Windows 7 64-bit + EMET + MSE4 + UAC vs ransoms

[lukasamd]

Hello,
I made security test to check build-in or free Microsoft security software for Windows 7.

"White side"
- Windows 7 Professional SP1 64-bit with all updates
- MS Security Essentials 4 with newest databases
- EMET 4.0 (high security + recommended during install)
- UAC on max. level

versus 20x 0-day ransoms (very popular Ukash/Urausy).
Malwares have been provided by tachion.



Unfortunattely, Microsoft security fail the test
Conclusion: I recommend to use better AV, that has more shields (reputation system, heuristics etc.).

 

[gied]

Majority of malware builds are tested against popular AVs automatically and re-packed once they are detected by many. MSE would be first in line of checks. It is not that AVs don't work (they do), but the key is patching exploitable holes (aka JAVA, Adobe, etc), good behavior scans and recovery plan

 

[Alejandro85]

No big surprise to me really. UAC does a good job, but I wonder how the nasties got past it (maybe the user accepted them without knowing). MSE is a joke of an antivirus, better than nothing, but falls behind any other respectable AV. I still don't get what EMET does really.
What you don't mention is a firewall, a properly configured one may prevent the viruses from installing or calling home if they did get. Windows firewall is good, but at its default settings it's nearly useless, until properly configured.

 

[lukasamd]

Second video:
Windows 7 64-bit + EMET + MSE4 + UAC vs malware (standard account) - YouTube

Test on standard user account (both accounts have passwords) to deeply check UAC.
There are also new malware samples.