Microsoft Security Essentials 2.0.657.0 Final

Updates aren't only for their business product version; MSE also gets updates more than once a day. For what I could notice, at least 3 times a day: morning, noon and night.

The best way to ensure MSE is always up-to-date, is to schedule a task to update more often.

I agree that AV shouldn't be the first line of defense, but it would also be quite stupid to run an outdated one; I still am trying to figure out why Microsoft decided only to provide 1 update per day, by default, and with no easy way to change it in MSE's UI. It makes no sense to me, because Microsoft's answer to fight malware was/is MSE, so it makes little point to update it just once a day.

 

We can work to help improve MSE by sending loads of samples to MMPC for analysis. Just turn on your VM (or other virtualization software like Shadow Defender and Returnil) and go to MDL or malc0de, then SAVE (do not run) the exe file(s) to your download folder or desktop and then submit the files! With all of us working together like this, MSE's detection would improve by 5-10% (maybe)? (With over thousands of new malware being born every day, the improvement percentage won't increase that much IMO)

 

I'm pretty confident they know about MDL and you don't need to spend your free time doing something they get paid to do.

 

They will probably know about it indeed. But it doesn't matter anyway, since the so-called "malware" on MDL is irrelevant as they ain't threatening consumer's pc's.

 

What do you mean?

 

What antivirus vendors try to do, is protecting the pc's of normal pc users (so not we, Wilders users) against malware which is targeting those consumer's pc's. Most of the "malware" on MDL don't belong to that category. Normal users will never get in contact with those samples, if those samples even survive longer than 36 hours or something.

The buzzword nowadays is "zero-day" malware (which ofcourse ain't zeroday anyway), which is also not the biggest threat for normal users. The biggest threat for normal users are widespread malware, if you look at the all the list of vendors with malware which are most seen, it are all malware samples which already exist for a very long time, and get repacked once in a while.

It doesn't matter if a product scores 99% or 95% on AV-Comparatives, as long as they detect the most prevelant malware.

To avoid possible confusion, this all is just MY opinion. Because of this I am feeling perfectly safe with just Windows 7 Home Premium 64-bit, using an Administrator account and ESET Smart Security.
I have never ever considered using something like HIPS, Sandboxie, Time machine or Instant system recovery type of software or virtualization. It simply ain't worth the hassle in my eyes. Also I have never considered installing a second realtime program. Also I don't have any secondary security program (on-demand or whatever) installed..
Also I would be perfectly fine with using one of the freebies, which would safe me some money. It is just that I am an ESET fanboy, so I do want to support them.

 

MDL contains a considerable amount of exploit links (some still running, others down) every time; malware disguised as codec names, flash player, etc.

These users may not, directly, go look for troubles, but that doesn't mean they won't be served a nice and warm exploit, fake codec, etc. (I actually got one other source only for exploits; I don't base myself on MDL in this matter.)

Example of an user not going to look for troubles and still get them -http://threatpost.com/en_us/blogs/bbc-sites-serving-malware-021611

That was serving an exploit. The URL is not up now. But, it doesn't matter that it isn't up right now; what matters is that people are victims of exploits; they work, otherwise wouldn't exist.

I just finished re-scanning an URL that was already hosting exploits since 2 days ago; still up and running.

 

Totally disagree. Call it zero day, call it new, call it "unknown" by many vendors, but malware starts somewhere and ANY user, can come into contact with "new" or "unknown" malware at ANY time.

If you surf the Internet, receive email from friends, it's very, very easy to come into contact with malware that is either brand new or unknown to your AV product.

This is why multi-layered approaches are good or software that includes some sort of sandbox.

This is pretty much the main reason why I use CIS. And this is why I recommend CIS to friends, family and associates.

 

thats a bit of a paranoid and gross exageration... its really not that common to run into an infected site. ye it does happen occasionally and ther always is a random chance ull run into one, but its not exactly a common occurance when u surf the web. im on the internet pretty often, i visit links thru google, i use google images, i use facebook, i use all the services the common individual would and i dont get bombarded by malware.

 

I'll qualify this by saying I'm no expert. In all the years I've been online, and equal time for my wife, we've been hit a total of 3 times. That's since 1996.

Since breaking down and getting VMware workstation, I've been a bit more brave about going out and trying to find malware, hitting the dark side of the web fairly often. So far, I've found some but not that much and a lot of what I've found has been old. I've even downloaded stuff from sites and most downloads are clean.

It's out there, to be sure, and maybe I just haven't had that much luck. To say it's common though, I haven't found it to be all that common. Still, my regular OS is well protected with a 2 way firewall, mse, and most important geswall.

 

Well, Facebook has been hit and infected many systems out there. If you do searching and simply click links, that can cause all sorts of issues as well. My sister has kids, they use the computer and always manage to find sites that cause issues on their computer.

Just the other day I received an email from my sister actually. She is always sending all sorts of funny sayings, images, etc. This was a joke with a link to the punchline. The link caused fake AV software to be installed. Of course I know what I'm doing, but I bet all the other friends on her mailing list don't. She didn't send the email. Her system was infected and it was sent without her even knowing.

Sorry, but it pays to be paranoid because the Internet if full of predators and malware. It's a fact.

 

You mean just like that? No warnings, no nothing? You just visit the site and poof, you're infected?

 

People don't get hit with TDL, spyeyes and zbot? The help forums do not support your supposition. I watch a LOT of lists and MDL always seems to have the worst of the worst new malware with very little if any junk. If you compare it to other online lists the level of vetting becomes clear.

 

well each person is diff, but in regular browsing i dont run into anything unless ive got a mission in my head to visit everything and anything that looks sketchy

 

No, you click the link and up pops AV software running in the browser and warns you, you have been infected and has a scan now button. You click it and it downloads the "scanner" and BOOM, your system is infected. The scanner keeps popping up, even if you tell it to go away and wants you to purchase "full" protection to remove the infections.

Fake AV is one of the more common malware out there. Any user who doesn't know what they are doing would freak if they saw that and many have pulled out their credit card to buy it and "get rid of the infections".

 

I have had two family members get infected in the past month, and they were not out looking for malware. One with a fake AV, and the other with a adware toolbar & software. Most current AVs stink at catching/blocking that stuff.

 

Then someone with sufficient (minimal?) knowledge on malware could easily just terminate the browser process (es) and move on. Doesn't seem that hard to avoid to me.

 

well to be fair, most people wouldnt think of doing that.

 

Seriously, millions of people fall for this stuff every year. Many people don't know any better.

 

Yeah, I know, but that's the problem, the users are not educated enough in the first place. Learning a few simple things will keep them safer than any security app out there.

 

Yes, that's the problem. The other problem is that they have no one teaching them.

 

Well, realistically it's not going to stop happening. Do you propose making PC security mandatory curriculum in grade school?

 

LOL...yeah, good luck getting my sister, mom or even wife to learn some of this stuff.

Sorry, but getting infected, for normal, average users, happens more often than most people think.

Why else would the security industry be raking in billions of dollars. Not to mention all those security apps out there.

And if security really isn't that big a concern and all of this is so easy, why the hell do all of us spend every day on this forum and download, install and tweak security software?

 

Just saying, we're in 2011, keeping a PC secure isn't really that hard. At the very least for the average teenager.

I don't think security even matters anymore to you guys, it's all about trying out new stuff, isn't it?