Hello,
I made security test to check build-in or free Microsoft security software for Windows 7.
"White side"
- Windows 7 Professional SP1 64-bit with all updates
- MS Security Essentials 4 with newest databases
- EMET 4.0 (high security + recommended during install)
- UAC on max. level
versus 20x 0-day ransoms (very popular Ukash/Urausy).
Malwares have been provided by tachion.
Unfortunattely, Microsoft security fail the test
Conclusion: I recommend to use better AV, that has more shields (reputation system, heuristics etc.).
Majority of malware builds are tested against popular AVs automatically and re-packed once they are detected by many. MSE would be first in line of checks. It is not that AVs don't work (they do), but the key is patching exploitable holes (aka JAVA, Adobe, etc), good behavior scans and recovery plan :)
No big surprise to me really. UAC does a good job, but I wonder how the nasties got past it (maybe the user accepted them without knowing). MSE is a joke of an antivirus, better than nothing, but falls behind any other respectable AV. I still don't get what EMET does really.
What you don't mention is a firewall, a properly configured one may prevent the viruses from installing or calling home if they did get. Windows firewall is good, but at its default settings it's nearly useless, until properly configured.
Im struggling to understand whether emet is protecting my system or not.
I have it running, but the profile it is running is custom setting profile if i change to maximum and restart for effects to take place, nothing happens as custom profile is still the used profile.
In the running EMET column...