As was foretold, we've added advertisements to the forums! If you have questions, or if you encounter any bugs, please visit this thread: https://forums.penny-arcade.com/discussion/240191/forum-advertisement-faq-and-reports-thread/

[Computer Security Thread] EAC stands for "Easily Accessible Compromise"

2456795

Posts

  • MKRMKR Registered User regular
    edited December 2009
    I still keep IE updated for security reasons despite never using it. How did you present the idea? Did you just flat out say "You should install IE," or did you make an effort to explain that IE is pretty tightly bound to the OS and is potentially a security threat whether it's used or not?

    MKR on
  • Dark ShroudDark Shroud Registered User regular
    edited December 2009
    I started talking about security first and then onto IE & why it should be upgraded. People then agreed with me. Still a number people would then start talking about how firefox was so much more secure and I was foolish for not using it.

    Getting people to stop using IE6 is something we can all agree with.

    Also since the release of IE7 & Vista MS hasn't so intertwined IE & OS. With Win7 IE is not integrated into the OS at all.

    Dark Shroud on
  • MKRMKR Registered User regular
    edited December 2009
    Well those people are idiots. FF is still a decent browser. :rotate:

    I do recognize that newer IEs are better than older versions though.

    MKR on
  • stigweardstigweard Registered User regular
    edited December 2009
    IE 8 libraries in Win 7 are still tightly integrated to the os. However, it is possible to completely remove the ability to run IE 8, including the executable. The shared libraries remain, or apps like steam and windows explorer wouldn't work.

    One of the largest vectors of attack for IE is activex. MS did right by enhancing the control and usage of it to make the browser more secure. Things like per site activex and preventing controls from getting admin access go a long way to making ie more secure. I haven't checked into what other things they have accomplished because I am no longer really interested in it as an application. It took too long for them to get their act together so I limit my knowledge on it to what I need for work.

    stigweard on
  • Dark ShroudDark Shroud Registered User regular
    edited December 2009
    stigweard wrote: »
    One of the largest vectors of attack for IE is activex. MS did right by enhancing the control and usage of it to make the browser more secure. Things like per site activex and preventing controls from getting admin access go a long way to making ie more secure. I haven't checked into what other things they have accomplished because I am no longer really interested in it as an application. It took too long for them to get their act together so I limit my knowledge on it to what I need for work.

    With IE7 MS changed the default settings so IE would no longer auto run ActiveX. In IE8 on Win7 the settings have changed a bit but it remains the same, you're prompted to run installers first and then you still have to allow them to run after they're installed. And by default the ActiveX are required to be signed to even prompt for install or activate. Basically ActiveX is not the giant target it once was by a long shot.

    In IE6 I used to easily change the ActiveX settings to prompt so ActiveX controls from web sites couldn't run automatically on the PCs. IE7 made securing things faster & easier. I also use a reg hack to speed up IE's rendering speeds. http://enhanceie.com/ie/tweaks.asp

    Dark Shroud on
  • TetraNitroCubaneTetraNitroCubane The Djinnerator At the bottom of a bottleRegistered User regular
    edited December 2009
    Greenish wrote: »
    Id also like it if Smitfraudfix were on the list. This little prog is a dynamo when it comes to getting rid of browser hijacks and those fake anti-virus programs. But like Combofix, do your homework and know exactly what you are getting rid of before you use these tools.

    Smitfraudfix and Combofix have been added to a new Anti-Malware category called 'Removal tools'. I also included a link to ESET's list of standalone removal tools, which includes a Rogue AV Remover. Chatter on Wilders is that the Rogue AV tool isn't great for day-0 stuff, but older threats it might be effective for.
    Starfuck wrote: »
    I'm not as tinfoil-hatish as I used to be, but one place I would frequent quite a bit was Wilders Security Forum. I used to use a lot of DiamondCS software as well. These days, I just run MSE and use webmail so I don't download something I don't want.

    I peruse Wilders on a regular basis myself, and believe me when I say that it's very much a place for the tinfoil hats! My paranoia jumps a level or two just reading their forums. Still, it's a really good source of information, if you can separate the wheat from the chaff.

    TetraNitroCubane on
    VuIBhrs.png
  • FingerSlutFingerSlut __BANNED USERS regular
    edited December 2009
    Most routers these days come with a pretty decent firewall.

    AVG had an identity crisis and became bloat ware.

    All the security in the world cannot protect stupidity. A reasonable effort at trying to remain secure should protect most people out there.

    FingerSlut on
  • TetraNitroCubaneTetraNitroCubane The Djinnerator At the bottom of a bottleRegistered User regular
    edited December 2009
    Not an update, per say, but I just wanted to say how impressed I am with ComboFix. I had my first opportunity to deploy it when I had to do a little computer clean-up for family I was visiting over Christmas, and reformatting was not an option to fix things up. I still feel the 'nuke it from orbit' approach is the best, but Combofix + MBAM seemed to do an excellent job. Very nice little utilities, when used appropriately.

    TetraNitroCubane on
    VuIBhrs.png
  • Dark ShroudDark Shroud Registered User regular
    edited January 2010
    10 Most Vulnerable Software Apps of 2009

    Even though it wil ltake a little time check out the comments. Some of them are truely great.

    Dark Shroud on
  • stigweardstigweard Registered User regular
    edited January 2010
    10 Most Vulnerable Software Apps of 2009

    Even though it will take a little time check out the comments. Some of them are truely great.

    None of those are surprising. Adobe has had insecure products for years and all the of the video players are targeted because it is a very easy entry point. It's far too easy to get someone to watch a free clip of porn (graphic violence, accidents, sex, etc...). Peal player in particular has always had a pos, insecure code base. Quicktime for windows was awful for the longest time as well. WMP had several open vectors for the longest time until MS started getting their act together. I can't think of a player out there, other than the unpopular, non internet streaming versions that didn't have some vulnerability.

    Sans has an informative article detailing how application holes are now outnumbering os holes and why it could be bad news.

    On another topic, MS is being a bit shady regarding Windows 7 security. If you go through the list of security advisories there are plenty there that affect vista x64 sp2 but have no listing for Win7. If you dig further into the actual advisories, each one will be patching multiple vulnerabilities (MS has done this for ages, possibly to group like vulnerabilities as well as lower the number if issues they have to make), and if you check those lists, Win7 will be listed, but with no advisory links (ms-whatever articles). If you go to a site like the one listed above, you won't see any vulnerabitlities for Windows 7 relating to Kernel or IE8, but they do exist.

    stigweard on
  • TetraNitroCubaneTetraNitroCubane The Djinnerator At the bottom of a bottleRegistered User regular
    edited January 2010
    I went ahead and added those links to the news section. Thanks guys - Both are very good reads, and they emphasize a point about security that's unfortunately being overlooked these days: Patching the applications is becoming just as important as patching the operating system. The idea that an operating system is impenetrable is silly. I don't care if you're running XP, Windows 7, Snow Leopard, or any flavor of Linux, if you're running a vulnerable application you're going to get burned regardless.

    If I could give an aware for biggest security headache of the year, I'd give it to Flash, specifically for allowing the advent of malvertisments.

    I think there's some really bad misconceptions out there that the operating system is the only thing that matters. I've heard more than one person go on about how 64-Bit Windows 7 is safe because there are "no viruses" for it. And I had a very unpleasant conversation with a friend of mine this past weekend that basically started with his saying, "Oh, I can't get Phished. I use a Mac."

    TetraNitroCubane on
    VuIBhrs.png
  • TetraNitroCubaneTetraNitroCubane The Djinnerator At the bottom of a bottleRegistered User regular
    edited January 2010
    Sorry for the double-post, but today's ESET Blog entry seems very pertinent to the current discussion of application vulnerability. It deals with the recent Adobe holes that won't be fixed until 1/12 or so. Here's some decent info from the post, in terms of what you might consider for staying safe:
    • If you're using Adobe Reader and/or Acrobat, you need to ensure that this patch (and other patches) are applied as soon as possible after they become available.

    • Note that Adobe's patching practice is not yet as timely or as transparent as it ought to be: if you don't have administrative privileges (which is good practice in terms of the "principle of least privilege", you may not even receive notice of the availability of a patch, let alone be able to install it.

    • If you've taken our advice to disable Javascript unless you know you need it, you might want to check that it hasn't been re-enabled! If you haven't disabled it, you should consider it. Seriously.

    • In view of Adobe's habit of making it as difficult as possible to use the product with reasonable security, are you sure you need to use Reader? (I understand that you might find it less than convenient to dispense with full-blow Acrobat for business use.) While I wouldn't care to recommend any particular alternative product without doing some comparative research, it has to be worth considering alternatives such as Foxit and Sumatra, or one of the cheaper PDF generation programs.

    TetraNitroCubane on
    VuIBhrs.png
  • travathiantravathian Registered User regular
    edited January 2010
    I use Foxit simply due to Adobe's piss poor track record when it comes to security. I've found a few pdfs with graphical glitches when opened in Foxit, but for the most part it seems to work well.

    travathian on
  • TetraNitroCubaneTetraNitroCubane The Djinnerator At the bottom of a bottleRegistered User regular
    edited January 2010
    In additional news today, in a shocking reversal of position, tzuk (author of Sandboxie) reversed his strong stance against x64 versions of windows and released a new 64-bit compatible version of the sandboxing application. I surmise it's still in the early stages, but for those of you interested, you can pick it up and read the ensuing discussion here.

    Tzuk has been firmly against x64 Vista and Windows 7 for their inclusion of PatchGuard, and prior to today has claimed implementing Sandboxie on those platforms would not be possible/worth his time.

    TetraNitroCubane on
    VuIBhrs.png
  • TetraNitroCubaneTetraNitroCubane The Djinnerator At the bottom of a bottleRegistered User regular
    edited January 2010
    An interesting point about routers: They are an excellent addition to any security setup, and provide a good layer of hardware protection. However, they are not invulnerable by any means.

    Hacker pierces hardware firewalls with web page

    Router attack discussion on Wilders

    By and large this type of attack is uncommon these days, but as time goes on I have a suspicion that this technique will become more prevalent. Silent router infection seems like a sweet plum for Phishers, so I'd except them to jump all over it. So, in the meantime, remember that 'admin' is not a secure password.

    TetraNitroCubane on
    VuIBhrs.png
  • stigweardstigweard Registered User regular
    edited January 2010
    I'm not sure Kamkar's hack is all that impressive. The default behavior of all upnp enabled routers is to allow and open ports if they were requested by the local machine. All he's done is exploit it by using the browser. I'm not even sure it is a new idea. Of course, I could be reading it wrong.

    stigweard on
  • TetraNitroCubaneTetraNitroCubane The Djinnerator At the bottom of a bottleRegistered User regular
    edited January 2010
    Just a note: I added Hitman Pro to the rootkit detector section of software. It's been talked up a lot on Wilders for its cloud based protection and multi-engine capacity.

    Aside: Firewall maker Comodo seems to have landed itself in some trouble a while ago, and I'm only now learning about it. An article from May of last year seems to indicate that Comodo have engaged in sale of SSL certificates to know malware distributors. Additional bundling of the ASK toolbar apparently had them classified as malware by some vendors.

    I'm torn - I certainly don't want to leave Comodo on the list if they're being underhanded, but I'm not sure if this is FUD or not. Any opinions?
    stigweard wrote: »
    I'm not sure Kamkar's hack is all that impressive. The default behavior of all upnp enabled routers is to allow and open ports if they were requested by the local machine. All he's done is exploit it by using the browser. I'm not even sure it is a new idea. Of course, I could be reading it wrong.

    It's very likely to be old hat, and I'll admit that I don't quite understand all of it myself. I just found it interesting, since lately there's been a lot of talk about attacking the router as opposed to attacking any system. Most end-users have access to software that allows them to check their system for infection, but checking a route might be more difficult for them.

    Still from what I understand, this attack still requires you to open the door, so to speak, to let the intrusion occur.

    TetraNitroCubane on
    VuIBhrs.png
  • SosSos Registered User regular
    edited January 2010
    Just wanted to let you fellas know. I had some computer trouble the past few days where system restore was not an option. I happened to find this thread and overcame my problem.

    The OP was very helpful along with the pages of comments for semi-computer literate shmucks like me.

    In short: Thank y'all.

    Sos on
  • TetraNitroCubaneTetraNitroCubane The Djinnerator At the bottom of a bottleRegistered User regular
    edited January 2010
    Sos wrote: »
    Just wanted to let you fellas know. I had some computer trouble the past few days where system restore was not an option. I happened to find this thread and overcame my problem.

    The OP was very helpful along with the pages of comments for semi-computer literate shmucks like me.

    In short: Thank y'all.

    As a semi-computer literate schmuck myself, I'm very glad that the thread was of assistance! If there's anything about the OP you'd like elaborated or felt needed highlighting/clarification, please don't hesitate to give feedback.

    Unrelated news: Seems like the nasties are at it again hijacking Google Ads. In this latest bit of news they used Google Ads to lure people to a Fake CNET Download.com page, with the promise of downloading the latest version of WinRAR. The files served, of course, weren't what was expected. A full copy of WinRAR was installed, but infected executables that did some nasty things to HOSTS files, dropped some malicious files. It's actually pretty goddamn crafty - The malicious files start spamming the user with pop-up boxes that contain a keyword. Searching the keyword online will verify to the user that infection has occured, from various forum posts and whatnot. However, when the user then searches for a solution by visiting security vendor sites, the modified HOSTS file redirects them to rogue A/V software, instead of legit solutions.

    The larger point here is that social engineering once again emerges as the favored tool of the malware author. All the security software in the world can't do much to protect against user consent. My over paranoid advice on this point is: Always be aware of what domain you're visiting. Also, ignore Ads all together. Since this was a Google Adword sponsored link, I'm unsure of whether or not Noscript would have been of any help.

    TetraNitroCubane on
    VuIBhrs.png
  • TetraNitroCubaneTetraNitroCubane The Djinnerator At the bottom of a bottleRegistered User regular
    edited January 2010
    Sorry for yet another double post.

    Adobe finally patched Acrobat and Reader yesterday. If you're using those products, gogogo right now and patch them.

    The gaping vulnerability was bad enough to begin with, but the literally weeks of lag time until the patch was issued seems like fantastic motivation to move away from Adobe. Unless you're locked into Acrobat, I'd highly recommend an alternative PDF viewer.

    TetraNitroCubane on
    VuIBhrs.png
  • theSquidtheSquid Sydney, AustraliaRegistered User regular
    edited January 2010
    What irritates me is that on Windows Foxit Reader is rapidly becoming as bloated and annoying as Adobe Reader. What I want is a Windows version of epdfview.

    theSquid on
  • FatsFats Corvallis, ORRegistered User regular
    edited January 2010
    I've been happy with Sumatra for PDF purposes. I'm not sure what drove the Foxit folks to shit all over their software but the last version I tried was really bad.

    Fats on
  • Dark ShroudDark Shroud Registered User regular
    edited January 2010
    Yeah I used to install Foxit for everyone but I now I almost don't care. The only reason I still bother to is because of Adobe's security issues.

    Dark Shroud on
  • theSquidtheSquid Sydney, AustraliaRegistered User regular
    edited January 2010
    Fats wrote: »
    I've been happy with Sumatra for PDF purposes. I'm not sure what drove the Foxit folks to shit all over their software but the last version I tried was really bad.

    I just looked that up, and being Polish may I just give some fucking respect to the astounding Polishness of the author's name.
    Sumatra is written by Krzysztof Kowalczyk

    Motherfuck.

    theSquid on
  • EnderEnder Registered User regular
    edited January 2010
    So, I had a trojan (2 actually, fuckers) on my system, and am reasonably certain I have cleaned them off my system. However, it seems that after finally wresting my system back from them, they somehow locked my internet access.

    Now, no program I have can access the internet. Firefox just comes up with the "cannot connect" message, or just a blank page. Nothing else can connect either.

    Now, I'm no networking guru, but I've checked out what I can on my network, and there doesn't appear to be any reason why it's not working. I'm stumped.

    As an aside, I also can't reach my router from this computer. Just a blank page in Firefox when I try 192.168.1.1.

    I'm going to try the Safe Mode scans and such to see if there's anything else causing problems, do you think this will work? Does anyone else have an idea as to how they might have disabled my internet and how I can fix it?

    Ender on
  • TetraNitroCubaneTetraNitroCubane The Djinnerator At the bottom of a bottleRegistered User regular
    edited January 2010
    Ender wrote: »
    So, I had a trojan (2 actually, fuckers) on my system, and am reasonably certain I have cleaned them off my system. However, it seems that after finally wresting my system back from them, they somehow locked my internet access.

    Now, no program I have can access the internet. Firefox just comes up with the "cannot connect" message, or just a blank page. Nothing else can connect either.

    Now, I'm no networking guru, but I've checked out what I can on my network, and there doesn't appear to be any reason why it's not working. I'm stumped.

    As an aside, I also can't reach my router from this computer. Just a blank page in Firefox when I try 192.168.1.1.

    I'm going to try the Safe Mode scans and such to see if there's anything else causing problems, do you think this will work? Does anyone else have an idea as to how they might have disabled my internet and how I can fix it?

    There are a couple of possibilities here, and I'll admit this is really perplexing. Some ISPs will sever your connectivity if they detect you've been infected, but they'll usually let you know right away by some means. Also, the fact that you can't contact your router is more unsettling. This seems almost contrary to the MO of most infections these days - if you're truly cut off from the net, then there's no potential to get anything of value from you. I think there's a chance you might've been hit by one of these nasty polymorphic bugs (something like Vundo or Virut), which tend to damage the system indiscriminately. Do you remember what the infection was, when you rooted it out?

    If you don't want to rebuild the system, there are a couple of options. Starting with a MBAM scan (normal mode first, then in safe mode afterward) is probably your best bet, then follow up with an AV scanner like MSE - But without net access it's going to be hard to update the defs. If you think something is lurking on there still (I mean, if you're really sure), you might throw Combofix at it, which has the added advantage of not needing up to date defs. Just be careful with that piece of kit. It's strong medicine.

    Running ESET's Sysinspector might give you a good idea of deeper issues. It's hard to parse, though, if you're unfamiliar with the software. It's like Hijackthis on steroids. The advantage to looking at Sysinspector is that it will examine your HOSTS file on a per-entry basis, basically looking for any redirects. It's a common trick that malware uses, though usually it doesn't point you toward a blank page.

    I'm going to issue a warning here (and bold it for emphasis): You're obviously going to have to use a USB stick or some other means to get the files onto the afflicted computer. If you're still harboring nasties on there, you have a high chance of infecting that USB stick when you do so. I'd recommend burning a CD instead.

    Lastly, and most importantly, I'm going to go ahead and recommend that you take the easy route out if you can. If you are willing: Forget the headache, forget what I said above. Back up your files, reformat the system, reinstall. It may prove easier in the long run. EDIT: In fact, if you indeed were hit by trojans, I'd recommend this course of action from the start.

    TetraNitroCubane on
    VuIBhrs.png
  • travathiantravathian Registered User regular
    edited January 2010
    I wonder if the virus/trojan messed with his hosts file. It may be set up to block all traffic except that which leads to a malware server of some sort.

    I am under the impression that when an ISP cuts you off that all addresses will resolve to page stating this along with instructions on how to get help.

    travathian on
  • GreenishGreenish Registered User regular
    edited January 2010
    Do tetra's suggestions first but it they don't work try these suggestions in order:

    1.Run a system scan for a file called hosts (no extension). Make a backup copy first then open the original file in notepad. Delete anything but the first line which should start with localhost. If you don't find anything out of the ordinary delete the file you just changed and restore your old hosts file.

    2. Make a system restore point, and try downloading and running the tool called WinSockFix.

    3.Restore the point and do a recovery install with your windows disc.

    4.If you get here then you are better off just wiping windows and starting from scratch.

    Greenish on
  • EnderEnder Registered User regular
    edited January 2010
    Thanks a ton for the responses guys. I'll be giving all of them a try when I get home tonight.

    I'm always hesitant to go the format and reinstall direction because I'm afraid I won't be able to find a driver disc or something, and end up with an expensive paperweight. :P

    But it sounds like that might be the best solution at this point, so I'll give it a whirl after trying a few things.


    EDIT: oh, and I'm certain my ISP hasn't cut me off, since my other computer (connected to the same router, but with no viruses whatsoever go figure) connects just fine. I disconnected it from my network just in case, though.

    Ender on
  • stigweardstigweard Registered User regular
    edited January 2010
    A common piece of malware was around last year that took over dns of your machine by adding a fake dns server with a virtual driver in your network settings. It was a little bastard because it could take down an entire network by poisoning the dns. Check the tcp / ip settings of your network card (right click and choose properties on the network icon in network under control panel) to make sure it isn't that.

    Open a command prompt, check your current ip settings (ipconfig /all) and make certain they jive with what the router should be giving you. Make sure the gateway, netmask, and dns servers are all correct. Then ping the router. If you can get that far, chances are it is something simple like proxy settings / hosts file take over. Check the proxy settings in your apps (internet options in control panel so you don't accidentally load a bad IE activeX control) and tools -> options -> advanced tab -> network tab -> settings button and make sure there are no proxy settings in there.

    Failing those, I would try the above - winsockfix, etc... However, I would also destroy all restore points before making a new one. Plenty of malware likes to hide there. Boot to safe mode, scan the system, disable the system restore to wipe it, and then boot normally, and turn it back on.

    stigweard on
  • TetraNitroCubaneTetraNitroCubane The Djinnerator At the bottom of a bottleRegistered User regular
    edited January 2010
    Not a huge update, but I added a tool called RKill to the Anti-Malware list under 'Malware Killers'. Basically, it's a tool that will terminate known malware processes, which may be actively preventing other tools and cleaners from launching. It comes in four different flavors, so that if the .exe is blocked by malware, you can try the .com, .scr, or .pif instead.

    Note that it's not a cleaning tool, but rather one that will allow the launch of other cleaning tools in difficult cases and infected systems.

    TetraNitroCubane on
    VuIBhrs.png
  • Lord JezoLord Jezo Registered User regular
    edited January 2010
    Question..

    I am currently using W764bit with Avira 32 bit 9 free.

    Should I stick with it or switch to MSE?

    Lord Jezo on
    Clipboard03.jpg
    I KISS YOU!
  • Dark ShroudDark Shroud Registered User regular
    edited January 2010
    Lord Jezo wrote: »
    Question..

    I am currently using W764bit with Avira 32 bit 9 free.

    Should I stick with it or switch to MSE?

    If you're using the free version you can go ahead and switch. MSE will be less of a hassle to you.

    Dark Shroud on
  • DrIanMalcolmDrIanMalcolm Registered User regular
    edited January 2010
    So I can't click on the task manager icon at all (not through ctrl+alt+del or by right-clicking the time in the corner) and I'm fairly certain that I didn't cause this. Anybody know how I can fix this? I'm ran an AVG scan and I'm running MSE right now to see if it'll help. I'd appreciate any advice!

    DrIanMalcolm on
  • TetraNitroCubaneTetraNitroCubane The Djinnerator At the bottom of a bottleRegistered User regular
    edited January 2010
    So I can't click on the task manager icon at all (not through ctrl+alt+del or by right-clicking the time in the corner) and I'm fairly certain that I didn't cause this. Anybody know how I can fix this? I'm ran an AVG scan and I'm running MSE right now to see if it'll help. I'd appreciate any advice!

    If you can download, run, and update MBAM, I'd highly recommend a scan with that software.

    As a quick test, try downloading Process Explorer. If you're running Vista/Win7, run the Process Explorer task as Administrator. This will basically give you exactly the same information as the task manager, plus extra info. Take a good look at the list to see if anything looks suspect - As an added bonus, Process Explorer will show you the publisher name, so if something looks fishy and is digitally signed by Microsoft, it might be a system process.

    If you're unsure of the running tasks, someone might be able to take a look at a HiJackThis log for you.

    TetraNitroCubane on
    VuIBhrs.png
  • autono-wally, erotibot300autono-wally, erotibot300 love machine Registered User regular
    edited January 2010
    for opera, you can access a quick menu to disable/enable java script when pressing F12

    autono-wally, erotibot300 on
    kFJhXwE.jpgkFJhXwE.jpg
  • LoneIgadzraLoneIgadzra Registered User regular
    edited January 2010
    What kind of slowdown can I expect from MS Security Essentials or Antimalware? I use my PC primarily as a gaming machine, and don't run an antivirus because they have all burned me with their massive slowdown. (With the exception of the malicious software scanner that comes with Windows 7, who knows if that's good for anything though.) If I need to scan anything for viruses, I use trend micro house call.

    AVG especially needs a note in the OP: "Adds 30 seconds to the boot time of the average PC, installs a really shitty firefox extension without asking and, when uninstalled, will make your PC feel like new again." AVG 8 is as bad as Norton ever was.

    LoneIgadzra on
  • TetraNitroCubaneTetraNitroCubane The Djinnerator At the bottom of a bottleRegistered User regular
    edited January 2010
    What kind of slowdown can I expect from MS Security Essentials or Antimalware? I use my PC primarily as a gaming machine, and don't run an antivirus because they have all burned me with their massive slowdown. (With the exception of the malicious software scanner that comes with Windows 7, who knows if that's good for anything though.) If I need to scan anything for viruses, I use trend micro house call.

    AVG especially needs a note in the OP: "Adds 30 seconds to the boot time of the average PC, installs a really shitty firefox extension without asking and, when uninstalled, will make your PC feel like new again"

    I can't speak to AVG specifically, but I'll tell you this much: With MSE or ESET NOD, if you're noticing a slow down, the problem is probably your computer rather than the software.

    Most modern AV software has a very small footprint. The only time I've ever noticed a slowdown with NOD over the last four years is when it's preforming a scheduled full-system scan and I'm trying to run something like Crysis in the background. Whatever you choose, just have it do scheduled scans when you're not gaming. The resident AV that's always running in the background won't give you any hassle - Particularly MSE.

    TetraNitroCubane on
    VuIBhrs.png
  • LoneIgadzraLoneIgadzra Registered User regular
    edited January 2010
    oh yeah, and I assume microsoft got this figured out, but does MSSE conflict with windows defender? Do the two programs offer different or overlapping functionality?

    LoneIgadzra on
  • Lord JezoLord Jezo Registered User regular
    edited January 2010
    oh yeah, and I assume microsoft got this figured out, but does MSSE conflict with windows defender? Do the two programs offer different or overlapping functionality?

    It sort of takes the place of Defender..

    http://social.answers.microsoft.com/Forums/en-US/msestart/thread/5309cb8d-02e1-40e8-974f-0dcedb9ab9fd

    Lord Jezo on
    Clipboard03.jpg
    I KISS YOU!
Sign In or Register to comment.