MSE worries

Since no anti-malware product 1s 100% effective 100% of the time, it's my belief that using only one product could let some malware in and it might not be detected by that product. By using multiple on-demand scanners to double, triple or even quadruple check the primary AV product, you're increasing the odds that your computer really is free of malware. If Product ABC misses something, hopefully Product DEF, or GHI, or XYZ will detect it. But even if I run 20 different scans on my computer and they all come back clean, I still wouldn't say my machine is absolutely, positively, guaranteed, 100% sure malware free. 99.999% sure? Probably. 100% sure? Nope.

But that's just me. Others may disagree and that's fine. All depends on one's paranoia. :)

urbanspaceman1 said:

I have another question however: are you implying I may not know I am harbouring malware or viruses?
Is it not always apparent?

Most modern malware is designed to be silent. In other words, you will not see a slowdown of your computer and won't get any odd messages, such as popups saying "gotcha". Instead, they could be quietly uploading your data to the source of the malware. Often, the first clue you will get is your bank account has been cleaned out. Even malware that uses your computer to spread spam often limits the amount of traffic it instigates so your computer won't noticeably slow down. I suspect many, if not most, people who swear up and down they don't get viruses actually harbor one or more they are simply unaware of. People who think all one needs are good browsing habits to be safe from malware are living in a fools' paradise. I have seen AVs block malware when the browser is open but static on a safe website (of course, safe browsing habits mean less work for antimalware programs, reducing the chances for infections).

Even the best AVs and anti-malware will not catch everything. That's why it's important to use multiple compatible programs. What one misses, another one may catch. However, that doesn't mean one can back up a poor AV with another anti-malware program and expect to be safe. That's like driving a car with bad brakes, expecting the air bags to keep you safe.

I personally use the free version of Avast (btw, do not upgrade to the latest version; it probably works just fine but people are reporting problems with setting it up due to the new UI), the paid version of MBAM, SuperAntiSpyware, and Spybot S&D. I also have Secunia PSI to check for security related program updates.

Ok, now I'm suitably paranoid and suitably armed but how often do you run all these checks because, let's face it, you scan to the nth degree tonight and something arrives tomorrow morning.
This was why I felt I was as safe as could be expected when I was using KAS which I can go back to anytime as my license is still valid but as I said it was having Sandbox issues that were getting in the way.
I'm going to run all the free programs as suggested and if I find anything I will have to reconsider but if I don't find anything I'll stay as I am.

urbanspaceman1 said:

Ok, now I'm suitably paranoid and suitably armed but how often do you run all these checks because, let's face it, you scan to the nth degree tonight and something arrives tomorrow morning.
This was why I felt I was as safe as could be expected when I was using KAS which I can go back to anytime as my license is still valid but as I said it was having Sandbox issues that were getting in the way.
I'm going to run all the free programs as suggested and if I find anything I will have to reconsider but if I don't find anything I'll stay as I am.

Avast free and Spybot S&D (also free) provides full time protection. The paid version of MBAM ($50 for a lifetime license but often goes on sale for $25 or less) also provides fulltime protection. While mixing AVs is a bad idea, many anti-malware programs, such as the ones I listed, will play well with most, if not all, AVs.

As long as you have an AV that runs fulltime and updates itself frequently (one of my many complaints against MSE had to do with infrequent or no updates), one can limit their scans to once a week for each program. One way is to run a scan with one on one day of the wee, run a scan on the second one the next day, etc.; that reduces the amount of time spent on scans in any one day. Of course, if you suspect something may have snuck in, you can always run scans whenever you want.

I forgot to mention I also use Web of Trust (WOT) in my browser. It alerts me if I try to go to a questionable website.

urbanspaceman1 said:

Ok, now I'm suitably paranoid and suitably armed but how often do you run all these checks because, let's face it, you scan to the nth degree tonight and something arrives tomorrow morning.
This was why I felt I was as safe as could be expected when I was using KAS which I can go back to anytime as my license is still valid but as I said it was having Sandbox issues that were getting in the way.
I'm going to run all the free programs as suggested and if I find anything I will have to reconsider but if I don't find anything I'll stay as I am.

I think the answer to the question "how often do you run all these checks" is it's a matter of personal opinion. Some folks on this Forum have said they run supplemental on-demand scans once a week. Personally, I run Malwarebytes and Hitman Pro each night just before I shut down my computer. Each of the quick scans takes just a few minutes to run. I make my system images each Sunday and I run a full scan with Malwarebytes before making the images. I also run a couple of quick on-demand scans usually using Hitman Pro and my MSE. I'm comfortable with this schedule. But again, others may have a different regimen that works for them.

Just as a side note, I've noticed that MSE updates on average 3 times a day (based on running manual updates) but if you use the Windows Automatic Update feature you'll get updates once every 24 hours or so. As I've said before, I've used MSE since it was released to the public in Sep 2009. I haven't had any indications that any of my computers have been infected. Not through MSE and not through any of the other scanners I use. I'm of the belief that MSE is working and doing its job, contrary to all of the doom and gloom reports over the years. Either MSE is working as designed or every additional on-demand scanner I use has suffered catastrophic failures to identify malware. And I just don't think that's the case.

marsmimar said:

~~~
I haven't had any indications that any of my computers have been infected. Not through MSE and not through any of the other scanners I use.
~~~

The computer mentioned in this post has been infected with Trojan:DOS/Alureon.E since July of 2012.

It remains infected because those using it won't fix it (long story).

MSE happily states that it is clean.

I'm sure that other types of scans would detect it, but that it not the point of my post. I'm just adding info about MSE for the OP to consider.

UsernameIssues said:

marsmimar said:

~~~
I haven't had any indications that any of my computers have been infected. Not through MSE and not through any of the other scanners I use.
~~~

The computer mentioned in this post has been infected with TrojanOS/Alureon.E since July of 2012.

It remains infected because those using it won't fix it (long story).

MSE happily states that it is clean.

I'm sure that other types of scans would detect it, but that it not the point of my post. I'm just adding info about MSE for the OP to consider.

I completely understand and your input is highly valued. Everyone has to make their own decisions as to what is best for them. Your experiences certainly carry a lot of weight and I thank you for sharing those experiences.

andrew129260 said:

Even with all the scans in the world, they only detect known malware....

I'm not picking at your wording here - but the main point of my posts in this thread is MSE's poor heuristics. Heuristics should be preventing some unknown malware. If an unknown app* wants to replace the OS shell, the AV tool should at least ask, "do ya really wanna do this?".


*an app not flagged based on it signature.

It is telling that on the occasion of MS security coming under fire the whole can of worms regarding safety is opened.
Had this been a KAS or Norton issue I doubt there would be so much in depth debate.
My bank uses on screen selections as a secondary password, presumably to thwart key-logging, and even my password software can not deal with that, so I suppose there is some comfort in the banks efforts to protect us.
When I consider that large numbers of people are now using mobile online banking I suspect we PC folk may be more ignored; let's hope so anyway.