MSE 2 Final Released!

Airbot said:

baxxter said:

i used Mse before and i liked it just one thing ,when i open a folder ( It contane many compresed softwares) it take a few while ,I have 3 gb of ram ,does it normal ?

Yeah, I do think it's related to MSE because it does the same for me throughout it's version history to date. You won't find many who will say the same though, as I have a feeling it's only in certain hardware combination related scenarios as far as my theory on it.

I can't use it on my system, I go with something else.

Same here and it is related to MSE according to MS. It can only be tamed by excluding explorer.exe process which is advice from MS.

MSE updated through updates a couple of weeks or more ago. Since then, I'm having a situation with MSE that is troubling me. Once a day, MSE with a random GUI number wants to change registry settings and then load a kernel driver which is fine except for one thing. My HIPS doesn't seem to have the ability to permanently allow the rule because of the daily changing of the random GUI. I could do it by allowing the services process full control but I'm afraid that it would leave me wide open so to speak. Below is the info for such a daily event with the latest MSE. Sorry, it's kinda lengthy but I want the detailed shown in case anyone knows why or a way to overcome the daily ritual of this.

Code:

 2/3/2011 14:05:45    Set registry value    Permitted
Process: e:\windows\system32\services.exe
Target: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpKslade2f93a\Start
Data: 0x00000004(4)
Rule: [Registry Group]Autostarts Locations -> [Registry]HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\*; Start
 
 
2/3/2011 14:05:46    Delete registry key    Permitted
Process: e:\windows\system32\services.exe
Target: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpKslade2f93a
Rule: [Registry Group]Autostarts Locations -> [Registry]HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
 
 
2/3/2011 14:05:49    Create registry key    Permitted
Process: e:\windows\system32\services.exe
Target: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpKsl2df405c0
Rule: [Registry Group]Autostarts Locations -> [Registry]HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
 
 
2/3/2011 14:05:51    Set registry value    Permitted
Process: e:\windows\system32\services.exe
Target: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpKsl2df405c0\Start
Data: 0x00000001(1)
Rule: [Registry Group]Autostarts Locations -> [Registry]HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\*; Start
 
 
2/3/2011 14:05:52    Set registry value    Permitted
Process: e:\windows\system32\services.exe
Target: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MpKsl2df405c0\ImagePath
Data: \??\E:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6CC745D3-C3D0-4145-8B88-57322F224560}\MpKsl2df405c0.sys
Rule: [Registry Group]Autostarts Locations -> [Registry]HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\*; ImagePath
 
 
2/3/2011 14:05:56    Load kernel driver    Permitted
Process: e:\windows\system32\services.exe
Target: e:\programdata\microsoft\microsoft antimalware\definition updates\{6cc745d3-c3d0-4145-8b88-57322f224560}\mpksl2df405c0.sys
Rule: [App]e:\windows\system32\services.exe

Airbot said:

Greg S said:

Same here and it is related to MSE according to MS. It can only be tamed by excluding explorer.exe process which is advice from MS.

Greg, can you post a link to where they admit this if you can find it. Thanks.

I've been searching since my post and haven't found it yet. In addition to that, at one time they had exclusions for MSE's main files. I'll keep looking. I had it bookmarked at one time, but switch back and forth between snapshots which caused me to lose it. When switching snapshots, I have rarely used the recover files feature because at the time of switching, I can't remember which ones I want to recover. Also to recover, it has to take a snaphot of the system prior to a restore which I do not like. I'll keep looking.

Did anyone else get a MSE warning about their Jave add-on being a trojan????

I got one yesterday....



I also had the same notifications awhile back as posted here - MSE 2 Final Released!. I cleaned those files out just to be safe and all was good for awhile, even with Java installed - until yesterday.

Is MSE giving false positive on these???

Thanks.

oreo27 said:

I think you can read that a few pages back that it happened to other people as well.

If I remember correctly, download and installing the latest JAVA update fixes this issue.

Yeah I did that... and then it popped up again. Just wondering if MSE isn't giving a false positive on it. Sounds like it is.

Thanks

Hi guys,
This is the first time I start using MSE, and it works just fine. The only downfall for me is the update issue. It seems that there is no automation into this process apart from virus definitions update setting prior to scheduled daily scan. In WU this is shown as optional therefore it must be done manually, alternative way is to use the update tab on MSE itself. It's not a big deal to hit the update tab in this regard, but was wondering is it only me(being a novice with MSE) or this is how it works. Any comment will be highly appreciated.
Thank you! :)

Golden said:

Hi Tatletz,

Please refer to this recent thread:

MSE Update question....

Regards,
Golden

Thanks mate,

No big fuss, so just click on update tab and you are good. One can't expect freeware to be like the paid for anyway.