Microsoft Security Essentials, free Antivirus
#81
The sizzle in the Steak
![Scratch](https://acurazine.com/forums/images/smilies/scratch.gif)
I downloaded, installed and used MSE on my Vista laptop last night with no issues, but the laptop also has Kaspersky Antivirus, Ad Aware and Spybot S&D on it. I generally manually run each program separately, although Kaspersky and Spybot are also real-time.
BTW you should download Malwarebytes.
![2 Cents](https://acurazine.com/forums/images/smilies/2cents.gif)
#82
Sanest Florida Man
Thread Starter
Its generally not a good idea to have two AVs installed. For example running norton and AVG on the same system is gonna bring your system to a halt. I personally wouldn't run MSE and another real-time AV or spyware program.
#83
Registered but harmless
Join Date: Aug 2005
Location: Los Angeles, CA
Age: 59
Posts: 14,845
Received 1,106 Likes
on
764 Posts
Got that too-- just didn't mention. ![Smile](https://acurazine.com/forums/images/smilies/smile.gif)
The Norton suite seemed to suck, so I uninstalled it when the trial period expired. The Kaspersky seems much faster and uses less memory.
I've never had two anti-malware or anti-virus programs catch the same bug simultaneously, whether live or on manual scans, although alerts are pretty rare anyway.
![Smile](https://acurazine.com/forums/images/smilies/smile.gif)
Originally Posted by #1 Stunna
Its generally not a good idea to have two AVs installed. For example running norton and AVG on the same system is gonna bring your system to a halt. I personally wouldn't run MSE and another real-time AV or spyware program.
I've never had two anti-malware or anti-virus programs catch the same bug simultaneously, whether live or on manual scans, although alerts are pretty rare anyway.
![Ponder](https://acurazine.com/forums/images/smilies/ponder.gif)
#85
Event Type: Information
Event Source: Microsoft Antimalware
Event Category: None
Event ID: 1000
Date: 10/2/2009
Time: 10:58:39 PM
User: N/A
Computer: D2
Description:
Microsoft Antimalware scan has started.
Scan ID: {8E466128-0E2C-4304-A3D9-F380291F5A82}
Scan Type: AntiMalware
Scan Parameters: Quick Scan
Scan Resources:
User: anachostic
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Source: Microsoft Antimalware
Event Category: None
Event ID: 1000
Date: 10/2/2009
Time: 10:58:39 PM
User: N/A
Computer: D2
Description:
Microsoft Antimalware scan has started.
Scan ID: {8E466128-0E2C-4304-A3D9-F380291F5A82}
Scan Type: AntiMalware
Scan Parameters: Quick Scan
Scan Resources:
User: anachostic
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
#86
Sanest Florida Man
Thread Starter
Yiggity yo! The beta for MSE 2.0 is live on connect, sign up if you want to try it out.
http://go.microsoft.com/fwlink/?LinkId=197385
http://go.microsoft.com/fwlink/?LinkId=197385
New features in this beta include:
Windows Firewall integration– Microsoft Security Essentials allows you to turn on or off the Windows Firewall during setup.
Enhanced protection from web-based threats – Microsoft Security Essentials integrates with Internet Explorer to provide improved protection against web-based attacks.
New protection engine – The updated antimalware engine offers enhanced detection and cleanup capabilities with better performance.
Network inspection system – Provides enabled functionality to help protect against network-based exploits
Windows Firewall integration– Microsoft Security Essentials allows you to turn on or off the Windows Firewall during setup.
Enhanced protection from web-based threats – Microsoft Security Essentials integrates with Internet Explorer to provide improved protection against web-based attacks.
New protection engine – The updated antimalware engine offers enhanced detection and cleanup capabilities with better performance.
Network inspection system – Provides enabled functionality to help protect against network-based exploits
#88
Suzuka Master
Why can't it integrate with google chrome also
![Sad](https://acurazine.com/forums/images/smilies/sad.gif)
#90
Sanest Florida Man
Thread Starter
FYI the Network Inspection System only works on Vista and higher since it uses Windows Filtering Platform
Just yet another reason that Vista/7 are more advanced and secure OSes than XP, please get rid of that shit!
http://arstechnica.com/microsoft/new...protection.ars
http://www.microsoft.com/whdc/device/network/wfp.mspx
Windows Filtering Platform (WFP) is a new architecture in Windows Vista and Windows Server 2008 that enables independent software vendors (ISVs) to filter and modify TCP/IP packets, monitor or authorize connections, filter Internet Protocol security (IPsec)-protected traffic, and filter remote procedure calls (RPCs). Filtering and modifying TCP/IP packets provides unprecedented access to the TCP/IP packet processing path. In this path, you can examine or modify outgoing and incoming packets before additional processing occurs. By accessing the TCP/IP processing path at different layers, you can more easily create firewalls, antivirus software, diagnostic software, and other types of applications and services.
http://arstechnica.com/microsoft/new...protection.ars
http://www.microsoft.com/whdc/device/network/wfp.mspx
#91
Sanest Florida Man
Thread Starter
I don't see much difference in the next version. Still no previous scan history and the right click "scan with security essientials" context menu add-on is gone, maybe it's just me IDK and the program has a different background.
Actually durrrr, Last scan is at the bottom of the home page and version 1.x has had that too. Maybe they added it with one of the updates and I never noticed.
Actually durrrr, Last scan is at the bottom of the home page and version 1.x has had that too. Maybe they added it with one of the updates and I never noticed.
![](http://i30.tinypic.com/2jdgef6.jpg)
#92
Moderator
Join Date: Oct 2004
Location: Not Las Vegas (SF Bay Area)
Age: 40
Posts: 63,254
Received 2,787 Likes
on
1,987 Posts
shit.. my favorite porn torrent website gave me a notification with MSE about malware ![Sad](https://acurazine.com/forums/images/smilies/sad.gif)
never had any AV software give me a warning about the site.
actually now that i think about it, ive gone there millions if not billions of times in the past and never had anything show up.
anyways im still going to goto the website.
![Sad](https://acurazine.com/forums/images/smilies/sad.gif)
never had any AV software give me a warning about the site.
actually now that i think about it, ive gone there millions if not billions of times in the past and never had anything show up.
anyways im still going to goto the website.
#93
Sanest Florida Man
Thread Starter
shit.. my favorite porn torrent website gave me a notification with MSE about malware ![Sad](https://acurazine.com/forums/images/smilies/sad.gif)
never had any AV software give me a warning about the site.
actually now that i think about it, ive gone there millions if not billions of times in the past and never had anything show up.
anyways im still going to goto the website.
![Sad](https://acurazine.com/forums/images/smilies/sad.gif)
never had any AV software give me a warning about the site.
actually now that i think about it, ive gone there millions if not billions of times in the past and never had anything show up.
anyways im still going to goto the website.
Imma take a wild guess and say firefox!
puretna?
#94
Moderator
Join Date: Oct 2004
Location: Not Las Vegas (SF Bay Area)
Age: 40
Posts: 63,254
Received 2,787 Likes
on
1,987 Posts
#96
Sanest Florida Man
Thread Starter
http://en.wikipedia.org/wiki/Sandbox...uter_security))
In related news Adobe recently announced that they've teamed up with Microsoft and that the next major version of Reader will incorporate this same sandbox technology (Protected Mode as MSFT calls it) in their Reader software! This is great security news as Adobe products are becoming the most popular avenues of attack by hackers. Now the hackers will defnitely turn their sites to Firefox which still won't have this feature in version 4.
http://blogs.adobe.com/asset/2010/07...cted-mode.html
This is the one reason why I tell people not to use Firefox, and sadly it users think they're more secure cause they are using firefox.
![Why Me](https://acurazine.com/forums/images/smilies/whyme.gif)
Last edited by #1 STUNNA; 08-28-2010 at 12:22 AM.
#97
Moderator
Join Date: Oct 2004
Location: Not Las Vegas (SF Bay Area)
Age: 40
Posts: 63,254
Received 2,787 Likes
on
1,987 Posts
![Shrug](https://acurazine.com/forums/images/smilies/shrug.gif)
#98
Suzuka Master
but the chance of any malware being successfully installed and f-ing up your system is much higher with Firefox than IE or Chrome. That's because IE and Chrome are sandboxed from the rest of the system meaning that anything that gets download can't access system files, etc cause they have lower than user rights. While Firefox inherits the user rights and therefore has access to system files and malware that comes through Firefox has access to much more of the system than IE or Chrome which has none.
http://en.wikipedia.org/wiki/Sandbox...uter_security))
In related news Adobe recently announced that they've teamed up with Microsoft and that the next major version of Reader will incorporate this same sandbox technology (Protected Mode as MSFT calls it) in their Reader software! This is great security news as Adobe products are becoming the most popular avenues of attack by hackers. Now the hackers will defnitely turn their sites to Firefox which still won't have this feature in version 4.
http://blogs.adobe.com/asset/2010/07...cted-mode.html
This is the one reason why I tell people not to use Firefox, and sadly it users think they're more secure cause they are using firefox.![Why Me](https://acurazine.com/forums/images/smilies/whyme.gif)
http://en.wikipedia.org/wiki/Sandbox...uter_security))
In related news Adobe recently announced that they've teamed up with Microsoft and that the next major version of Reader will incorporate this same sandbox technology (Protected Mode as MSFT calls it) in their Reader software! This is great security news as Adobe products are becoming the most popular avenues of attack by hackers. Now the hackers will defnitely turn their sites to Firefox which still won't have this feature in version 4.
http://blogs.adobe.com/asset/2010/07...cted-mode.html
This is the one reason why I tell people not to use Firefox, and sadly it users think they're more secure cause they are using firefox.
![Why Me](https://acurazine.com/forums/images/smilies/whyme.gif)
![Big Grin](https://acurazine.com/forums/images/smilies/biggrin.gif)
Does security essentials work with IE to give real time protection? I think I remember reading it did, I know it won't do it with chrome, which sucks. Ohh well I'm still gonna stick to chrome
#99
Sanest Florida Man
Thread Starter
By chance what malware did it say it was? Can you post a screen shot? On Tuesday I dealt with a client that had MSE installed and had gotten a fake MSE pop-up saying it had found an unknown trojan and then when they clicked the "clean computer" button they actually installed malware on to their system. Sneaky. It installed some scareware called "Major Defense Kit" and the Alureon Rootkit aka TDSS which is almost impossible to remove if you don't know what you're doing.
So look into that. Easiest way to see if you're infected is to try and update MSE virus definitions, if you got TDSS it won't let you.
I submitted a couple samples of the Major Defense Kit malware to MSFT and they've already added it to their definitions.
So look into that. Easiest way to see if you're infected is to try and update MSE virus definitions, if you got TDSS it won't let you.
I submitted a couple samples of the Major Defense Kit malware to MSFT and they've already added it to their definitions.
Last edited by #1 STUNNA; 08-28-2010 at 12:51 AM.
#100
Sanest Florida Man
Thread Starter
Interesting, I never knew that about IE or chrome. Didn't know firefox was not up to par with those in security. Good thing I dont have firefox
I basically only use chrome.
Does security essentials work with IE to give real time protection? I think I remember reading it did, I know it won't do it with chrome, which sucks. Ohh well I'm still gonna stick to chrome
![Big Grin](https://acurazine.com/forums/images/smilies/biggrin.gif)
Does security essentials work with IE to give real time protection? I think I remember reading it did, I know it won't do it with chrome, which sucks. Ohh well I'm still gonna stick to chrome
I'll stick to Chrome as well, we'll see when IE9 rolls around if I switchback or not....
#101
Moderator
Join Date: Oct 2004
Location: Not Las Vegas (SF Bay Area)
Age: 40
Posts: 63,254
Received 2,787 Likes
on
1,987 Posts
its Adware:JS/Pornpop.A
i dont think it was a fake MSE pop up.
would a fake MSE pop up turn the MSE task bar icon orange?
i dont think it was a fake MSE pop up.
would a fake MSE pop up turn the MSE task bar icon orange?
#102
Sanest Florida Man
Thread Starter
http://www.youtube.com/watch?v=ZaJPNrf1DPY
#104
Sanest Florida Man
Thread Starter
Ok that was legit. This is the fake pop-up they got
![](http://removal-tool.com/wp-content/uploads/2010/08/Microsoft_Security_Essentials_Alert.jpg)
it looks completely legit, I'd probably fall for it.
http://removal-tool.com/fake-microso...entials-alert/
Only difference between the fake and the real is that fake doesn't have the link at the end of the blurb that says "what do the alert levels mean?" and there's no drop down list in the recommendation field
![](http://removal-tool.com/wp-content/uploads/2010/08/Microsoft_Security_Essentials_Alert.jpg)
it looks completely legit, I'd probably fall for it.
http://removal-tool.com/fake-microso...entials-alert/
Only difference between the fake and the real is that fake doesn't have the link at the end of the blurb that says "what do the alert levels mean?" and there's no drop down list in the recommendation field
Last edited by #1 STUNNA; 08-28-2010 at 01:23 AM.
#105
Moderator
Join Date: Oct 2004
Location: Not Las Vegas (SF Bay Area)
Age: 40
Posts: 63,254
Received 2,787 Likes
on
1,987 Posts
Those assholes...
I'd probably fall for it too.
I'd probably fall for it too.
#106
Sanest Florida Man
Thread Starter
Also notice that the exploit you guys got is attempting to use Java Script (that's what the JS means), make sure your Java is up to date. In fact I'd recommend everyone go to www.ninite.com and click on adobe reader, flash (IE and non-IE), java, silverlight, malwarebytes, and your browser of choice and update all of them to the latest version. I'll do it too.
I do this ALL the time on my clients computers. I must use Ninite at least 2-3 times a day at work. It's a quick and simple way of updating important 3rd party software on a PC.
Seriously.
www.ninite.com
I do this ALL the time on my clients computers. I must use Ninite at least 2-3 times a day at work. It's a quick and simple way of updating important 3rd party software on a PC.
Seriously.
www.ninite.com
Last edited by #1 STUNNA; 08-28-2010 at 01:32 AM.
#107
Suzuka Master
Also notice that the exploit you guys got is attempting to use Java Script (that's what the JS means), make sure your Java is up to date. In fact I'd recommend everyone go to www.ninite.com and click on adobe reader, flash (IE and non-IE), java, silverlight, malwarebytes, and your browser of choice and update all of them to the latest version. I'll do it too.
I do this ALL the time on my clients computers. I must use Ninite at least 2-3 times a day at work. It's a quick and simple way of updating important 3rd party software on a PC.
Seriously.
www.ninite.com
I do this ALL the time on my clients computers. I must use Ninite at least 2-3 times a day at work. It's a quick and simple way of updating important 3rd party software on a PC.
Seriously.
www.ninite.com
Ohh and 2-3 times a day
![what](https://acurazine.com/forums/images/smilies/what.gif)
#108
Sanest Florida Man
Thread Starter
No they don't update automatically. They'll notify when an update is available but you have to click through and install it and in my experience about 99% of people don't install it, they all click "remind me later". Then they never get the updated version that fixes the security hole and then they visit some site that exploits that security hole that they never patched and then I have to come fix their PC.
I do it 2-3 times a day cause I work on a lot of PCs at my IT job. Only once per PC....
I do it 2-3 times a day cause I work on a lot of PCs at my IT job. Only once per PC....
#109
S E L L
Stunna, you ever come across Win32/Unruy.D? It's on an older XP Pro system I have. MSE finds it, sometimes removes it and if it can't it will quarantine, but then the damn thing regenerates upon reboot! ![Rant](https://acurazine.com/forums/images/smilies/rant.gif)
I've tried posting to several malware forums but I don't get any response for some reason.![Annoyed](https://acurazine.com/forums/images/smilies/annoyed.gif)
Any ideas?
![Rant](https://acurazine.com/forums/images/smilies/rant.gif)
I've tried posting to several malware forums but I don't get any response for some reason.
![Annoyed](https://acurazine.com/forums/images/smilies/annoyed.gif)
Any ideas?
#110
Moderator
Join Date: Oct 2004
Location: Not Las Vegas (SF Bay Area)
Age: 40
Posts: 63,254
Received 2,787 Likes
on
1,987 Posts
Do you have a spare hard drive?
Install a clean copy of windows to it & mSE.
Then plug in the infected drive and have the clean computer attempt to clean it.
Install a clean copy of windows to it & mSE.
Then plug in the infected drive and have the clean computer attempt to clean it.
#111
Sanest Florida Man
Thread Starter
Stunna, you ever come across Win32/Unruy.D? It's on an older XP Pro system I have. MSE finds it, sometimes removes it and if it can't it will quarantine, but then the damn thing regenerates upon reboot! ![Rant](https://acurazine.com/forums/images/smilies/rant.gif)
I've tried posting to several malware forums but I don't get any response for some reason.![Annoyed](https://acurazine.com/forums/images/smilies/annoyed.gif)
Any ideas?
![Rant](https://acurazine.com/forums/images/smilies/rant.gif)
I've tried posting to several malware forums but I don't get any response for some reason.
![Annoyed](https://acurazine.com/forums/images/smilies/annoyed.gif)
Any ideas?
Also run Ccleaner to delete your temp Internet files and run malwarebytes too
Last edited by #1 STUNNA; 08-28-2010 at 09:28 PM.
#112
Sanest Florida Man
Thread Starter
here's a bunch of info about that trojan.
http://www.microsoft.com/security/po...:Win32/Unruy.D
which OS are you using?
http://www.microsoft.com/security/po...:Win32/Unruy.D
which OS are you using?
#113
Moderator
Join Date: Oct 2004
Location: Not Las Vegas (SF Bay Area)
Age: 40
Posts: 63,254
Received 2,787 Likes
on
1,987 Posts
he said win xp pro
#114
Sanest Florida Man
Thread Starter
![Doh](https://acurazine.com/forums/images/smilies/doh.gif)
#115
S E L L
Ran Ccleaner and malwarebytes already, no luck. I'll try turning system restore off. Maybe I should delete all the previous restore points too? I know the system will allow all but one to be deleted.
#116
AZ Community Team
Join Date: May 2007
Location: N35°03'16.75", W 080°51'0.9"
Posts: 32,488
Received 7,770 Likes
on
4,341 Posts
I've been running MSE since you recommended it some time ago (might have been the beginning of this thread).
It's worked well. There are two thing I find annoying though:
- If turn off real time protection (i.e. make it a scan only tool) it harasses the crap out you about your system being vulnerable. IOW - you can't say, "OK" and turn off the warning.
- When it auto updates, it's a resource hog; bogs everything down.
It's worked well. There are two thing I find annoying though:
- If turn off real time protection (i.e. make it a scan only tool) it harasses the crap out you about your system being vulnerable. IOW - you can't say, "OK" and turn off the warning.
- When it auto updates, it's a resource hog; bogs everything down.
#117
Sanest Florida Man
Thread Starter
You'll always get a warning when real-time protection is not running on any AV, it's part of windows. That's a windows thing not MSE, if windows detects that there's no real-time AV running from any company whether it be Norton, mcafee, AVG, Avast, Panda, etc it's going to notify you with the red shield.
When you do a clean install of windows for the first time one of the first prompts you get is a notification that no AV is running.
When you do a clean install of windows for the first time one of the first prompts you get is a notification that no AV is running.
#118
and
Kaspersky's Virus Removal Tool --> http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/
in safe mode?
![Dunno](https://acurazine.com/forums/images/smilies/dunno.gif)
#119
Sanest Florida Man
Thread Starter
turning off system restore deletes all restore points
malware often hides in restore points so that it can come back after being removed by AV, turning off system restore stops that.
p.s. you can turn system restore back on after confirming the malware is gone
malware often hides in restore points so that it can come back after being removed by AV, turning off system restore stops that.
p.s. you can turn system restore back on after confirming the malware is gone
#120
AZ Community Team
Join Date: May 2007
Location: N35°03'16.75", W 080°51'0.9"
Posts: 32,488
Received 7,770 Likes
on
4,341 Posts
Also notice that the exploit you guys got is attempting to use Java Script (that's what the JS means), make sure your Java is up to date. In fact I'd recommend everyone go to www.ninite.com and click on adobe reader, flash (IE and non-IE), java, silverlight, malwarebytes, and your browser of choice and update all of them to the latest version. ....
Seriously.
www.ninite.com
Seriously.
www.ninite.com
Nice.
![Thumbs Up](https://acurazine.com/forums/images/smilies/thumbsup.gif)