MS Security Essentials configuration questions

ignatzatsonic · Nov 27, 2009

For no particular reason, I just uninstalled AVG Free and have installed Microsoft Security Essentials.

I roamed around in the settings and have a few questions.

There is a "default actions" setting for various levels of threats. I chose these settings:

Severe alert: remove
High alert: quarantine
Medium alert: quarantine
Low alert: allow

Any comments on these choices? Are the consequences of "remove" and "quarantine" effectively the same; eg, I have the same degree of protection in either case? Any reason not to use "quarantine" for severe alerts?

The more important questions follow:

Running MS Security Essentials means you are a "basic" member of MS Spynet. You cannot opt out.

The related privacy policy statements say that MS regularly receives security-related scan reports from users and that the info MIGHT contain personal data, usernames, file paths, etc.

My hard drive setup is as follows:

HD 1: C and D partitions; C is Windows and all apps; D is data only
HD 2: E partition; contains data only (backups of D through several methods)

I am not particularly amused by MS even accidentally and innocently viewing ANY aspect of my data.

So, on the "exclude files and locations" tab, I have chosen to exclude my D and E drives from scanning and real time protection. Hopefully, any scanning and reports will be confined to C only.

Let's stipulate that D and E are known to be clean at this time.

Comments? Dumb, smart, pointless, mediocre, etc?

My "downloads" directory is on D. If I go to a poisonous website and attempt to download something threatening to D:\downloads, am I at risk because protection is turned off for that entire drive?

Or would I be protected nonetheless and the bad file would never be downloaded?

Should I NOT exclude that download directory from realtime and scanning protection? (The settings allow you to exclude by directory, and I could just exclude all folders on D EXCEPT downloads.)

zigzag3143 · Nov 27, 2009

ignatzatsonic said:
For no particular reason, I just uninstalled AVG Free and have installed Microsoft Security Essentials.

I roamed around in the settings and have a few questions.

There is a "default actions" setting for various levels of threats. I chose these settings:

Severe alert: remove
High alert: quarantine
Medium alert: quarantine
Low alert: allow

Any comments on these choices? Are the consequences of "remove" and "quarantine" effectively the same; eg, I have the same degree of protection in either case? Any reason not to use "quarantine" for severe alerts?

The more important questions follow:

Running MS Security Essentials means you are a "basic" member of MS Spynet. You cannot opt out.

The related privacy policy statements say that MS regularly receives security-related scan reports from users and that the info MIGHT contain personal data, usernames, file paths, etc.

My hard drive setup is as follows:

HD 1: C and D partitions; C is Windows and all apps; D is data only
HD 2: E partition; contains data only (backups of D through several methods)

I am not particularly amused by MS even accidentally and innocently viewing ANY aspect of my data.

So, on the "exclude files and locations" tab, I have chosen to exclude my D and E drives from scanning and real time protection. Hopefully, any scanning and reports will be confined to C only.

Let's stipulate that D and E are known to be clean at this time.

Comments? Dumb, smart, pointless, mediocre, etc?

My "downloads" directory is on D. If I go to a poisonous website and attempt to download something threatening to D:\downloads, am I at risk because protection is turned off for that entire drive?

Or would I be protected nonetheless and the bad file would never be downloaded?

Should I NOT exclude that download directory from realtime and scanning protection? (The settings allow you to exclude by directory, and I could just exclude all folders on D EXCEPT downloads.)

hi and welcome

First samrt move on giving avg the heave. I do lots of BSOD's analysis and I have seen to many avg couased.
Default actions are fine, even a little to extreme for me but hey cautious is good.

I understand how you feel abt MS but which is worse them maybe seeing data or a single download wiping it? BTW there is a way to block it in a firewall.
I would leave it on for all drives but I just lost 100 gigs worth of media so, either way thething that is going to save you or sink you is what you click on

Good Luck

Kenn J++

ignatzatsonic · Nov 27, 2009

Ken:

Can you comment specifically on why data drives should be included?

Because a threat might beat the antivirus, land on C, and then reformat or otherwise harm other partitions or drives?

Can a threat directly attack a non-system partition or drive? Or can it only get at non-system partitions and drives after first penetrating C??

Care to comment on how you lost 100 gigs? Failure of what?

logicearth · Nov 27, 2009

ignatzatsonic said:
Because a threat might beat the antivirus, land on C, and then reformat or otherwise harm other partitions or drives?

Can a threat directly attack a non-system partition or drive? Or can it only get at non-system partitions and drives after first penetrating C??

If malware were to get on your computer, it can do anything including put itself on the other drives for future infection if you attempt to move the original infection. That could be one example.

But honestly, you are being over paranoid about Microsoft Spynet. The data they receive does not identify you or ever used outside of those creating new virus definitions. And it only sends reports about infections it has found. It does not randomly scan your data sending reports when ever.

Send basic information to Microsoft about software that MSE detects, including where the software came from, the actions that you apply or that MSE applies automatically, and whether the actions were successful. In some instances, personal information might unintentionally be sent to Microsoft. However, Microsoft will not use this information to identify you or to contact you.

ignatzatsonic · Nov 27, 2009

Thanks for the comments, Logicearth.

Ken mentioned configuring a firewall to control the outbound communications of MS Security Essentials.

I have very little experience configuring firewalls, but I am going to root around in the tutorials on this site to see if I can turn off outbound communications by Security Essentials.

logicearth · Nov 27, 2009

Why do you need to block it?
You are best off just leaving things as they are.

MS Security Essentials configuration questions

ignatzatsonic

Aspiring Gnome

My Computer

zigzag3143

New member

My Computer

ignatzatsonic

Aspiring Gnome

My Computer

logicearth

New member

My Computer

ignatzatsonic

Aspiring Gnome

My Computer

logicearth

New member

My Computer

Similar threads