There is no such thing as 100% security. That's why you need a layered defense. No AV catches everything and when their signatures aren't updated fast enough to catch the latest threats, it can be a serious problem. You need something like EMET or Exploit Shield to stop zero day threats cold and HIPS to back it up. Then you have pretty solid protection. One would be a fool to rely only on MSE on their computer.
FYI. New FakeRean / Braviax Rogue called XP Defender 2013, Vista Defender 2013, and Win 7 Defender 2013 released. The Remove Win 7 Defender 2013 (Uninstall Guide) states (emphasis mine):
Yup. Not MSE's fault! This tricky bastard was engineered to terminate any security program at boot-up. MSE couldn't remove it because this virus made sure it couldn't run. It makes changes to the Windows registry that disables security software. This is what I would call the ultimate zero day threat. No AV is made that can stop it. You have to prevent it from being executed in the first place.
Appguard for sure would stop it, I imagine Comodo or Online Armor or Private Firewall would. Of course it wouldn't be an issue with sandboxie, browsing with a limited user account might stop it from installing too. A LUA with parental controls or a SRP would definitely stop it. Nothing new here.
You can sugar coat it all you want but when an antimalware program cannot stop malware then it is the antimalware's fault. You mentioned EMET, Exploitshield and a "HIPS to back it up". EMET is a MS download, just like MSE. Are you claiming that if EMET were a complimentary program or a component of MSE that zero day malware would be stopped? If so, then it is Microsoft's fault (and MSE's fault) for not having people download and install both at the same time. I don't recall seeing a link to a EMET on the MSE download page. In fact, on the MSE page there is a quote in the "overview" tab which states: Does that quote from Microsoft sound like they are recommending a person install additional security software? Or would one be a fool to believe as MS claims that "you don't have to do anything"? Hell it's not like MS needs to be pimping out their product for sales since they are giving the MSE crap away. So is MS giving out incompetent advice, telling their user to just install MSE and you don't have to do anything further? Either way, MSE detection ability is pretty horrible from just about every decent testing organization in existence so it's time to find something else anyway.
Antivirus programs are such a PITA. There's scanning crapola constantly, slowing down web surfing, conflicting with other programs, false positives and, of course, completely missing what they are supposed to catch. There's more trouble in having an av than the aggravation of actually getting infected. I don't foresee even having a real time av anymore. What's really the use? It's better to just use some policy restrictions/sandboxing/disk imaging and just leave the real time/signature pumping/cloud scanning last century strategies off the computer. Maybe have something like HMP for on demand scans and that's about it. Actually looking back over the last 10-12 years I can't think of a single infection I've ever gotten that was more of a pain than running and maintaining the av that was supposed to stop it.
You can install Peerblock or K-9 Web Administration and block dangerous websites from being reached by your web browser. That should be your first line of defense. If it can't be downloaded, then it can't execute. EMET or Exploit Shield is the second line of defense, it will prevent dangerous executables from even running. You third line of defense is your HIPS. It will warn you of anything that looks like its not legitimately meant to be on your computer and give you the chance to block it. Finally, there is your AV, that will clean whatever has gotten past your three defenses. When they are secured with a firewall - and you do regular Windows updates - you can avoid being infected at all. Microsoft never said an AV is the only security solution to Internet threats. It would be great if that was all that was needed. In the real world though, you need to harden your computer and make it very difficult for malware to take over your computer. Part of it is good old fashioned common sense and part of it is running the right software for maximum protection.
I've had like 3 false positives in all the years i've used avast!. With AVG i had like 5-6. I wouldn't say it's that much of a problem...
I agree with you. IMO system hardening, sandboxing and imaging is much better security concept than blacklisting all malware or whole internet. With all those measures in place, on demand blacklisting is more than enough to be secure.
What about the "scanning crapola constantly, slowing down web surfing, conflicting with other programs, [we'll dismiss false positives for the moment] and of course, completely missing what they are supposed to catch." With AVG there's problems, with Avast there's problems. If false positives are not an issue something else will be. Although I kinda liked Avast for a while. AVG never did anything to impress me at all.
Peerblock? K-9? Wow I have never heard of any of those programs. EMET and Exploit Shield? Never heard of those either. What's a HIPS and what's a firewall? Can you tell me what an antivirus program is? Microsoft? Who is that? And what are the updates you speak of? Anymore elementary words and phrases I need to learn this weekend, please let me know. And your last sentence of paragraph one confuses me. You now say that "you can avoid being infected at all" but a few posts above you say there is no such thing as 100% security.
I said with common sense and the right software, you never need to worry about being infected. I am running MSE, a firewall, hardening tools and web filter software and my computer has never been compromised. I also said there is no such thing as 100% security. Its possible someone will write malware that will defeat your entire PC security setup. Nothing in life is guaranteed.
I could have sworn you stated as below: On that note, do you use MSE as only a method to clean infections? It sounds like you don't even expect MSE to catch anything. So why have it running real time taking up resources?
It has cleaned up infections. I have now blocked malware sites from running Active X executables, dropping Trojans and I have prevented them from loading on my computer altogether. MSE can now do its job just in case but my computer is blocked to infective vectors, period.
Bit of a long shot here but could MSE be protected by EMET? I mean to stop malware from terminating MSE.
With the latest update - MSE already has self-protection and can't be killed from the Task Manager. Its unnecessary to protect it with EMET.
Just because you haven't been infected doesn't mean MSE or your current av is working. Staying malware free starts with the the space between the chair and the mouse. Safe surfing is the first step. Unless MSE or your current av is constantly detecting viruses and alerting you of such then you better change your surfing habits of why this is happening.
Problem The last few days probably after the last update a message that antivirus is not activated appears at the logon of Windows XP Home. The message disappears shortly after the automatic update. Any advice?
Re: Problem Is this a message from the Security Center saying it's not detecting an Antivirus, which disappears by the time the system finishes booting? If that's the case it's just a timing issue in my experience and can be ignored.
Its from the Security Center no doubt about it. Just pretty irritating. I think it dissapears after the MSE update and not after the boot completion
