MS Security Essentials 2, or a free AV software ?

[crisscross]

Just saw this posted at Av-Comparatives under detection tests. MSE is included again.



On-Demand Comparative August 2011

http://www.av-comparatives.org/images/stories/test/ondret/avc_od_aug2011.pdf

MSE's detection rate is in the toilet. 92.3%. Plus it's a very slow scanner.

Looks like Gdata is the one to get.

 

[lowrider69]

Looks like Gdata is the one to get.

Yep, and Gdata has been scoring well over there for some time now. Avira still has the best detection rates of the free AV software. What annoys me about their stuff is the popup nag ads, don't know if they got rid of that or not. Avast slipped a bit.

 

[Zargon]

avira and and avg avast are annoying as hell to have on the machine, atleast last time I looked at them

 

[mechBgon]

Who trusts Microsoft like me ? and use the green icon on taskbar ms essentials . and a firewall app.

Trusting any antivirus by itself is just not wise anymore. It's a third-string defense at best. If you want a low-impact defense, start by maxing out your UAC settings and using a non-Admin user account (aka Standard User on 7 or Vista), install Microsoft's EMET and configure it like this, disable AutoRun using the Fix-It from this page, and enable Software Restriction Policy in disallowed-by-default mode like this if your version of Windows supports SRP.

Also, uninstall any unnecessary software (Java most of all), get the most recent flavor of the stuff you need (e.g. Adobe Reader 10 versus 9, Flash Player 11 versus 10, etc), and check the rest with Secunia's installable PSI utility. You don't have to have it run at startup, that can be turned off... just run periodic checkups to see if you need some security patches.

Lastly, use a web browser that takes advantage of WIndows Integrity Control and/or sandboxing, which last I checked limited the field to IE and Chrome.


To illustrate why not to trust your antivirus alone, and not to get too bogged down in AV-Comparatives and such... at work, I was setting up Win7 on a server, and I was all Hey, I need the software for the APC Smart-UPS SC 620 uninterruptible power supply. So rather than wade through APC's site, I hit Google and googled the product's page at APC's site.

Then I went there, and was promptly attacked by a BlackHole exploit kit. At APC's site. A safe, normal business site. Being me, I captured the JavaScript file that was used to launch the exploit and submitted it to VirusTotal. Detection rate: 1/43 (it just so happened that Microsoft's engine was the one that detected it, but that's just a roll of the dice). So much for relying on antivirus protection. Too little, too late, too seldom. If you want to be protected in time for it to actually help, see the list of steps I gave above, it's worth far more than AV in today's world. In my case, those steps saved the day for my server setup.


So going back to the original topic, yeah I trust MSE, but as a third-stringer in an overall defense-in-depth approach. The A-game is played by proactive mitigations as described above.

 

[Muse]

On this laptop I'm running Security Essentials Version: 2.1.1116.0. I assume that's what people are calling MSE 2 here, right?

 

[Chiefcrowe]

Yes, that sounds right. That is the version I have.

On this laptop I'm running Security Essentials Version: 2.1.1116.0. I assume that's what people are calling MSE 2 here, right?

 

[lowrider69]

Not relying solely on a AV is a given. With that said I still don't want a AV with a 92% detection rate on my systems, that's just me.

 

[mechBgon]

Not relying solely on a AV is a given. With that said I still don't want a AV with a 92% detection rate on my systems, that's just me.

All good, but I suggest reviewing AV-Comparatives' retrospective/proactive test results for the numbers that will matter more: detection of new, unknown malware. Because the bad guys don't use 6-month-old malware to attack your system and make off with your game keys and stuff. In fact, they may serve up unique samples of the same overall malware to each individual victim. They have that ability.

Microsoft still doesn't top the charts there either, but the peak "right now when it'll actually prevent damage" detection rate is down around 60%. That lines up with my experience as a malware hunter/reporter: http://www.antisource.com/article.php/antispyware-comparisons

 

[Skypix7]

Trusting any antivirus by itself is just not wise anymore. It's a third-string defense at best. ....... The A-game is played by proactive mitigations as described above.

Thank you for taking the time to lay all that out for everybody. I've been playhing the antivirus roulette routine for years, never had any big problems but I will take your advice for my new build which I'm just setting up the OS and protection for now.
Much obliged!

 

[paul878]

MSE is good enough, it is FREE, and it doesn't BOG down you system.
Best of it it could be uninstalled with no problem unlike Symantec.

 

[Muse]

MSE is good enough, it is FREE, and it doesn't BOG down you system.
Best of it it could be uninstalled with no problem unlike Symantec.

I have Windows Virtual PC (XP) installed on my Windows 7 Ultimate 64 laptop and in it I have Avira Antivir Free. In installed Virtual PC because I have a program or two that I like to use that won't run on Windows 7 64 bit. I run MSE in Windows 7. I started the Windows Virtual PC yesterday and Avira was bugging me so I decided to uninstall Avira and install MSE. Every time I went into Add/Remove Programs and tried to uninstall Avira I was kicked out of the virtual machine and it restarted and Avira was still there. I finally gave up. Looks like I'm stuck with Avira in Windows Virtual PC.

 

[IHateMyJob2004]

I have MSE, what is MSE 2? Do I ahve to do a manual update to have it? Or is it an automatic update ttype of thing?

 

[Matt1970]

I have seen PC Tools cause too many problmes. I just had a customers PC in with PC Tools on it and it completely hosed up her machine. MSE, AVG and Avira all seem to work fine for the most part from what I have seen. Avira seems to spam you the most.

 

[Muse]

I have seen PC Tools cause too many problmes. I just had a customers PC in with PC Tools on it and it completely hosed up her machine. MSE, AVG and Avira all seem to work fine for the most part from what I have seen. Avira seems to spam you the most.

I'm amazed that PC Tools still exists. I used to use it on my first computer, a 486DX machine running Windows 3.1. Came on some 5 1/4" floppy disks back when floppy disks were actually floppy.

I am pretty tired of Avira. If I can figure out a way to pry it out of the Virtual PC XP aspect of my Windows 7 64bit laptop, I will do it. The virtual machine just crashes and restarts every time I try to uninstall Avira.

 

[mechBgon]

I'm amazed that PC Tools still exists. I used to use it on my first computer, a 486DX machine running Windows 3.1. Came on some 5 1/4" floppy disks back when floppy disks were actually floppy.

I am pretty tired of Avira. If I can figure out a way to pry it out of the Virtual PC XP aspect of my Windows 7 64bit laptop, I will do it. The virtual machine just crashes and restarts every time I try to uninstall Avira.

I haven't tried this, but can you start your virtual XP in Safe Mode? If so, try uninstalling it that way.

Alternately, nuke the whole VM and make another one.

 

[Muse]

I haven't tried this, but can you start your virtual XP in Safe Mode? If so, try uninstalling it that way.

Alternately, nuke the whole VM and make another one.

I don't know about safe mode but I dug into the shortcuts associated with the virtual machine and came up with the following. One reason I'm pasting it in here is that I figure I won't have access the information once I resume the virtual machine. Evidently it's currently configured to hibernate when I leave it instead of shut down. I figure that shutting it down and starting it fresh may allow me to successfully uninstall Avira. I'll try that first. If that's not working I'll open a browser and look for this post for _instructions_, which won't have hyperlinks, but will probably prove helpful.
- - - -
If a virtual machine is not configured to automatically shut down, you can shut it down manually by following these steps.

To shut down a virtual machine

Do one of the following:

To shut down from an open virtual machine, from the toolbar of the virtual machine window, click Ctrl+Alt+Del. Or, you can press the CTRL+ALT+END key sequence.


To shut down from a running virtual application, make sure the focus is on the application (click or restore it if necessary), and then press the CTRL+ALT+END key sequence.


In the window that appears, click Shut down.

The operating system will go through the shutdown sequence, and the resources will be released from the virtual machine.

To configure a virtual machine so that it automatically shuts down when you close it, see Close a virtual machine.

See Also
Windows Virtual PC
Troubleshooting Windows Virtual PC

 

[Muse]

The same thing happened after shutting down and restarting the VM. I got the idea to deactivate Avira before attempting the uninstall. I got a spontaneous restart like before but this time Avira was gone. I just installed MSE, and am allowing it to scan my system. I suppose things are OK, however I keep getting messages that Windows is recovering from a serious error, am prompted to send the error report to Microsoft, and a browser window pops up with troubleshooting information. This has happened a few times, perhaps it will stop happening now. Anyway, I'm not using the VM much, just occasionally when I need to use a 16 bit program.

 

[nyker96]

I use AVG which does a decent job, also I have a HTTP filter called Privoxy that filters out junks coming through browser. I also use spybot. I think you need multi-layer protection not just one. No one software is that good, at least not yet. As for firewall, the best is definitely Comodo incredible power if you learn to config it manually nothing gets through that sucker.

 

[N4g4rok]

I work at the tech support help desk at a university, and we use the MSE2+Malwarebytes combination for pretty much anything that comes through the door. It's working really well on the Vista/XP Security 2012 malware that's popped up a lot lately.

 

[Muse]

I work at the tech support help desk at a university, and we use the MSE2+Malwarebytes combination for pretty much anything that comes through the door. It's working really well on the Vista/XP Security 2012 malware that's popped up a lot lately.

As is common with a lot of utilities, I go to look it up and it says free but when you get to the page there's stuff about a for $$ version. Is it free or what? 😕

 

[glen]

As is common with a lot of utilities, I go to look it up and it says free but when you get to the page there's stuff about a for $$ version. Is it free or what? 😕

Yes, is it free or what?

 

[lxskllr]

You have to pay for MalwareBytes real time protection, but on-demand scanning and removal is free.

 

[glen]

$24 for real time protection.
Seems worth it to me.

 

[boomhower]

MSE for me. I know how to behave on the net and it's light weight unobtrusive works for me.

 

[Fox5]

Run Linux in a virtual machine and do all your web browsing in that. Should be pretty safe, though a little more annoying.

Personally, I'm ok with MSSE + Firefox w/ noscript for random web browsing, and chrome for sites that I trust and make desktop applications out of (facebook, gmail, a few more google apps).

BTW, even if you're safe about your web browsing, it still doesn't stop the advertisements on a web page from getting hijacked. Those are served up from other domains, and it's a way to infect people without actually doing anything to the web page they're going to. I feel somewhat bad about using noscript and killing most of the ads web sites use to sustain themselves, but the reality of the situation is that those banner ads are security risks.