Microsoft Security Essentials is a useless AV

[broughie]

My sons pc crashed he instals games visits dubious sites etc, I did safemode system restore .He had MSE with real time protection.Ran MSE scan - showed clean . Ran HitMan scan detected 69 infections including a few trojans , ran Mbam showed similar 65 infections & "security hijacks" and removed them . Ran Kaspersky TDSS killer detected rootkit ! ("medium risk" )& removed it .A few different scanners used with clean results.
Finally used Dr Web Cure-it in EPM mode and fakeav detected plus host item cured & deleted.
Rebooted & Hitman & Mbam rescanned clean. Ditched MSE & installed Avast ,boot sector scan found pup . MSE appears not just basic its dangerously useless . thanks

 

[rupeshkj]

Ya its not good my friends Pc was also infected while using MSE!

Well for Free anti-malware product Comodo and avast are good!

 

[Nikos751]

MSE will not be sufficient in this user's case; what he need first, is education on how to keep the PC safe.
It's good to have an updated system (windows update & apps), give attention to User Account Control prompts, not install cracks when it's not needed (even some sites that offer cracks to download are malicious themselves), and if needed do a good research to find out if they are malicious or not, watch out websites visited and links clicked. Although there is always a risk about cracks/websites.
Install one or two addons in the browser (better use Chrome), like WOT, adblock plus, trafficlight.
Uninstall Java if it's there and the user does not use it, it's important.
Secondly, as things do not change from one day to another, I suggest you to keep Avast free AV and enable aggressive hardened mode (it's in antivirus settings section). In simple words, this mode prevents unknown apps from running. Note that this setting might prevent some cracks from running. For more safety you can enable pup (possibly unwanted programs) detection in avast shields.
Also you should know that even after all these scans you did there is probably malware left in the system.

 

[Ink]

The only thing dangerous is the end user (ie. person behind the screen). I've used MSE/WD for about a year with no infections, yet I have visited dangerous sites, downloaded known malicious software. However knowing some basics about PC security, I was able to NOT get the computer infected.

Top tip: Learn something about PC security, else any AV will be useless.

Also most infections can be prevented with a standard user account.

 

[Nikos751]

The only thing dangerous is the end user (ie. person behind the screen). I've used MSE/WD for about a year with no infections, yet I have visited dangerous sites, downloaded known malicious software. However knowing some basics about PC security, I was able to NOT get the computer infected.

Top tip: Learn something about PC security, else any AV will be useless.

Also most infections can be prevented with a standard user account.

Is there big difference between an admin account with UAC set to full than a standard user account?

 

[Littlebits]

It is typical for users to blame their security product when they get an infection but the bottom line is no security product will protect you from your own actions. Learn how to download files safely, always pay attention to UAC prompts (never allow anything that you don't know for sure is safe), keep your software updated and always download your files from trusted sources. When you do get an infection stand up and accept the blame because it is on yourself. Not even the most expensive security products will protect reckless users.

If your son refuses to learn, then he will get infected again very soon, if not already infected again.
Create a limited user account that blocks the ability to install programs that will stop the infections.

If he wants to install a new game, program, etc. Log onto the Admin account and install it for him after checking to make sure that it is safe, then log out of the Admin account and let him log on to the limited user account. Never give him the Admin account password.

My nephew has been using the computer since he was 7 years old, I taught him how to avoid malware by his own actions, when he was 9 years old, I finally had enough confidence to let him have an Admin account on his computer. I went back to check on his computer a year later (only using MSE and Windows Firewall) and he did not have one single infection. So I waited another 2 years and all he had was a few toolbars installed on IE but he had already disabled them. He is now 18 years old and knows to secure his computer and is teaching his friends. He could probably go without having any security products installed and still never get infections.

Learning is the key to keeping your system safe, security products will never do as good as what you can do.

Enjoy!!

 

[Littlebits]

Is there big difference between an admin account with UAC set to full than a standard user account?

The main difference on an Admin account it displays UAC prompts and allows you to choose "approve or deny" on a Standard account (Limited user), it will just display an error saying you don't how Admin rights to run this program. This keeps users from ignorantly clicking approve without knowing what they are doing.

Enjoy!!

 

[Nikos751]

Thanks for replying! I know what happens with admin/non admin account; but my concern is, if a user makes right decisions with UAC in admin account, will there be any difference in the level of security if he used a standard account?
Anyway, it's off topic, so you could reply to me via private message if you want.
quote="Littlebits, post: 167350, member: 146"]

The main difference on an Admin account it displays UAC prompts and allows you to choose "approve or deny" on a Standard account (Limited user), it will just display an error saying you don't how Admin rights to run this program. This keeps users from ignorantly clicking approve without knowing what they are doing.

Enjoy!! [/quote]

 

[moonshine]

MSE isn't really a useless layer of protection if you know what you're doing. I've used MSE for 2 years and I've never been infected during that time period. The point is, for knowledgeable users, MSE should suffice.

The problem here is, MSE isn't as good as other 3rd part security software when used in the hands of an inexperienced user.

 

[Littlebits]

if a user makes right decisions with UAC in admin account, will there be any difference in the level of security if he used a standard account?

No the security level would be the exact same in that case, but with most users who don't know how to make the right decisions the Standard account will offer more security.

Thanks.

 

[sid_16]

Good question and reasonable replies! Why would one rely on 3rd party expensive security products to guard one's system ? Why not MS make a good antivirus built in with the OS or Office 'cos nobody knows anything better than MS itself the security holes or vulnerabilities of its OS/Office... to let the attackers intrude the computer ? Just 2 cents from me. No security product give us 100% protection unless we educate ourselves about the basics of... how to keep our system clean.

 

[woodrowbone]

Educated user or not, just ask yourself this:
What Antivirus,Antimalware product would you as a malware producer/writer avoid first?
Of course everything MS made, and then the biggest names of antivirus products in a falling scale.

/W

 

[zeusc4]

common sense + MSE + MBAM or Comodo IS + common sense

 

[viktik]

common sense + MSE + MBAM or Comodo IS + common sense

common sense + no computer = best security

 

[Littlebits]

Educated user or not, just ask yourself this:
What Antivirus,Antimalware product would you as a malware producer/writer avoid first?
Of course everything MS made, and then the biggest names of antivirus products in a falling scale.

/W

Uneducated reckless users with any AV security setups equals infections.
It doesn't make a difference which products they choose to use.

I have had customers that used paid security suites like BitDefender, Kaspersky, ESET, Avira, Norton, McAfee, etc. that had more infections than some of my customers that just used Microsoft.

Their is no proof that any security product will be able to protect every individual user better than what another product can.

AV tests never are reliable, when I have customers that use the paid products which the highest scores still having more infections than customers that use free products with much lower scores. It all depends on the user's own actions.

Thanks.

 

[illumination]

I was just at a friends house that I had placed CIS on her machine. She has done great with it for the last year, problem is, her kids "teenagers" decided to download a lot of games ect, and while doing so, answered every pop up fro CIS as "allowed"... You can only imagine the mess this system was in by the time i got there..

It does not matter how strong the security, if they are going to continue to "allow" things to get software ect they think they want. If this is your case, i would suggest setting up some parental controls and locking that system down "as well as some home based rules the kids need to abide by to use the system".

 

[Littlebits]

That is the problem with reckless users, if they wont utilize UAC, then they are not likely to use third-party security products effectively either. If there is a way to manually bypass protection by approving or just completely disabling the security product, then that is what they will do to install whether program or game that they want to. No security product is 100% fools proof. The only option to protect these kind of users is a Standard user account which disables to ability to install new programs or run files that change system settings.

Enjoy!!

 

[Deleted member 178]

whistle...WSA..whistle...journaling...auto-rollback..whistle...

 

[woodrowbone]

Uneducated reckless users with any AV security setups equals infections.
It doesn't make a difference which products they choose to use.

I have had customers that used paid security suites like BitDefender, Kaspersky, ESET, Avira, Norton, McAfee, etc. that had more infections than some of my customers that just used Microsoft.

Their is no proof that any security product will be able to protect every individual user better than what another product can.

AV tests never are reliable, when I have customers that use the paid products which the highest scores still having more infections than customers that use free products with much lower scores. It all depends on the user's own actions.

Thanks.

Just as an example, if this is what I think it is, is does not matter how reckless or not your users are:

http://rdgsoft.blogspot.se/

I posted about this nasty tool before here in the forum, asking if anyone heard of it, but it seems like you use it for making malware and avoiding Antimalware products.
Does anyone have more info regarding this Tejon tool? It seem too nasty to be true...



/W

 

[Littlebits]

Just as an example, if this is what I think it is, is does not matter how reckless or not your users are:

http://rdgsoft.blogspot.se/

I posted about this nasty tool before here in the forum, asking if anyone heard of it, but it seems like you use it for making malware and avoiding Antimalware products.
Does anyone have more info regarding this Tejon tool? It seem too nasty to be true...



/W

Yes I have heard of it before, it can bypass any (software level) security products even HIPS and virtulation but UAC can block it at the OS level. This is its homepage- http://rdgsoft.net/tejon.html

It requires to "Run as Admin" in order to bypass software security products, this is a good example why UAC is so important.
Even though it claims to bypass UAC on Vista, I seriously doubt it can unless the user allows it to run. The only report of UAC getting bypass was on a Beta version of Vista which was fixed on the final release and then was also enhanced by service packs.

However it is very rare that malware writers would use these methods unless targeting a large business, military or government agency.
Malware that affects home users usually don't try to bypass security products, they work on the user's own ignorance to be successful.
Of coarse zero-day malware is usually not detected by signature-based AV's but other detection features can still stop some of it.

Enjoy!!