Gizmos Freeware Reviews  

Go Back   Gizmo's Freeware Forum > Debating Chamber > Security

Reply
 
Thread Tools Display Modes
Old 20. Feb 2010, 06:36 PM   #71 (permalink)
Abandoned
Guest
 
Posts: n/a
Default

Quote:
Originally Posted by Taurus View Post
One thing I'm going to say right here and now is that Microsoft needs develop a more transparent way of conveying information to users that have employed MSE. Their support forum, if that's what you can call it, is terrible. I'm not just going to keep taking Microsoft's word on MSE that it's a great product. There are other options that do come with their own issues, but those issued seem to get resolved in a responsive, straight forward manor.

And yes I'm talking about Avast 5.
Frankly, I am not satisfied with the performance of any of the free av's with maybe the exception of Avira. As long as Avira has reliable updates of course. I have not used Avira in a while. I am glad there are free av's available though. AVG is bloated with average detection, but is very popular among newbies. MSE has above average detection, but scans entire archives real time slowing down explorer in certain areas. Avast has great detection causing slow windows start up and other things that I have read about. Panda Cloud is still too early to tell. It's the price you got to pay I guess for freebies. You either pay out of your wallet for what you want, or you give up performance and/or nags/adverts for a free product. Quite a few of the commercial av's have performance issues too though. IMO there are only about 3 or 4 reliable effective av's with acceptable performance, and they are all commercial with the possible exception of Avira free.

Last edited by JohnnyDollar; 20. Feb 2010 at 06:44 PM.
  Reply With Quote
Old 23. Feb 2010, 09:20 PM   #72 (permalink)
Member
 
ravi16aug's Avatar
 
Join Date: Apr 2008
Location: Mumbai, India
Posts: 3
Default

Quote:
Originally Posted by JohnnyDollar View Post
Does anyone else here other than Sope and myself experience the following issues with MSE?

1. Opening a folder full of executable files, it takes significant time for each application`s icon to be rendered completely. In fact, its like a slowly dropping curtain. If you open the same folder again, the lag disappears, but appears again after a system reboot.
2. Opening the Add-Remove programs applet results in the same issue, as each application`s icon will take its own sweet time to render, again the curtain effect in its full glory. Even here, if you reopen the applet, the lag will be gone but if you do so after a reboot, the lag appears.
3. Download a file from your favorite browser, and try to save it in a folder which has some executable files. The 'Save As' dialog box will again take a good bit of time before it can render the folder contents easily.

http://www.techsupportalert.com/free...st-5-beta.html
Thanks for lifting and sharing my experience described in post # 19 (http://www.wilderssecurity.com/showp...8&postcount=19) at wilderssecurity over here. A mention of the source would have been nice though.
ravi16aug is offline   Reply With Quote
Old 23. Feb 2010, 10:27 PM   #73 (permalink)
Abandoned
Guest
 
Posts: n/a
Default

Quote:
Originally Posted by ravi16aug View Post
Thanks for lifting and sharing my experience described in post # 19 (http://www.wilderssecurity.com/showp...8&postcount=19) at wilderssecurity over here. A mention of the source would have been nice though.
Actually I did reference you in an earlier thread (post #6 in thread of below link) . I just didn't do it the 2nd time. I may have been in a rush and just copied and pasted the old post quote that I had made before without looking at it carefully. I never intentionally take credit for another person's work and I always try to provide the source. If one reference to your original post at Wilder's is not enough in this forum, then please accept my apology.

http://www.techsupportalert.com/free...st-5-beta.html

Last edited by JohnnyDollar; 23. Feb 2010 at 10:46 PM.
  Reply With Quote
Old 23. Feb 2010, 11:08 PM   #74 (permalink)
Member
 
ravi16aug's Avatar
 
Join Date: Apr 2008
Location: Mumbai, India
Posts: 3
Default

Quote:
Originally Posted by JohnnyDollar View Post
Actually I did reference you in an earlier thread (post #6 in thread of below link) . I just didn't do it the 2nd time. I may have been in a rush and just copied and pasted the old post quote that I had made before without looking at it carefully. I never intentionally take credit for another person's work and I always try to provide the source. If one reference to your original post at Wilder's is not enough in this forum, then please accept my apology.

http://www.techsupportalert.com/free...st-5-beta.html
Perhaps the word 'lifting' did not come out as i expected it to. I meant to use it in the sense of 'elevate'. And also, the only reason I ask for a mention of the source is to have more people go through that thread, participate in the discussion and probably make MS listen and remove this tiny glitch from an otherwise excellent product. My sincere apologies for having offended you.
ravi16aug is offline   Reply With Quote
Old 23. Feb 2010, 11:23 PM   #75 (permalink)
Abandoned
Guest
 
Posts: n/a
Default

Quote:
Originally Posted by ravi16aug View Post
Perhaps the word 'lifting' did not come out as i expected it to. I meant to use it in the sense of 'elevate'. And also, the only reason I ask for a mention of the source is to have more people go through that thread, participate in the discussion and probably make MS listen and remove this tiny glitch from an otherwise excellent product. My sincere apologies for having offended you.
No problem here. Glad we understand one another. I also understand your frustration with MS.
  Reply With Quote
Old 25. Feb 2010, 07:36 PM   #76 (permalink)
emmjay
Guest
 
Posts: n/a
Default

Regarding a changelog for MSE (ref: version changelog)

NB: A definitions changelog is available at http://www.microsoft.com/security/po...tions/adl.aspx

According to Microsoft there will be no external changelog for any new versions of MSE. It is not their policy to provide a changelog with security software. They did not provide one with One Care either.

I did a copy/paste of this response from an MVP on the MSE forum. It is the MVP's observations as to what has changed between the current version and the latest one (which is scheduled to be made available via WU soon).

So far what I have observed are as follows:

1. Wildcard exclusion on a path through the Settings exclusion list is now supported.
2. Exclusion of Networked, Shared or Mapped Drives.
3. A 30-Day Grace Period for MSE when the Operating System's Genuine status changes after installation of MSE.
4. Scanned number of items is now immediately displayed on the User Interface after a Quick, Complete, By-demand or Custom scan. Although, if you close the window or jump to another tab the report disappears.
  Reply With Quote
Old 05. Mar 2010, 07:56 PM   #77 (permalink)
emmjay
Guest
 
Posts: n/a
Default

To all here: This is a Copy/Paste Wilders/Berng (sorry could not link to it) ...

Re: MSE heuristics.
So says Microsoft but others don't accept Microsoft's definition of heuristics:

Quote:
You say heuristics, we say heuristics

Having done some debriefing with our colleagues at AV-Test.org, I'm happy to say that our review stacks up as it stands.

According to AV-Test:"Dynamic detection", as Microsoft is calling it, is no more than a signature-based detection with some kind of "in the cloud" queries. It's not behavioural and not what we would refer to as heuristics.

AV-Test took the greatest care with these tests, as it always does, and has great experience in behaviour-based "dynamic" testing. Indeed, the AV-Test lab was one of the first to do such testing. All details can be found here: click here (it's the second entry)

I think it's fair to say that AV-Test is less than impressed that MSE forum moderators are saying the tests were rushed, and I'm personally a little miffed that PCA is being impugned. But there you go. Such is life. If you want to set them straight and point them in this direction...
==> end of quote
================================================== =======
copy\paste MSE forum ...

RobReplyQuote Wednesday, October 14, 2009 5:53 PMGary02139

Hi Rob. Not trying to be stubborn; perhaps I am indeed missing your point. Are you saying that MSE *only* consults the signature database when it heuristically detects suspicious behavior? If so, then I understand how a lag in updating would not impair security. But is that in fact how the product works?


Here's a link to PCWorld's lab tests of MSE. (The tests are of the beta version, but it's reasonable to assume--unless there's some more-recent data to the contrary--that the current version does not differ dramatically.)
http://www.pcworld.com/reviews/produ...ials_beta.html


Note that the reported detection rates are 97-100%. However, "Heuristic detection with two-week-old signatures" is only 52%, and "Heuristic detection with four-week-old signatures" is 44%.


Please correct me if I'm misunderstanding, but don't those numbers demonstrate a dramatic loss of threat-detection in the absence of up-to-date signatures? Yes, two weeks is longer than one week (at which point MSE is supposed to give a warning; I haven't let it get that far out-of-date yet). Still, unless I'm misunderstanding, the numbers do show a significant reliance on up-to-date signatures (with a very rapid initial decline in effectiveness, leveling off a lot after two weeks).

ReplyQuote Wednesday, October 14, 2009 7:51 PMRob KochMVP, Moderator
It's quite simple to understand why PCWorld would get those results, though as usual I'll need to make assumptions about their testing methodology, since they're infamous for not explaining these and don't appear to be a member of the AMTSO. To understand why this is important, read this article about Anti-virus Testing Standards.

http://www.eweek.com/c/a/Security/An...-Cloud-557194/

My assumption would be that to perform the tests with such old definitions would require that they disconnect from the Internet completely, resulting in exactly the condition I mentioned in my last post above. The likelyhood that this would occur in the real world is low, since acquiring new malware while being disconnected from the Internet is unlikely, though not impossible. And as you already mentioned, MSE would be screaming (Red Icon and GUI) about the updates if they were over a week old anyway.

The point is not that the static definitions won't age, obviously they will, it's that the MSE definitions aren't static since MSE can update them on-the-fly whenever it's required. This is why all of the old knowledge and testing systems are defunct, since their static assumptions no longer apply.

As with PC World, you are so focused on these old systems and methods that you can't see that they no longer apply to today's products. Fortunately, I'm quite certain that many others reading this are gaining that understanding and realizing that the entire focus of security technology has shifted.

Rob
ReplyQuote

================================================== ========
I am not knowledgeable enough to know what this actually means.

Gurus and mavens of the security universe what is it about heuristics? I am lost.

P.S. I have the latest version 1.0.1961 of MSE installed.
  Reply With Quote
Old 05. Mar 2010, 08:09 PM   #78 (permalink)
Abandoned
Guest
 
Posts: n/a
Default

Quote:
Originally Posted by emmjay View Post
================================================== ========
I am not knowledgeable enough to know what this actually means.

Gurus and mavens of the security universe what is it about heuristics? I am lost.

P.S. I have the latest version 1.0.1961 of MSE installed.
Heuristics in a security program is an algorithm written by the programmer to detect and deal with suspicious activity on your machine from possible malware without the benefit of it matching a definition. There are different variants of it just as there are different variants of programs. The top av's in the business have real good heuristics. This has always been one of Nod32's strong points.

Last edited by JohnnyDollar; 05. Mar 2010 at 08:36 PM.
  Reply With Quote
Old 30. Jun 2010, 09:42 PM   #79 (permalink)
Abandoned
Guest
 
Posts: n/a
Default

ravi16aug believes that he/she has fixed the lag problem with MSE.

Add C:\Windows\Explorer.exe in the 'Process Exclusions' section, and not the file/folder exclusion. MSE still detects malicious items 'on-access' but the lag disappears.
  Reply With Quote
Old 22. Jul 2010, 02:21 AM   #80 (permalink)
Abandoned
Guest
 
Posts: n/a
Default MSE Beta released

MSE beta 2.0.0375.0 released 20 July 2010.
http://windowsteamblog.com/windows/b...available.aspx
  Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT +1. The time now is 11:37 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2020, vBulletin Solutions, Inc.