Replace Microsoft Security Essentials with A Proper Antivirus?

The problem lies within the end user accepting every term of that new software they downloaded. This also happens to include all sorts of fun programs. Just had to go to my moms to clean out "The Weather Channel App" and several other search security add ons and bullshit from her 8.1 PC I built. They don't visit risky sites, my brother just doesn't pay attention to what he is clicking when he downloads bullshit programs his high school requires him to use for homework assignments. He uses Oovoo for whatever the hell reason and that will install several ask search programs and bars as well as another random program that is a pain to deal with.

Shhhhhhh...all that crapware keeps us IT guys in a job.;)
 
I know that it's not anti-virus or anti-malware detected, but i'm surprised that nobody has mentioned no-script firefox extension. I also run adblock. So with no scriptiong, no plug-ins and no ads, what could possibly come through the browser? (assuming that i'm not downloading anything and just browsing/reading) I add sites to no-script's whitelist that I trust and visit frequently.
In any case, I keep MSE around just in case.

NoScript is like browsing the internet with Godmode on. All the challenge is gone and it's no fun. :p
 
That's because doubling your firewalls and AV's doesn't double your protection. It's like the myth of double condoms, all it does is make it where you can't feel anything and increases the chance it is gonna break.

Sure it may not _double_ your protection but I'd say it is significantly better. One engine's heuristics may not catch a new virus while another might. These guys test and tweak the viruses so that they can get past the big name AV's - pretty tough to get around all of them.
 
For home users, it's not bad. However, messing with the Remote Administration Console and using File Security on the servers lead to a huge mess of instability an insane number of false positives. ESET gives me a massive headache at work.
Ya, I just use it at home and a small network at work.
Behaves nicely in those environments.
What's the preferred corporate stuff these days?
 
After working customer service in the computer department of a well known company, I have come to the realization that the general populace know absolutely nothing about computers or how they work. ITS 2014 PEOPLE! Its downright scary.

There was this lady that came in , that was complaining of viruses, she also said that she got scammed by a website for 2 years and was paying for services that she never even received....for TWO YEARS!

/facepalm
 
MSE has been OK for me, but then again, I don't go to the Outer East Slobovian Gay Transvestite Porn sites either.
 
I use MSE because Avira and Avast were bugging me to buy them multiple times per day. Fuck that.
 
After working customer service in the computer department of a well known company, I have come to the realization that the general populace know absolutely nothing about computers or how they work. ITS 2014 PEOPLE! Its downright scary.

People can't drive and people still think eating fat makes you fat.

People are fucking stupid.
 
Wanna really have fun, If you have Windows 8, search for "7zip" in the windows store. First hit is a redirect for a trojan.

Facebook too. It's kind of ridiculous how many bad apps are there where you are screwed if you aren't paying attention. Last week I ran into an app called facebook. The owner rigged up the score so it had a lot of good ratings but if you look at the 1s you'll see it's a fake. The real facebook app dosn't have a period at the end. I reported it and it looks like it's gone, but I just went back and checked, he just named it facebook- and again gamed the score.

As for the people who keep saying you only get viruses going to bad sites, what about the adwords that was giving out malware on yahoo, cnn, TMZ among others a year ago. Some of those were flash based too, so just blocking ads wouldn't have stopped every case.

The best protection is to run as a non-privileged user which most of us don't. People still complain about UAC, ain't no way they are going to put in a password when a elevated prompt appears. But just doing that alone would have blocked 90% of the exploits that were out last year.
 
Facebook too. It's kind of ridiculous how many bad apps are there where you are screwed if you aren't paying attention. Last week I ran into an app called facebook. The owner rigged up the score so it had a lot of good ratings but if you look at the 1s you'll see it's a fake. The real facebook app dosn't have a period at the end. I reported it and it looks like it's gone, but I just went back and checked, he just named it facebook- and again gamed the score.

As for the people who keep saying you only get viruses going to bad sites, what about the adwords that was giving out malware on yahoo, cnn, TMZ among others a year ago. Some of those were flash based too, so just blocking ads wouldn't have stopped every case.

The best protection is to run as a non-privileged user which most of us don't. People still complain about UAC, ain't no way they are going to put in a password when a elevated prompt appears. But just doing that alone would have blocked 90% of the exploits that were out last year.

Thing is to ruin someone's day you don't need root at all.
 
The problem lies within the end user accepting every term of that new software they downloaded. This also happens to include all sorts of fun programs. Just had to go to my moms to clean out "The Weather Channel App" and several other search security add ons and bullshit from her 8.1 PC I built. They don't visit risky sites, my brother just doesn't pay attention to what he is clicking when he downloads bullshit programs his high school requires him to use for homework assignments. He uses Oovoo for whatever the hell reason and that will install several ask search programs and bars as well as another random program that is a pain to deal with.

When you install any freeware program you have to take your time as they do often have add on's that you can bow out of if you catch them. [they have to make $$ somehow].

I do not recall any programs with avast because they make $$ by selling their pro version plus enterprise.
 
I use MSE because Avira and Avast were bugging me to buy them multiple times per day. Fuck that.

Really? Been using avast for the past 8+ years on multiple computers and I have never ever been prompted to purchase any upgrade.

Something is wrong with your settings. I've installed at default and never had anything bugging me.
 
Would it be more effective to browse the net from a virtual machine running Linux? Does anybody do that? Is that a ridiculous thing to do? N00b asking questions!
 
All my browsing of any sort is done within a VM image that saves no changes on shutdown. I have zero problems. Only thing I do outside of that are windows/NV updates.
 
The best defense is to not run programs from iffy sources. I haven't had a virus in years, due to lack of running suspicious code. Obviously that's not a perfect defense, but it should be the first line of defense.
 
Ya, I just use it at home and a small network at work.
Behaves nicely in those environments.
What's the preferred corporate stuff these days?

From what I understand it's split right now. I do have one client that uses Sophos and I haven't really had any issues with it. ClamAV has treated me pretty well as a free option, but it still makes me nervous in a production environment. My favorite AV (although that's really stretching the term "favorite") would be Bitdefender. It's got a better detection rate than Sophos, but Sophos is easier to manage. Depends on your users and environment I guess.
 
I am using ESET Smart Security 7 which seems rather unobtrusive. Just don't upgrade to Windows 8.1 from 8.0 with it installed, though: a specific file causes the system to go into a perpetual reboot.

Anyway, I just got Mint Debian running in VirtualBox, so I'll see how this goes! Btw, does enabling the 'cut and paste' and 'drag and drop' VM options compromise security? Thnx folks.
 
Antivirus software causes more problems than not having one. You'll end up with false positives. Files being misdetected and deleted for no reason. An antivirus software could destroy your whole system by deleting system files or files for your programs. I've seen a lot of system lose a lot of files due to false positives. No antivirus will protect you from you. You are your own protection. You can't stop someone from shooting their own foot. Like 95% of the viruses come from pornographic websites. Malware is common because people install them themselves without knowing from installing a software they like and clicking next and next and next while it says it will install a third party software. People that don't know what they are doing are going to end up destroying their computer eventually. Thats pretty much the average joe ;)
 
Antivirus software causes more problems than not having one. You'll end up with false positives. Files being misdetected and deleted for no reason. An antivirus software could destroy your whole system by deleting system files or files for your programs. I've seen a lot of system lose a lot of files due to false positives.

MSE is probably the best of the bunch at avoiding false positives and generally not causing problems. If you have only ever experienced Norton or McAfee or the like, AV would certainly feel like nothing but trouble.

No antivirus will protect you from you. You are your own protection. You can't stop someone from shooting their own foot.

No AV can protect against a maliciously stupid user; there are anecdotal examples earlier in thread. That being said, you are not a sufficient protection against malware. Nothing you do will prevent against malware that installs itself from an ad on a trusted site; if you think that never happens, think again - it's happened several times on the very website you are reading now.

Like 95% of the viruses come from pornographic websites.

You are absolutely wrong. Porn sites register so low on the malware propagation list that they don't even make the list. It's one of the leading myths about malware vectors. Sorry, but Puritan schadenfreude does not apply here.
 
There's been several mentions of EMET 4.1 in this thread. Unfortunately, it was completely bypassed several months ago:

http://labs.bromium.com/2014/02/24/bypassing-emet-4-1/

Microsoft appears to be dealing with this in the upcoming EMET 5.0, which was announced a day later. I can't find any evidence that they've done anything but release the technical preview:

http://blogs.technet.com/b/security/archive/2014/02/25/now-available-emet-5-0-technical-preview.aspx

Enable Deep Hooks (not enabled by default) and it's fixed.
 
You are absolutely wrong. Porn sites register so low on the malware propagation list that they don't even make the list. It's one of the leading myths about malware vectors. Sorry, but Puritan schadenfreude does not apply here.

Yeah I don't know why tech people keep saying that crap about getting viruses from Porn sites. It's like they have never used the web.

The virus writers do this to make money. The best way to get the most money and credit card details is to target the over 55's who have the most money but the least PC experience. Not basement dwelling porn hoarders.
 
There's been several mentions of EMET 4.1 in this thread. Unfortunately, it was completely bypassed several months ago:

http://labs.bromium.com/2014/02/24/bypassing-emet-4-1/

Microsoft appears to be dealing with this in the upcoming EMET 5.0, which was announced a day later. I can't find any evidence that they've done anything but release the technical preview:

http://blogs.technet.com/b/security/archive/2014/02/25/now-available-emet-5-0-technical-preview.aspx

While it's a problem, the paper makes the assumption that the hacker already has control of the input. If that happens it's already game over. It's nice that 5 stops it, but I can't help but think of the idiot we all know who is being saved from doing something stupid by their antivirus, but they are so sure, the program is legit, so they disable AV and run it anyways.
 
While it's a problem, the paper makes the assumption that the hacker already has control of the input. If that happens it's already game over. It's nice that 5 stops it, but I can't help but think of the idiot we all know who is being saved from doing something stupid by their antivirus, but they are so sure, the program is legit, so they disable AV and run it anyways.

Plus also it states that the attacker has to actually work in a way that assumes EMET is running. As most people don't even know it exists, chances are they won't.
 
I think we all should switch to Total Defense Internet Security and get a 60 dollar rebate back lol , oh wait fuck my rebate was declared invalid.
 
No admin rights + adblock + noscript + trusted sources for soft + virustotal and you can kiss my ass. No viruses, no security breaches. Who needs firewalls/antivirus anyway. :p
 
Never actually had a problem with malware since taking a few proactive measures.

- Use a decent router with a firewall
- Disable UPnP on said router (prevents automatic port forwarding)
- Browse with Firefox + NoScript + AdBlock
- All machines are Windows 7 or Windows 8, and all use MSE.

You'd be surprised how often NoScript will save your ass. Most casual users hate dealing with NoScript, though (since it means they actually have to think about what they want to white-list)
 
You'd be surprised how often NoScript will save your ass. Most casual users hate dealing with NoScript, though (since it means they actually have to think about what they want to white-list)

NoScript is the greatest addon ever created
 
Never actually had a problem with malware since taking a few proactive measures.

- Use a decent router with a firewall
- Disable UPnP on said router (prevents automatic port forwarding)
- Browse with Firefox + NoScript + AdBlock
- All machines are Windows 7 or Windows 8, and all use MSE.

You'd be surprised how often NoScript will save your ass. Most casual users hate dealing with NoScript, though (since it means they actually have to think about what they want to white-list)

This, also staying away from pirated software helps.
 
I use MSE, and have for years on my home computer.

Many posters are correct, the largest number of infections i have seen have come from flash/java/script based adds.

Over the years I have come to use layered approach and common sense in addition to AV.

1. Stop downloading and running every thing you see.
2. Block all ads (this could almost be number one)
3. Visit sites that are reputable.

I use adtrap on my network as to prevent any users (guests included) are protected.

For people I help (all to often) I use one of he many ad-blocking host files you can find to alias all those ad sites to the loop back interface.
 
I use MSE now because I've found it to be the least-invasive and least-distracting FREE anti-virus. Was using Avast for many years, but grew so weary of its many different layers of 'protection' that all seemed to not talk to one another, or blocked obviously innocuous applications and services, all the while having annoying notifications and sounds enabled by default, or continuing to annoy me to upgraded to their premium service.

I never had real problems with getting viruses because of good user behavior. Honestly, could probably do without AV all together, but it's nice peace of mind to have, and I'm fine with MSE. Though it's clear it's not super high priority for MS--understandably--and I couldn't care less.
 
Back
Top