Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: MS Security Essentials configuration questions


27 Nov 2009   #1

Microsoft Community Contributor Award Recipient

Windows 7 SP1, Home Premium, 64-bit
 
 
MS Security Essentials configuration questions

For no particular reason, I just uninstalled AVG Free and have installed Microsoft Security Essentials.

I roamed around in the settings and have a few questions.

There is a "default actions" setting for various levels of threats. I chose these settings:

Severe alert: remove
High alert: quarantine
Medium alert: quarantine
Low alert: allow

Any comments on these choices? Are the consequences of "remove" and "quarantine" effectively the same; eg, I have the same degree of protection in either case? Any reason not to use "quarantine" for severe alerts?

The more important questions follow:

Running MS Security Essentials means you are a "basic" member of MS Spynet. You cannot opt out.

The related privacy policy statements say that MS regularly receives security-related scan reports from users and that the info MIGHT contain personal data, usernames, file paths, etc.

My hard drive setup is as follows:

HD 1: C and D partitions; C is Windows and all apps; D is data only
HD 2: E partition; contains data only (backups of D through several methods)

I am not particularly amused by MS even accidentally and innocently viewing ANY aspect of my data.

So, on the "exclude files and locations" tab, I have chosen to exclude my D and E drives from scanning and real time protection. Hopefully, any scanning and reports will be confined to C only.

Let's stipulate that D and E are known to be clean at this time.

Comments? Dumb, smart, pointless, mediocre, etc?

My "downloads" directory is on D. If I go to a poisonous website and attempt to download something threatening to D:\downloads, am I at risk because protection is turned off for that entire drive?

Or would I be protected nonetheless and the bad file would never be downloaded?

Should I NOT exclude that download directory from realtime and scanning protection? (The settings allow you to exclude by directory, and I could just exclude all folders on D EXCEPT downloads.)

My System SpecsSystem Spec
.

27 Nov 2009   #2

Win 8 Release candidate 8400
 
 

Quote   Quote: Originally Posted by ignatzatsonic View Post
For no particular reason, I just uninstalled AVG Free and have installed Microsoft Security Essentials.

I roamed around in the settings and have a few questions.

There is a "default actions" setting for various levels of threats. I chose these settings:

Severe alert: remove
High alert: quarantine
Medium alert: quarantine
Low alert: allow

Any comments on these choices? Are the consequences of "remove" and "quarantine" effectively the same; eg, I have the same degree of protection in either case? Any reason not to use "quarantine" for severe alerts?

The more important questions follow:

Running MS Security Essentials means you are a "basic" member of MS Spynet. You cannot opt out.

The related privacy policy statements say that MS regularly receives security-related scan reports from users and that the info MIGHT contain personal data, usernames, file paths, etc.

My hard drive setup is as follows:

HD 1: C and D partitions; C is Windows and all apps; D is data only
HD 2: E partition; contains data only (backups of D through several methods)

I am not particularly amused by MS even accidentally and innocently viewing ANY aspect of my data.

So, on the "exclude files and locations" tab, I have chosen to exclude my D and E drives from scanning and real time protection. Hopefully, any scanning and reports will be confined to C only.

Let's stipulate that D and E are known to be clean at this time.

Comments? Dumb, smart, pointless, mediocre, etc?

My "downloads" directory is on D. If I go to a poisonous website and attempt to download something threatening to D:\downloads, am I at risk because protection is turned off for that entire drive?

Or would I be protected nonetheless and the bad file would never be downloaded?

Should I NOT exclude that download directory from realtime and scanning protection? (The settings allow you to exclude by directory, and I could just exclude all folders on D EXCEPT downloads.)
hi and welcome

First samrt move on giving avg the heave. I do lots of BSOD's analysis and I have seen to many avg couased.
Default actions are fine, even a little to extreme for me but hey cautious is good.

I understand how you feel abt MS but which is worse them maybe seeing data or a single download wiping it? BTW there is a way to block it in a firewall.
I would leave it on for all drives but I just lost 100 gigs worth of media so, either way thething that is going to save you or sink you is what you click on

Good Luck


Kenn J++
My System SpecsSystem Spec
27 Nov 2009   #3

Microsoft Community Contributor Award Recipient

Windows 7 SP1, Home Premium, 64-bit
 
 

Ken:

Can you comment specifically on why data drives should be included?

Because a threat might beat the antivirus, land on C, and then reformat or otherwise harm other partitions or drives?

Can a threat directly attack a non-system partition or drive? Or can it only get at non-system partitions and drives after first penetrating C??

Care to comment on how you lost 100 gigs? Failure of what?
My System SpecsSystem Spec
.


27 Nov 2009   #4

Windows 8.1 Pro (x64)
 
 

Quote   Quote: Originally Posted by ignatzatsonic View Post
Because a threat might beat the antivirus, land on C, and then reformat or otherwise harm other partitions or drives?

Can a threat directly attack a non-system partition or drive? Or can it only get at non-system partitions and drives after first penetrating C??
If malware were to get on your computer, it can do anything including put itself on the other drives for future infection if you attempt to move the original infection. That could be one example.

But honestly, you are being over paranoid about Microsoft Spynet. The data they receive does not identify you or ever used outside of those creating new virus definitions. And it only sends reports about infections it has found. It does not randomly scan your data sending reports when ever.

Quote:
Send basic information to Microsoft about software that MSE detects, including where the software came from, the actions that you apply or that MSE applies automatically, and whether the actions were successful. In some instances, personal information might unintentionally be sent to Microsoft. However, Microsoft will not use this information to identify you or to contact you.
My System SpecsSystem Spec
27 Nov 2009   #5

Microsoft Community Contributor Award Recipient

Windows 7 SP1, Home Premium, 64-bit
 
 

Thanks for the comments, Logicearth.

Ken mentioned configuring a firewall to control the outbound communications of MS Security Essentials.

I have very little experience configuring firewalls, but I am going to root around in the tutorials on this site to see if I can turn off outbound communications by Security Essentials.
My System SpecsSystem Spec
27 Nov 2009   #6

Windows 8.1 Pro (x64)
 
 

Why do you need to block it?
You are best off just leaving things as they are.
My System SpecsSystem Spec
Reply

 MS Security Essentials configuration questions




Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 07:28 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33