Windows 7 Microsoft's Anti-Virus

[reghakr]

This is from a magazine called PC Utilities.

It states Microsoft is announcing plans to replace it's subscription-based Windows Live OneCare anti-virus service.. It will offer protection against viruses, spyware, Trojans and rootkits..

It will not include the extra features such as printer sharing and PC tune-up functions. It's scheduled for release in the second half of 2009, as a free download for Windows 7, Vista, and XP..

Microsoft's senior director states , the decision to release anti-virus software was necessary because users are "not concerned about malware" and stated "the number of people" who don't have antivirus software or don't keep it upto date exceeds 50%. Also states, Microsoft hopes to improve general safety on the Internet.

The magazine states that they will certainly compete with Anti-virus programs such as AVG. Microsoft's announcement comes as AVG is under fire for failing to integrate Anti-Virus 8.0 properly with Windows.

Fact or fiction I don't know, but no thanks Microsoft, I prefer to use my own.

 

[bboy500]

lol im sticking to norton been using it for as long as i have ever found out about viruses.

 

[kevin from Chi-town]

This is from a magazine called PC Utilities.

Microsoft is announcing plans to replace it's subscription-based Windows Live OneCare anti-virus service..

I'm sure the 4 people that subscribed will be depressed.
I tryed it for a few hours as well as forefront....both were completely useless. MS needs to understand that they can't dumb-down security features and functions. This is also applicable with several features of the OS's.....cough Homegroup...cough...

 

[Kyle]

You guys are talking about Code Name: Morro. It's going to replace One Care, except it's going to be free. I personally think it's an awesome idea and will keep a lot of people away from shifty AV providers and unnecessary resource hogs like Norton and AVG.

Kudos Microsoft, now give us a technical prototype.

 

[cmillens]

There's only 1 Anti-Virus Choice - if you're smart

You guys are talking about Code Name: Morro. It's going to replace One Care, except it's going to be free. I personally think it's an awesome idea and will keep a lot of people away from shifty AV providers and unnecessary resource hogs like Norton and AVG.

Kudos Microsoft, now give us a technical prototype.

ESET - that's the ONLY AV product that hasn't has a SINGLE failure on the VB100 since 2002 (Virus Bulletin : VB100 results - Eset) and it ranks NUMBER 1 on their list as well with only 3 failures since 1998 when it first entered the foray.

I'm currently running Win7 x64 Beta 1 Build 7000 with ESET v3.0.684 x64 and I love it! From where I sit, Win7 won't be released soon enough!

ESET doesn't interfere with daily operations. I'ts NOT resource intensive and it's easy as hell to use (if my WIFE and Father can use it ANYONE can!) AND, best of all, I don't have to spend an arm and a leg to buy it. Daily updates and more. I can't say enough GOOD things about this product!

 

[blackroseMD1]

ESET - that's the ONLY AV product that hasn't has a SINGLE failure on the VB100 since 2002 (Virus Bulletin : VB100 results - Eset) and it ranks NUMBER 1 on their list as well with only 3 failures since 1998 when it first entered the foray.

The only problem I have with programs like Eset and Kaspersky is having to pay again every year or two for (mostly) minor upgrades. That's the kind of thing that drives people to piracy. Make me pay once, and then give me virus database updates for the life of the product. That's all I'm asking for. Until then, I will stick with avast or symantec corporate.

 

[Radenight]

I would like to say that Microsoft releasing their own Anti-Virus app would be a good thing..(simply because you'd think that way they could detect more threats than any other AV app being that it is designed by the same people that create Windows, therefore they'd know exactly what to look for and how to find it).. but I just can't do it... I honestly don't think after using Windows Defender briefly that MS can pull this off at all... It's just not something they're ment to create in my opinion.. stick to OS's and Office apps, leave the security to those "more qualified"....

I don't think AVG is a resource hog either.. I find it uses very little actually (and I mean really, with RAM being dirt cheap and most people having a 4GB minimum these days, what classifies as a resource hog anyway,, hahaha) It could be a bit more streamlined though.. I hate how some companies completely screw an app that had nothing wrong with it, like Lavasoft with Ad Aware SE Personal Edition.. that was a great app in it's day, then they somewhere along the line decided for some reason to change it all around and what happened? It sucked royally from then on... I won't even get into my thoughts on Norton.. I'll just say I absolutely HATE it and everything to do with it and leave it at that...

 

[djwayne]

I tried a trial version of Windows Live One Care and I liked it. It worked well with my other programs and I did not get any viruses. I thought that $50 a year was a bit steep though, so I'm really looking forward to trying out the new free version.

 

[Kyle]

Okay, just to address a few things; AVG IMO is crapware, that's why I listed it. Not 'cause it's a resource hog.
NOD32 is the antiviral suite I'd use, IF I ever used one. When I load up someone else's PC, that's what I use. It's #1. Period.
OneCare is junk, as it is just an AV bought from someone and rebranded and integrated so MS could pass it off as its own. It fails almost all AV tests, just so you guys know (And it also causes a lot of problems with newbs, locking them out of the internet and such)

 

[djwayne]

I agree NOD 32 is what I have on my XP drive, but Microsoft said the magic word, "FREE" !!

 

[jimbo45]

Hi Guys
I'm going to disagree with the lot of you here-- In all the years of using computers I've NEVER had a computer infection -- most Viruses come from dubious email attachments, dubious "torroentss and warez sites" and rather strangely are more often transmitted via CORPORATE networks than by home computers.

AV software is often more trouble than its worth --especially if you need to turn it off or remove it completely -- and what happens as will eventually happen one day if itself gets infected --- "Who guards the guards"--- A clever virus would attack these programs in such a way that the program wouldn't of course report it itself.

If I were a real Hacker I would be seriously working on this type of "project" anyway -- so I'm sure there are people out there doing just that. Looks like just the challenge for your next generation of Hackers -- they've come as long way from the initial "Phonefreaks" of the late 60's early 70's.


I'm not saying it's 100 foolproof but if you follow these simple rules you should get YEARS of Fun, safe and infection free computing and you don't need any AV software either.

1) Have your email client on a different machine to the one you use regularly. Connect to it via RDP / tight/realvnc or equivalent. If you only have 1 computer set up your email client on a VIRTUAL MACHINE.

2) Never open any attachment unless you trust the person who sent it.

3) NEVER EVER load up any program that offers to check your computer for Drivers, Registry cleaners, open ports, your IP address. (You can always find ouyt the IP address outside computers see your computer from by using faciulities in nyour Router --same with open ports - your router will tgell you what's open.
These sort of programs invariably at the best want you to suscribe to some type of paid service, otherwise they are full of SPY/NAG/MAL ware or worse.

4) Be 100% careful if you use torrents or other types of p2p sites for music etc etc. Quite frankly if your computer gets infected because you are trying to crack a key of something like OFFICE then you deserve all you get as there is a 100% very very good FREE open source version available at OpenOffice.org - The Free and Open Productivity Suite which is as near compatable wiith microsoft office as you can get --and for 99% of people who aren't into heavy EXCEL macros even the spreadsheet is largely compatable with EXCEL anyway. - If you are a student then you can get a LEGAL copy ofg MS office anyway for a few dollars.

5) Test any "suspicious" software on a separate virtual machine. If anything doesn't work ort seems suspicious just dump that Virtual Machine.

After reasonable testing miograte the software application to a Real Physical machine.


6) if you do online Banking have that application on it's OWN separate virtual machine with NO OTHER APPS on it other than Internet access.

7) Block known "Bad sites". I access the Internet via a Linux server which keeps track of my access sites -- I block "bad sites".

8) regularly do the Microsoft updates -- these ARE worthwhile doing .

9) Keep plenty of Backups. Can't stress the importance of this one enough

10 ) Block ALL POPUPS and be EXTREMELY careful in clicking on anly link advertising anything. Internet shopping is fine but select what YOU want and follow that. Just don't willy nilly click on links.

11) Most home firewalls are a waste of time. Your Router is usually full of stuff that can do this (go into your routers admin mode - address something like 192.168.2.1 or 192.168.0.1 or whatever. There's all sorts of goodies to be found usually under advanced settings, and there are some very useful logs so you can see any inbound / outbound stuff taking place when you don't expect it.)

Whilst this stuff is not 100% foolproof it's kept my Computers virus free and I don't have to use loads of bloated AV software.

I also don't use social networking sites like you tube / facebook etc so I can't say what the potential for infection is from those site however if you want to use these go ahead or as they say "whatever floats your boat"..

Most of this will be 100% heresy to a lot of people out there but its kept my machines running OK and Virus free so until I experience trouble I'm sticking to these simple rulles outlined above.

In any case most of the infected computers found in corporations already have AV software running -- so it shows that a determined Virus writer can bypass AV software. There's always a lead time of a few weeks between a new Virus appearing and the updates to code to defend it so what's the point anyway.

If you backup your machines once a week just restore the whole kybosh to a period BEFORE the Virus was "released".

A Final remark -- Why I don't like MS doing AV stuff is that it might be another "backdoor" method to check on what version of Windows you are using.

This coulld for example stop the literally 100'000's of users of Build 7022 --like me

Cheers
jimbo

 

[bboy500]

For anyone here that calls norton a resource hogger has obviously!! never used the 2009 version. it has been proven to be faster then the fastest ones out there. and less resources then anything else.

 

[Radenight]

For anyone here that calls norton a resource hogger has obviously!! never used the 2009 version. it has been proven to be faster then the fastest ones out there. and less resources then anything else.

I'm sorry but I just can't agree with that.. Norton blows in my opinion, always has and always will... I've just NEVER had a good experience with it... plus the fact that there are better FREE alternatives out there doesn't help much... But hey, if it works well for you then that's great! I'm glad it's working good for someone..

 

[Kyle]

I'm with Jimbo, in the fact that if you know what you're doing you don't need an AV program. If you REALLY know what you're doing, you don't even need to take any precautions. For example, I open all email on my main PC, do online banking on it, open attachments, run new programs to test, whatever. I don't use virtual machines, limited accounts, or anything to do so. It's all about know-how, and if you work at it, you can get to this level as well (It makes it a lot nicer when you don't have to run scans and stupid junk like that, taking up time and system resources). My clock cycles are better spend on games, chat, downloading, and net surfing.

& I eventually end up testing all version of programs, whether on my computer, or others. I've used Norton AV 2009 on someone else's computer, and I still say NOD32 kicks its ass, hands down.

 

[djwayne]

I've had terrible luck with Norton. In the past, it conflicted with my audio programs. Most recently nothing but headaches with 360. Even a headache trying to uninstall it. However I feel an A-V program is necessary. I used to take all the precautions mentioned, and still got my browser hacked and viruses occasionally. NOD 32 saved me a couple of times.

For the duration of this beta test AVG Free should be adequate for me.

I'd have a hard time judging Microsoft's Live One as it isn't even out yet. They may have made some improvements to it. So we'll see.

 

[Radenight]

I'm with Jimbo, in the fact that if you know what you're doing you don't need an AV program. If you REALLY know what you're doing, you don't even need to take any precautions. For example, I open all email on my main PC, do online banking on it, open attachments, run new programs to test, whatever. I don't use virtual machines, limited accounts, or anything to do so. It's all about know-how, and if you work at it, you can get to this level as well (It makes it a lot nicer when you don't have to run scans and stupid junk like that, taking up time and system resources). My clock cycles are better spend on games, chat, downloading, and net surfing.

& I eventually end up testing all version of programs, whether on my computer, or others. I've used Norton AV 2009 on someone else's computer, and I still say NOD32 kicks its ass, hands down.

I agree with you on the know how thing Kyle.. I also open all emails on my main pc and don't waste time running scan after scan.. I haven't jumped on the online banking wagon yet as I absolutely HATE banks.. My money is better off in my wallet or locked up in a safe in my house as opposed to in a bank... I never worried about opening attachements as 99.9% of the time I only get attachements from trusted sources anyway..

And I have to say you've convinced me.. NOD32 definitely does kick ass! I uninstalled AVG and got ahold of NOD32 and installed it last night and I have to say I'm very impressed.. I don't waste time running virus scans either but I still like to have an AV program installed and running in the background none the less... JUST IN CASE.. And NOD32 by far uses less resources than AVG so I don't even mind having it running in the background..

 

[jimbo45]

Hi everybody
just to answer 2 points .

1) Virtual Machines are excellent when the NEW version of an OS don't support your older hardware -- such as I still use a Minidisc recorder and the "Simple Burner" function only works on W2000 and XP. No update for VISTA or W7 will come. They are also useful for some complex software testing -- I've often seen posts from people on this and other forums asking "how to uninstall this or that". Some programs just don't uninstall cleanly and leave loads of junk in the registry. It's much easier just to junk that virtual machine and start a new one. (Vmware and most other virtual machine software has a simple "Clone" facility so once you've installed your initial guest virtual machine just keep this as your "clean VM" for installing stuff by cloning it .

2) Most DECENT protection can be done not only with the tips I gave in my previous post in this topic but also by using the often EXCELLENT hardware firewalls and rules built in to your router, and by using Port blocking stuff in the router hardware. Also look at the logs embedded in your router .

This offloads the security functions to the hardware leaving your machine far more responsive (especially when using VISTA) and not getting the whole OS entwined with the AV software.

Remember also :
Quis Custodiet Ipsos Custodes?

(Who is guarding the guards?)

If your AV software is also infected what do you do -- any slf respecting hacker these days would attack this stuff -- and if you download from a "Free" source do you check it --and with what.


Cheers
jimbo

 

[alan sh]

Personally I use AVAST - seems to do what I want and it did find a virus on a memory stick that someone gave me.

Alan

 

[Lause]

I really can't get the hype about ESET. Tried it once on Vista SP1 and my system crashed completely - or more correct: It got so slow, it took half an hour, just to open a window, any window. Computer was useless with that, no point in waiting two hours, just to visit three websites...
Didn't leave a god impression, that my first contact with this software was catastrophic. Had to restore from system image to a state a week earlier. NOT FUN!
Tried the Kaspersky Beta for Win 7, but had problems there to - but not that severe. So I went back to the "good old" KIS 2009, without ANY problems. As an extra precaution, I run Malwarebyte's Anti Malware and let it scan leached files maually.
When I need to make a complete computer scan (500 G's of HDD), I let it do at night, while I am sleeping anyway, so time consumption is not of my concern.
I have to admit, I have installed the ESET suite on my mothers old XP-system, and it seems to work there - she hasn't complained yet...

 

[jimbo45]

Hi anyone

who wants to be a "Guinea pig" tester for an AV busting program -- I haven't done serious programming for about 8 years but it took me about 20 mins to "dissassemble" some of this so called "Protection Crap" -- it's more like a Protection racket if you ask me.

I'm not giving away anything here other than pretty well any VIRUS that uses rootkits will be un-detected by typical av software, and things like the USB HUB or fire-wire hub are easy entrants for nasty programs that can bury themseleves into sector 0 of your hard disk --then it can load it's own bootstrap loader and bang you've got the "Keys of the Kingdom".

The functions of the bootstrap loader is simple. The BIOS when you switch on to the machine has a very small piece of code (often a single instruction) which says Read and execute insruction at address X which is usually fixed into the BIOS.
Instruction X then loads a chunk of code into memory (hence the word "bootstrap") which then requests the relevant Disk sector (usually sector 0) to be read and code on it executed. Finally the OS itself starts loading and is ready for action.

Any of these so called AV programs which scan files are just too late in the detection process-- most "decent" ??? or cleverly written programs won't have any file name for an av program to detect.

Even AV programs that detect against Sector 0 intrusion / modifiction are too late since the Virus program will already have taken account of AV software comparing this - so it will disable the "Official Check" before the AV software can do it. It's actually quite simple really -- horribly simple in fact.

Before installing ANYTHING on a machine have at least an idea of what its supposed to do. Also if you MUST install AV software which slows down most machines horribly without really giving much protection at least try and discover how the program works and what it's actually doing.

Most of these simply compare the file length of file name X with a value stored "in an easily hackable" database.
Others just check file names and code against windows official file names and binary code. Neither of which are worth the paper / disk space they are written on and usually throw up loads of "False Positives". Besides None of them ever check themselves to see if the actual AV program itself has beeen compromised.

Anyway "Here endeth the First Lesson" .... Hacking - 101..

If you don't see any more posts by me on these boards I'm probably being held by the CIA / FBI in some foreign jail ("Rendition").

The only decent way to protect against this sort of stuff was to have something like the old IBM mainframe where instructions operated in "Privileged" and Application state. Only Kernel modules could swap the system state of the machine between "Application" and "Privileged" state. The CPU actually had privileged and normal state instructions and was dependent on the status of a word in fixed hardware to know which instruction set was allowed. Only a kernel module was able to change the state from application to Privileged.

This scheme whilst not impossible to Hack was protected by physical access to the machine. The kernel was compiled (or "Assembled") on site by a process known as "System Generation".

Outside applications were installed in "Application Mode" -- there was no mechanism for physically installing a "User Application" into the kernel. Any user program that tried to change the privilege state of the CPU would just crash with an exception known to IBM'ers as 0C4 -- Protection exception.

System Modifications were supplied by IBM etc and usually required a System Generation to install.

If Windows had something like this it would be much harder to "Hack" but INTEL would have to re-design their processors and judging by what I've read on these boards at times the thought of some people being able to perform a "System Generation" when they can't even back up their own DATA to say nothing of the OS --- well 'nuf said.

Cheers

jimbo