Microsoft Security Essentials, free Antivirus
I think combofix did the job! 
09-16-2010, 10:07 PM
#164
Sanest Florida Man
Thread Starter
MSE supercedes Defender. It has all the features and more, they use the same definitions so it gets turned off. This is normal....
09-16-2010, 10:35 PM
#166
Sanest Florida Man
Thread Starter
In case you uninstall MSE it's back. MSE might even use some of the same files as defender, IDK.
09-16-2010, 11:47 PM
#167
Sanest Florida Man
Thread Starter
Man I tried to run combo fix and it wouldn't let me! 32bit only FTL!
09-17-2010, 12:15 AM
#168
Sanest Florida Man
Thread Starter
For those using the new beta there is a small issue that I had on a couple of my machines. If after installing the beta the "scan with microsoft security essentials..." option is missing you can easily add it back by running from a cmd prompt with elevated privileges this command, quotes included:
regsvr32 "C:\Program Files\Microsoft Security Client\shellext.dll"
that will add it back right away
regsvr32 "C:\Program Files\Microsoft Security Client\shellext.dll"
that will add it back right away
09-17-2010, 07:15 AM
#169
Go Giants
09-17-2010, 07:35 AM
#170
There used to be a workaround for running 32bit apps in x64 environments. I still use it on windows 2003 x64 actually but it appears to have been removed from win7 
The following code I have in a shortcut opens explorer in 32bit mode on win2k3 x64. I use it to execute some 32bit VB scripts.
%windir%\syswow64\explorer.exe /separate
The following code I have in a shortcut opens explorer in 32bit mode on win2k3 x64. I use it to execute some 32bit VB scripts.
%windir%\syswow64\explorer.exe /separate
10-05-2010, 11:53 AM
#171
Sanest Florida Man
Thread Starter
I came across this today
A nice fake MSE message. The person didn't even have MSE installed or any AV for that matter. It says that iexplore.exe is an infected file and the process name of of the fake AV was hotfix.exe, LOL! now that'd probably fool a n00b tech guy but I laughed when I saw that.
So I opened Process explorer and suspended the process then ran ninite.com installed MSE and it caught the fake MSE and removed it.
I did notice that MSE doesn't scan temp files when it does a quick scan, only full scans. So when i ran malwarebytes and it began scanning the temp files MSE picked up two more infected fake MSE files in the temp folder that it didn't get during the quick scan. but malwarebytes didn't catch those 2 files so that's why I like to run the combo of these two programs, they usually compliment each other.
A nice fake MSE message. The person didn't even have MSE installed or any AV for that matter. It says that iexplore.exe is an infected file
and the process name of of the fake AV was hotfix.exe, LOL! now that'd probably fool a n00b tech guy but I laughed when I saw that.So I opened Process explorer and suspended the process then ran ninite.com installed MSE and it caught the fake MSE and removed it.
I did notice that MSE doesn't scan temp files when it does a quick scan, only full scans. So when i ran malwarebytes and it began scanning the temp files MSE picked up two more infected fake MSE files in the temp folder that it didn't get during the quick scan. but malwarebytes didn't catch those 2 files so that's why I like to run the combo of these two programs, they usually compliment each other.
Last edited by #1 STUNNA; 10-05-2010 at 11:59 AM.
10-05-2010, 01:56 PM
#172
Moderator
Join Date: Oct 2004
Location: Not Las Vegas (SF Bay Area)
Age: 40
Posts: 63,254
Received 2,787 Likes
on
1,987 Posts
10-05-2010, 06:43 PM
#174
Sanest Florida Man
Thread Starter
I don't think so, I'm pretty sure they use the same signatures between MSE, Forefront and Windows Defender.
The current latest version is 1.91.1166.0 which is what I have in the beta version and what's currently posted on this site.
https://www.microsoft.com/security/p...tions/ADL.aspx
Oh yeah that might be a good link for you guys to know about. you can download the latest definitions manually from that site and see the changelog for each definition including new threats it detects and updates to reflect changes in already known threats.
The current latest version is 1.91.1166.0 which is what I have in the beta version and what's currently posted on this site.
https://www.microsoft.com/security/p...tions/ADL.aspx
Oh yeah that might be a good link for you guys to know about. you can download the latest definitions manually from that site and see the changelog for each definition including new threats it detects and updates to reflect changes in already known threats.
Last edited by #1 STUNNA; 10-05-2010 at 06:52 PM.
10-05-2010, 07:06 PM
#175
Sanest Florida Man
Thread Starter
Also I heard it from a good source that the HP Envy Series laptops are shipping with MSE installed!! I wonder if MS is giving them a discount to include it.
For example the PCs I've seen don't come with an Office 2010 Home & Student Trial version like what happened with Office 2007 and 2003, they now come with Office 2010 Starter Edition. Which is Word and Excel only, doesn't have all the features of the pay version and is ad-supported. Anyways Office Starter along with Windows Live essentials, if they're included with Windows on a PC then MSFT sells Windows to the OEM at a discounted price. The more MSFT software they include the more of a discount they get.
I wonder if MSE is now included in this. I think this plan is a pretty good idea, Windows Live Essentials is great software, as is MSE and Office Starter is probably enough for everyday home users and they've always assumed that Windows came with a free copy of Office even though it never did, well now it does!
For example the PCs I've seen don't come with an Office 2010 Home & Student Trial version like what happened with Office 2007 and 2003, they now come with Office 2010 Starter Edition. Which is Word and Excel only, doesn't have all the features of the pay version and is ad-supported. Anyways Office Starter along with Windows Live essentials, if they're included with Windows on a PC then MSFT sells Windows to the OEM at a discounted price. The more MSFT software they include the more of a discount they get.
I wonder if MSE is now included in this. I think this plan is a pretty good idea, Windows Live Essentials is great software, as is MSE and Office Starter is probably enough for everyday home users and they've always assumed that Windows came with a free copy of Office even though it never did, well now it does!
12-16-2010, 02:17 PM
#177
Sanest Florida Man
Thread Starter
MSE 2.0 is now available. However MS removed the IE integration feature due to poor performance. But it still has the network inspection service.
You can download it here or wait for it to update itself.
http://www.microsoft.com/downloads/e...DisplayLang=en
You can download it here or wait for it to update itself.
http://www.microsoft.com/downloads/e...DisplayLang=en
12-16-2010, 03:42 PM
#178
The sizzle in the Steak
What's new in MSE 2.0?
...and is it for Vista and 7 only...or is XP supported?
...and is it for Vista and 7 only...or is XP supported?
12-16-2010, 04:26 PM
#179
Sanest Florida Man
Thread Starter
Windows Firewall integration– Microsoft Security Essentials allows you to turn on or off the Windows Firewall during setup.
New protection engine – The updated antimalware engine offers enhanced detection and cleanup capabilities with better performance.
Network inspection system – Provides enabled functionality to help protect against network-based exploits
New protection engine – The updated antimalware engine offers enhanced detection and cleanup capabilities with better performance.
Network inspection system – Provides enabled functionality to help protect against network-based exploits
Yes it works with XP
12-16-2010, 04:29 PM
#180
Sanest Florida Man
Thread Starter
For clarification the IE integration was only a feature in the first betas of MSE 2 it was never in version 1.0 so you're not losing a feature if you upgrade from version 1
12-16-2010, 04:32 PM
#182
Sanest Florida Man
Thread Starter
Yup! Been doing it for over a year now.
12-16-2010, 04:46 PM
#183
Sanest Florida Man
Thread Starter
The network inspection service requires vista/7 since it uses Window Filtering Platform instead of kernel hooks and wfp came out in vista
12-16-2010, 04:50 PM
#184
The sizzle in the Steak
Cool. Gonna give 2.0 a test drive
12-16-2010, 04:51 PM
#185
Senior Moderator
Terrific app.
But, clearly...Apple's will be better when they make one.
But, clearly...Apple's will be better when they make one.
12-17-2010, 01:28 AM
#186
12-17-2010, 06:50 AM
#187
Go Giants
Installed, seems the same.
12-17-2010, 09:27 AM
#189
Team Owner
Updated mine today. Seems fine. Warning to Mizouse -- you'll have to restart your machine to finish the installation, so you'll probably want to skip it.
12-17-2010, 09:35 AM
#190
Senior Moderator
12-17-2010, 09:49 AM
#191
Sanest Florida Man
Thread Starter
Actually, if you were running the beta of MSE 2.0 then you don't have to restart after upgrading. he might be on the beta.....
12-17-2010, 10:07 AM
#192
Sanest Florida Man
Thread Starter
So here's what's different between the versions besides the cooler look
You can limit CPU usage during a scan
You can now choose to only monitor incoming or only monitor outgoing files. It also has behavior monitoring (aka heuristics scanning) and network inspection service.
You can remove quarantined files automatically after a set period of time
You can now opt-out of spynet for you privacy nuts
You can limit CPU usage during a scan
You can now choose to only monitor incoming or only monitor outgoing files. It also has behavior monitoring (aka heuristics scanning) and network inspection service.
You can remove quarantined files automatically after a set period of time
You can now opt-out of spynet for you privacy nuts
Last edited by #1 STUNNA; 12-17-2010 at 10:13 AM.
12-17-2010, 10:30 AM
#193
I like the limit CPU feature...one thing I can't stand about most AVs.
I'm going to look at some old P.O.S. soon that will probably need that thing on 10% when I install it...right now they have some McAfee paid version on there hogging everything, and I think it's got like 512 RAM
I <3 the side money from easy jobs
I'm going to look at some old P.O.S. soon that will probably need that thing on 10% when I install it...right now they have some McAfee paid version on there hogging everything, and I think it's got like 512 RAM
I <3 the side money from easy jobs
12-17-2010, 10:36 AM
#194
The sizzle in the Steak
Seems to be pretty much the same.
Still missing a scan log.
I like the fact that quarantined items can be deleted at a set time.
Still missing a scan log.
I like the fact that quarantined items can be deleted at a set time.
11-29-2011, 09:29 PM
#195
Sanest Florida Man
Thread Starter
MSE Public beta is now live. The improvements are as follows
Automatically cleaning severe malware is a nice improvement. But you guys better hide your keygen programs. You can exclude files and folders from being scanned to prevent that.
It's back to the 1.0 UI, just like it looks in Windows 8.
You can get it here
https://connect.microsoft.com/site981
This Beta version of Microsoft Security Essentials includes the following new features and enhancements to better help protect your PC from threats:
Enhanced protection through automatic malware remediation: The Beta program will clean highly impacting malware infections automatically, with no required user interaction.
Enhanced performance: The Beta includes many performance improvements to make sure your PC performance isn’t compromised.
Simplified UI – Simplified UI makes Microsoft Security Essentials Beta easier to use.
New and improved protection engine: The updated engine offers enhanced detection with cleanup capabilities and better performance.
Enhanced protection through automatic malware remediation: The Beta program will clean highly impacting malware infections automatically, with no required user interaction.
Enhanced performance: The Beta includes many performance improvements to make sure your PC performance isn’t compromised.
Simplified UI – Simplified UI makes Microsoft Security Essentials Beta easier to use.
New and improved protection engine: The updated engine offers enhanced detection with cleanup capabilities and better performance.
It's back to the 1.0 UI, just like it looks in Windows 8.
You can get it here
https://connect.microsoft.com/site981
12-09-2011, 09:13 PM
#196
I'm currently running the Win 7 firewall on my new laptop that i use for school work. Do you guys think MSE + Win firewall is good enough to handle a malicious PDF? Ive been debating installing CIS, win firewall is set to public at school.
12-09-2011, 09:18 PM
#197
Sanest Florida Man
Thread Starter
To prevent PDF attacks you need to be running Adobe reader X, then.....
That should prevent all known reader exploits.
now for a little advice on how to configure Adobe Reader. Reader like most adobe software is riddled with security holes and they've been getting their ass handed to them as of late on the security front. There are some a couple settings you can change that will help this though.
If you open reader and go to preferences (ctrl + k) and
1. click on "Javascript" and turn off javascript.
2. Then go to "Trust Manager" and turn off "Allow opening of non-pdf file attachments with external applications"
3. choose updates and select the top radio button that says automatically install updates
Now if you're wondering if you should've had a holy shit WTF moment while reading the last two the answer is yes. By default reader allows javascript aka the java exploits I mentioned above to be run via PDF! As are external applications, so you open a PDF and it runs a malicous exe! WTF! Why does reader need to run java or external applications!?!?
I turned these off a few months ago and I'm glad that I did. Recently I was browsing a shady site
and I moused over or accidentally clicked on a flash banner and bam! Reader opens up real fast with a blank PDF and this PDF wants to run Javascript! Luckily I had turned Java off for PDFs and so Reader was waiting for me to approve this PDF to run Java which I of course declined. Then the same thing happened a few days later. I wonder if I had java turned on would that blank empty PDF have even opened or would it have just done it's exploit in the background.
As for downsides, I've yet to see a legit PDF prompt me to run Javascript or open an external application. So please do yourself the favor and turn those settings off.
If you open reader and go to preferences (ctrl + k) and
1. click on "Javascript" and turn off javascript.
2. Then go to "Trust Manager" and turn off "Allow opening of non-pdf file attachments with external applications"
3. choose updates and select the top radio button that says automatically install updates
Now if you're wondering if you should've had a holy shit WTF moment while reading the last two the answer is yes. By default reader allows javascript aka the java exploits I mentioned above to be run via PDF! As are external applications, so you open a PDF and it runs a malicous exe! WTF! Why does reader need to run java or external applications!?!?
I turned these off a few months ago and I'm glad that I did. Recently I was browsing a shady site
and I moused over or accidentally clicked on a flash banner and bam! Reader opens up real fast with a blank PDF and this PDF wants to run Javascript! Luckily I had turned Java off for PDFs and so Reader was waiting for me to approve this PDF to run Java which I of course declined. Then the same thing happened a few days later. I wonder if I had java turned on would that blank empty PDF have even opened or would it have just done it's exploit in the background.As for downsides, I've yet to see a legit PDF prompt me to run Javascript or open an external application. So please do yourself the favor and turn those settings off.
The following users liked this post:
Mizouse (12-10-2011)
12-10-2011, 12:09 AM
#198
bam - done. Thanks for the advice! 
wow, who knew adobe had those settings enabled!
They seem unnecessary for 99% of users.
Im also trying to use googles quick view if its a pdf not from a reputable source as well - let them deal with it / using office live built into skydrive / google docs for excel and word documents i dont trust.
wow, who knew adobe had those settings enabled!
They seem unnecessary for 99% of users.
Im also trying to use googles quick view if its a pdf not from a reputable source as well - let them deal with it / using office live built into skydrive / google docs for excel and word documents i dont trust.
12-10-2011, 12:53 AM
#199
Moderator
Join Date: Oct 2004
Location: Not Las Vegas (SF Bay Area)
Age: 40
Posts: 63,254
Received 2,787 Likes
on
1,987 Posts
i just did it myself. thanks.
12-10-2011, 01:22 AM
#200
Sanest Florida Man
Thread Starter
bam - done. Thanks for the advice!
wow, who knew adobe had those settings enabled!
They seem unnecessary for 99% of users.
Im also trying to use googles quick view if its a pdf not from a reputable source as well - let them deal with it / using office live built into skydrive / google docs for excel and word documents i dont trust.
wow, who knew adobe had those settings enabled!
They seem unnecessary for 99% of users.
Im also trying to use googles quick view if its a pdf not from a reputable source as well - let them deal with it / using office live built into skydrive / google docs for excel and word documents i dont trust.
http://office.microsoft.com/en-us/ex...010355931.aspx