to build upon when it comes to firewalls, routing and such.

Sure on the SMB and up comercial side there are some nice devices...but you'll be looking at $500+ on sale of you're lucky which is a bit steep for most folks.
--- End quote ---

Yes, $500...plus who knows how much more for a support contract if you want tech support & firmware upgrades. I used to run a Cisco router here at the house, but a few months ago I moved to a Linksys WRT610N w/ DD-WRT firmware and haven't looked back. I've got all the features my old Cisco had, but on a faster platform that's easier to manage and configure.

IainB:
On the 1st October 2009, I deinstalled AVG (which I had installed some time ago, on my son's advice) and installed WSE (Microsoft's Windows Security Essentials virus/spyware detection program) - just to try it out. It didn't seem too obtrusive.

The other day, I noticed that the WSE tool had been sitting on 50% CPU of my Centrino Duo for several minutes at a time, making the CPU overheat and the fan come on full. (MsMpEng.exe is the AntiMalware Service Executable.) AVG never did that.

So, yesterday I decided to de-install WSE and install AVG again or Avast 9 FREE virus checker. However, before deinstalling WSE I just checked its log.

Surprise, surprise. Seems that WSE had quietly found, identified and removed two "severe" viruses:
    * BrowserModifier Win32-Hijacker.A
    * TrojanDownloader-ASX-Wimad.BD

These were in files that had been sitting around on my hard drive for some time - and yet AVG had never found them.

So I decided against deinstalling WSE, meaning that AVG will have to wait.

Today, before I went out shopping, I started a full disk scan with WSE. It took about 5hrs to complete and it identified 3 more viruses/malwares and removed/quarantined them. This was in files that had been around for a while and which AVG had evidently missed.

I even downloaded again one infected installer file for Unlocker, just to double check. I was curious as to  whether that downloaded file had the virus in it, or whether the virus had been somehow put into it after the file had arrived at my laptop. Well, it was corrupted on download.

Looks like the "more well-known anti-virus companies" - including AVG - might be asleep on the job. Kudos to M/soft on this one.

f0dder:
Looks like the "more well-known anti-virus companies" - including AVG - might be asleep on the job. Kudos to M/soft on this one.
-IainB (October 18, 2009, 10:03 AM)
--- End quote ---
Or perhaps WSE suffering form false positives?

Bamse:
False what?  8) Is this one http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanClicker%3AWin32%2FYabector.gen&ThreatID=-2147338578 I think "severe" category is a bit hefty. Malwarebytes dont like it too though. Besides A-squared, ESET, Norman I dont think anyone cares. "without user consent" is probably the trigger.

IainB, you should change default actions to "Quarantine" from "Recommended" and untick box beneath with "apply recommended actions:...". Go to Settings, Default actions. Is safe and you get option of allowing and chance to know what is going on. First 2 categories (I think, definitely "Severe") are just swept away so if you don't sit at computer you will never know since action is automated. At least untick box so you become the decider, they see that as a security risk 8) File becomes "suspended" and untouchable until you have made up mind. You are not supposed to care, doubt, know but some day it might come in handy not to trust program. Will probably not delete system files but who knows. Unless you check history tab regularly you dont know what MSE has been doing. You might hear cpu fan go off because computer is working hard some minutes but that is it.MSE developers must be brave men because setup can potentially go very wrong  ;D

There is a new AVG out btw. Now has "basic" rootkit protection but not "advanced" Difference is ? The one you used has zero. Not the most interesting infection to get. I read email protection is non working, like in not at all. Speaking of bugs in security software, never stops. If tired of MSE Avast will soon release a new version as well. Looks very promising, news are Behavior shield and I think also much more ip blocking like Malwarebytes. Practically a new program compared to old version 4.

Innuendo:
Or perhaps WSE suffering form false positives?-f0dder (October 18, 2009, 10:22 AM)
--- End quote ---

Yes, I wish Iain had uploaded the files to VirusTotal before deleting them, but I can totally understand his "get these files off my PC *NOW*!" reaction.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version