If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
windows live onecare
have any of you ever used windows live onecare...a waste of $50.00. Now i
know why they are discontinuing it. it finds NOTHING and i have to run antispyware and antimalware to keep my pc clean. please suggest the best free protection for my machine since i won't be using this one anymore. |
Ads |
#2
|
|||
|
|||
windows live onecare
I agree with you about Live Onecare. it did suck.
That said - Windows now has Microsoft Security Essential at http://www.microsoft.com/security_essentials/ which seems to be working for me. It found 2 infections that Norton 360 did not. So far, I like it. "Warren" wrote in message ... have any of you ever used windows live onecare...a waste of $50.00. Now i know why they are discontinuing it. it finds NOTHING and i have to run antispyware and antimalware to keep my pc clean. please suggest the best free protection for my machine since i won't be using this one anymore. |
#3
|
|||
|
|||
windows live onecare
From: "Warren"
| have any of you ever used windows live onecare...a waste of $50.00. Now i | know why they are discontinuing it. it finds NOTHING and i have to run | antispyware and antimalware to keep my pc clean. please suggest the best | free protection for my machine since i won't be using this one anymore. Avira AntiVir used in conjunction with Malwarebytes' Anti Malware. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp |
#4
|
|||
|
|||
windows live onecare
msnews.microsoft.com wrote:
I agree with you about Live Onecare. it did suck. That said - Windows now has Microsoft Security Essential at http://www.microsoft.com/security_essentials/ which seems to be working for me. It found 2 infections that Norton 360 did not. So far, I like it. "Warren" wrote in message ... have any of you ever used windows live onecare...a waste of $50.00. Now i know why they are discontinuing it. it finds NOTHING and i have to run antispyware and antimalware to keep my pc clean. please suggest the best free protection for my machine since i won't be using this one anymore. To clarify, the anti-virus engine used in MSE is different than the one that was used in OneCare. That is, you aren't stuck with the same bad AV that was in OneCare. |
#5
|
|||
|
|||
windows live onecare
Warren wrote:
have any of you ever used windows live onecare...a waste of $50.00. Now i know why they are discontinuing it. it finds NOTHING and i have to run antispyware and antimalware to keep my pc clean. please suggest the best free protection for my machine since i won't be using this one anymore. Basically what you are really asking is what other users are currently using. Even after trialing several products and users deciding what they like best, you are still going to get responses that reflect what users have chosen as their current security suite. So, with that in mind, here is my setup: - Avast! 5 (fully operable so using its on-access scanner). o Free version. o Not all "shields" are installed since I don't need them (I don't use prattle IM clients or P2P file stealing) or they can be problematic (like timeouts due to delays in e-mail traffic from the scanning). I only installed the following shields: * Web shield (with intelligent streaming disabled) * Network shield * File shield o Prior free versions only let you do a quick scan (ashquick.exe) that you could schedule in Task Scheduler. V5 lets you add a schedule to both the quick and full scans so, for example, you could quick scan on Mon-Sat and full scan on Sun. o Unlike Avira, Avast lets you schedule how often to check for updates with a single setting. With Avira, you will need to add more scheduled jobs that do an update check (recommended since the free version of Avira hits the same server for all users which makes it busy and it could be 3 days before you get an update if you just go with the default 1-per-day update scheduled job). o The free version of Avira does not include their web shield. Avast includes their web shield in their free version. o Avira free version does not include the e-mail scanner (but often you end up having to disable it for other AV products due to the problems it creates). - MalwareBytes AntiMalware o Free version. o Does not include an on-access (real-time) scanner. This is actually desirable to avoid conflict with whatever is your AV program of choice. o There is no option to check for updates before running a manual scan. The update dialog is also on a different tab. Be sure to do an update before you run a manual scan. - SuperAntispyware o Free version. o Disable the on-access (real-time) scanner. Used only as an on-demand (manual) scanner to avoid conflict with other security software. o Be sure to update before scanning. It has an option to ensure checking for updates before you run a manual scan. - WinPatrol o Free version. o Does not include an on-access scanner. o Polls at intervals for changes to system to alert on critical modification. * Change the default poll interval for all monitors down to 1 minute. Waiting 5 minutes to find out something changed is too long. - ReturnNil Home o Lets you make changes to your system which are obliterated when you reboot (or you can choose to keep the changes). o Any install that requires a reboot would be obliterated if ReturNil were active since it discards all changes made to the virtual disk (so ReturNil is not useful for any install that requires a reboot - instead use a virtual machine, like VirtualPC 2007, VMware Server, or VirtualBox). o Can be configured to activate on Windows startup. Handy when giving a host to kids or strangers since a reboot wipes everything they changed. o Microsoft's similar product is called SteadyState. - SpywareBlaster o Free version. o No on-access scanner (this product isn't potent enough to use for real-time scanning, anyway). o Usefuleness lies in adding ActiveX killbits in the registry to prevent known malware from running. This is passive but always-present protection. o Can add "bad" domains to Restricted Sites security zone to neuter them. * This does not prevent sites from relaying content from those bad sites. It merely disables many HTML features if and when you visit those sites. o Can add "bad" domains to the cookie blacklist in the web browser. - Virtual Machine (VM) o Free version(s). o VirtualPC 2007 (have also used VMware Server and VirtualBox in the past). o Provides isolation of an application by running it inside a guest OS instead of on your host OS. o Legally you will need another license of Windows if you want to run an instance of it in a VM. * Windows 7 comes with XP Mode which is a licensed copy of Windows XP SP-3 (but which is legal only under that instance of Windows 7 so there is no portability). You install XP Mode (since Microsoft didn't include it as an install-time option) and follow with an install of VirtualPC. o VM is more protective than using a sandbox (e.g., Sandboxie) to isolate an application. They make an excellent environment under which to test unknown or untrusted software. * With the effort and side effects of using a sandbox, the setup and use of a VM is no more difficult than a sandbox but a VM affords more isolation. * Sandboxie is probably the only currently support (and least flaky) sandboxing program available. - The free version turns into nagware after the 1-month trial period. - The free version does not have the option to force every instance of a program to get sandboxed, like a child process for a web browser started by clicking on a URL link in a message in an e-mail. Only the paid version has the force option. By reducing privileges on normal Internet-facing apps and using a VM as a test environment, I get covered on lower and higher levels of isolation that what is afforded by a sandbox. - Of course, with a sandbox, you don't need another license for Windows to run it inside a VM. - PC Tools Firewall Plus o Free version. o Includes both firewall (with rules for which apps are allowed to connect to the network) and HIPS (Host Intrusion Protection System) which are rules as to which apps can even load or what actions they can perform with other apps. o Includes a whitelist of known good apps to reduce the number of prompts to the user to make a decision. o Alternatives are Tall Emu's Online Armor and Comodo Firewall (both are firewall + HIPS). * Online Armor has its Run Safer feature which can force apps, like the web browser, to run under reduced privileges (same as if you had logged under a limited user account). Running an app under a LUA (limited user account) token restricts what actions a malware can commit if its infection vector is through the restricted app (web browser, e-mail client, newsreader, or other Internet-facing app). * Comodo Firewall has its sandbox (which is not a full sandbox but still provides some isolation). You can add an app, like the web browser, to the sandbox but disable file/registry virtualization to only force that app to run under a LUA token. (Note: Comodo still needs to work on their sandbox as it is still to flaky in its operation.) * Both Online Armor and Comodo include whitelists of known good apps. o Unlike Online Armor but like Comodo Firewall, PC Tools will will let you specify rules as to WHERE an app may connect. * For example, you may want an app to phone home to check for updates and nuisance you with alerts that a new version is available, especially if you have already tested that new version and have problems with it or otherwise decide you don't want it. But you could let that same app connect everywhere else. o All firewall+HIPS products suggested he * Can be quickly disabled by right-click on their tray icon. For example, you will need to disable them when visiting the Windows Update site so you can install updates to Windows or Office. * All these products are at the top of Matousec's list of best firewalls (http://www.matousec.com/). o While both Online Armor and Comodo Firewall have the means of forcing the web browser (or any app) to run under a LUA token (to reduce it privileges and throttle any malware through that infection vector), PC Tools is lacking in this feature. See the next point about using SRPs to restrict applications. - Software Restriction Policies (SRPs) o Every version of Windows from XP and on up (not sure about 2000) can have an SRP rule defined to restrict a program. The available choices for a security level in an SRP rule a * Unrestricted: App runs at the same privileges as your Windows account. * Blocked: App is never allowed to run. * Basic User: Available in Windows Vista and up, hidden in Windows XP but can be added via a registry edit. Restricts the program to run under a limited user account's privileges. o By using an SRP rule to force a program to run under an LUA token, you get the same benefit as Online Armor's Run Safer option or Comodo's firewall with its sandbox (but with file/registry virtualization disabled for that app). So I can combine PC Tools Firewall Plus with SRP to give me the same functionality as, say, Online Armor with its Run Safer option but I get better detailed control in PC Tools firewall rules than I do in Online Armor's firewall rules. I have several outstanding problems with Comodo Firewall (see their forums by searching on my moniker there) and why I don't use that product. o SRP is available already in Windows and requires no addition software installation from 3rd party vendors. o You can still run the app without restriction. SRP path rules are based on, yep, the path you specify to the program so the same executable in a different path won't have that SRP rule applied against it. o How to setup an SRP rule (and how to get the Basic User security level added to Windows XP) is too lengthy for this already long post. If you want more info on using SRP that is part of Windows, ask for more info and I can spew out my canned response. - GeSWall (isolation + policy enforcement) o Free version. o Only isolates web browsers and some prattle (IM) clients. o Is not a proper sandbox but does provide some virtualization to isolate an application. o Instead of using Windows' privileges assigned to an app, it enforces its own access control rights on the isolated app. o I don't currently use this anymore because it can get in your way too much. It can interfere with the functions of an app. It is designed to be transparent but isn't quite invisible. I would still be using GeSWall except for the interference it has in how an app can operate. o More restrictive in its policies than those afforded by using an SRP rule. o Tracks any downloads using the app (web browser) to make them run isolated, too. When you run the downloaded app, you have the choice of running it isolated or unisolated (so an install you download can actually do the install to your host if you opt to do so). o Easy switch an app from isolated to unisolated. A "G" icon gets added to the titlebar of the isolated app. If you want to run it unisolated, click on the G and select to restart as unisolated. A bit easier than having to right-click on a tray icon to disable all protection, especially when you only want one instance of the app to be unisolated. o Does NOT prevent malware files from getting deposited onto your host. Only prevents them from committing their malicious action. o Between having an anti-virus and firewall+HIPS security software, VMs, and SRP rules, GeSWall becomes pretty superfluous. It's when you don't have all those other techniques that GeSWall will shine. |
#6
|
|||
|
|||
windows live onecare
"VanguardLH" wrote in message
... msnews.microsoft.com wrote: I agree with you about Live Onecare. it did suck. That said - Windows now has Microsoft Security Essential at http://www.microsoft.com/security_essentials/ which seems to be working for me. It found 2 infections that Norton 360 did not. So far, I like it. "Warren" wrote in message ... have any of you ever used windows live onecare...a waste of $50.00. Now i know why they are discontinuing it. it finds NOTHING and i have to run antispyware and antimalware to keep my pc clean. please suggest the best free protection for my machine since i won't be using this one anymore. To clarify, the anti-virus engine used in MSE is different than the one that was used in OneCare. That is, you aren't stuck with the same bad AV that was in OneCare. Which engines are in MSE now? All I can find is references to Forefront and earlier. |
#7
|
|||
|
|||
windows live onecare
"Warren" wrote in message
... have any of you ever used windows live onecare...a waste of $50.00. Now i know why they are discontinuing it. it finds NOTHING and i have to run antispyware and antimalware to keep my pc clean. please suggest the best free protection for my machine since i won't be using this one anymore. I never used OneCare. I use Avast! free version on one laptop (Vista) and AntiVir free version on the other (XP Pro). I'm depending on the fact that I can download and execute Malwarebytes' Anti-Malware and SuperAntiSpyware free version as I find the need. I use the native firewall on each even though I am behind a rudimentary firewall in the form of a router. I use ClamWin (when I'm bored) and have Windows Defender also running. Then again, my needs may be simpler than yours. |
#8
|
|||
|
|||
windows live onecare
FromTheRafters wrote:
VanguardLH wrote ... To clarify, the anti-virus engine used in MSE is different than the one that was used in OneCare. That is, you aren't stuck with the same bad AV that was in OneCare. Which engines are in MSE now? All I can find is references to Forefront and earlier. Yep, Forefront in MSE. It was their acquired GeCAD's RAV that they rolled into their OneLive product. OneLive (with its GeCAD AV) always showed poor coverage. Alas, in the Nov 2009 av-comparative.org testing, MSE (with its Forefront engine) was also doing very, VERY poorly. Hopefully that will jump up significantly in the next review due in another 3 months. This is not the only way to measure effectiveness but does give some indication of effectiveness. http://www.microsoft.com/presspass/p...10gecadpr.mspx http://en.wikipedia.org/wiki/Windows_Live_OneCare I don't recall ever seeing GeCAD in any av-comparative.org review (or it was so long ago that I didn't recognize the name when I saw Microsoft acquired this product). Could be they wouldn't submit a sample, didn't want the results reported, or were so poor for coverage that they didn't make the top listed products. OneLive (that used GeCAD AV) did get reported but started out at a very low coverage, so low that I never bothered to retain any memory about its coverage other than it sucked. Coverage grew slowly and steadily but was never great. Anything under 95% is too low. It never seemed a rationale choice since *free* AV products did so much better. |
#9
|
|||
|
|||
windows live onecare
"VanguardLH" wrote in message
... FromTheRafters wrote: VanguardLH wrote ... To clarify, the anti-virus engine used in MSE is different than the one that was used in OneCare. That is, you aren't stuck with the same bad AV that was in OneCare. Which engines are in MSE now? All I can find is references to Forefront and earlier. Yep, Forefront in MSE. I read in some blurb about MSE that the scanning system is based on the same one in Forefront. Then I read some blurb about Forefront's scanning being based on the AntiGen system, then found this: ===================== Q. What antivirus scan engines are included with Antigen? A. Antigen products support multiple scan engines from industry-leading vendors. Below is a chart of what scan engines are available with each product. Microsoft Antigen for Exchange Microsoft, CA InoculateIT, CA Vet, Norman, Sophos ===================== I musta taken a wrong turn somewhere - are there multiple (and non-Microsoft) scanning engines involved in MSE? It was their acquired GeCAD's RAV that they rolled into their OneLive product. OneLive (with its GeCAD AV) always showed poor coverage. Alas, in the Nov 2009 av-comparative.org testing, MSE (with its Forefront engine) was also doing very, VERY poorly. Hopefully that will jump up significantly in the next review due in another 3 months. This is not the only way to measure effectiveness but does give some indication of effectiveness. http://www.microsoft.com/presspass/p...10gecadpr.mspx I will check that out later, thanks. http://en.wikipedia.org/wiki/Windows_Live_OneCare I don't recall ever seeing GeCAD in any av-comparative.org review (or it was so long ago that I didn't recognize the name when I saw Microsoft acquired this product). Could be they wouldn't submit a sample, didn't want the results reported, or were so poor for coverage that they didn't make the top listed products. ) OneLive (that used GeCAD AV) did get reported but started out at a very low coverage, so low that I never bothered to retain any memory about its coverage other than it sucked. Coverage grew slowly and steadily but was never great. Anything under 95% is too low. It never seemed a rationale choice since *free* AV products did so much better. It always worried me just what type of malware existed in that last 5%. While a detector that gets almost everything except the viruses with polymorphic self-decryption routines could lead one to believe it is adequate for protection from the most prevalent type of malware out there (i.e. lame) - and have a good showing when measured against such malware in its test set. Would be a complete failure if the threat landscape suddenly changed to more sophisticated viruses. |
#10
|
|||
|
|||
windows live onecare
From: "FromTheRafters" erratic @nomail.afraid.org
| "VanguardLH" wrote in message | ... FromTheRafters wrote: VanguardLH wrote ... To clarify, the anti-virus engine used in MSE is different than the one that was used in OneCare. That is, you aren't stuck with the same bad AV that was in OneCare. Which engines are in MSE now? All I can find is references to Forefront and earlier. Yep, Forefront in MSE. | I read in some blurb about MSE that the scanning system is based on the | same one in Forefront. Then I read some blurb about Forefront's scanning | being based on the AntiGen system, then found this: | ===================== | Q. What antivirus scan engines are included with Antigen? | A. Antigen products support multiple scan engines from industry-leading | vendors. Below is a chart of what scan engines are available with each | product. | Microsoft Antigen for Exchange | Microsoft, CA InoculateIT, CA Vet, Norman, Sophos | ===================== | I musta taken a wrong turn somewhere - are there multiple (and | non-Microsoft) scanning engines involved in MSE? NO. The engine is from the purchase of RAV and was the basis of Live OneCare and is successor MSE. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp |
#11
|
|||
|
|||
windows live onecare
David H. Lipman wrote:
From: "FromTheRafters" erratic @nomail.afraid.org | "VanguardLH" wrote in message | ... FromTheRafters wrote: VanguardLH wrote ... To clarify, the anti-virus engine used in MSE is different than the one that was used in OneCare. That is, you aren't stuck with the same bad AV that was in OneCare. Which engines are in MSE now? All I can find is references to Forefront and earlier. Yep, Forefront in MSE. | I read in some blurb about MSE that the scanning system is based on the | same one in Forefront. Then I read some blurb about Forefront's scanning | being based on the AntiGen system, then found this: | ===================== | Q. What antivirus scan engines are included with Antigen? | A. Antigen products support multiple scan engines from industry-leading | vendors. Below is a chart of what scan engines are available with each | product. | Microsoft Antigen for Exchange | Microsoft, CA InoculateIT, CA Vet, Norman, Sophos | ===================== | I musta taken a wrong turn somewhere - are there multiple (and | non-Microsoft) scanning engines involved in MSE? NO. The engine is from the purchase of RAV and was the basis of Live OneCare and is successor MSE. Nope. Remove the "and". OneCare and MSE use different anti-virus engines. Sybari Antigen --.-- Forefront '-- MSE (via Forefront Client Security) GeCAD RAV ----- OneCare Microsoft acquired Sybari Software Inc, a Romanian firm with NY offices, in June 2005. With the acquisition, Microsoft acquired the Antigen line of security products which got renamed to the Forefront product line and became the basis for Microsoft's family of enterprise-level security products. See: http://www.microsoft.com/presspass/p...8SybariPR.mspx http://en.wikipedia.org/wiki/Microso...ity_Essentials Microsoft purchased the Reliable AntiVirus (RAV) product from GeCAD, another Romanian firm (Bucharest) but which continues to exist as its own company, in June 2003. Users had to wait another 2 years before RAV showed up in the summer of 2005 in a beta version of OneCare. See: http://www.microsoft.com/presspass/p...10gecadpr.mspx http://en.wikipedia.org/wiki/Onecare Both were acquisitions of or purchases from Romanian companies. I didn't find out how much Microsoft paid to acquire Sybari and what they paid to buy the RAV product. Antigen was a suite of enterprise-level security solutions that became the Forefront family line with its Forefront Client Security desktop agent going into MSE. RAV was a end-user security solution and went into OneCare (and looks to have died there). |
#12
|
|||
|
|||
windows live onecare
"David H. Lipman" wrote in message
... From: "FromTheRafters" erratic @nomail.afraid.org | "VanguardLH" wrote in message | ... FromTheRafters wrote: VanguardLH wrote ... To clarify, the anti-virus engine used in MSE is different than the one that was used in OneCare. That is, you aren't stuck with the same bad AV that was in OneCare. Which engines are in MSE now? All I can find is references to Forefront and earlier. Yep, Forefront in MSE. | I read in some blurb about MSE that the scanning system is based on the | same one in Forefront. Then I read some blurb about Forefront's scanning | being based on the AntiGen system, then found this: | ===================== | Q. What antivirus scan engines are included with Antigen? | A. Antigen products support multiple scan engines from industry-leading | vendors. Below is a chart of what scan engines are available with each | product. | Microsoft Antigen for Exchange | Microsoft, CA InoculateIT, CA Vet, Norman, Sophos | ===================== | I musta taken a wrong turn somewhere - are there multiple (and | non-Microsoft) scanning engines involved in MSE? NO. The engine is from the purchase of RAV and was the basis of Live OneCare and is successor MSE. Well then, lets hope it can live up to mediocre. ) |
#13
|
|||
|
|||
windows live onecare
http://www.ravantivirus.com/pages/
-- Peter Please Reply to Newsgroup for the benefit of others Requests for assistance by email can not and will not be acknowledged. "FromTheRafters" erratic @nomail.afraid.org wrote in message ... "David H. Lipman" wrote in message ... From: "FromTheRafters" erratic @nomail.afraid.org | "VanguardLH" wrote in message | ... FromTheRafters wrote: VanguardLH wrote ... To clarify, the anti-virus engine used in MSE is different than the one that was used in OneCare. That is, you aren't stuck with the same bad AV that was in OneCare. Which engines are in MSE now? All I can find is references to Forefront and earlier. Yep, Forefront in MSE. | I read in some blurb about MSE that the scanning system is based on the | same one in Forefront. Then I read some blurb about Forefront's scanning | being based on the AntiGen system, then found this: | ===================== | Q. What antivirus scan engines are included with Antigen? | A. Antigen products support multiple scan engines from industry-leading | vendors. Below is a chart of what scan engines are available with each | product. | Microsoft Antigen for Exchange | Microsoft, CA InoculateIT, CA Vet, Norman, Sophos | ===================== | I musta taken a wrong turn somewhere - are there multiple (and | non-Microsoft) scanning engines involved in MSE? NO. The engine is from the purchase of RAV and was the basis of Live OneCare and is successor MSE. Well then, lets hope it can live up to mediocre. ) |
#14
|
|||
|
|||
windows live onecare
From: "VanguardLH"
| Nope. Remove the "and". OneCare and MSE use different anti-virus engines. | Sybari Antigen --.-- Forefront | '-- MSE (via Forefront Client Security) | GeCAD RAV ----- OneCare | Microsoft acquired Sybari Software Inc, a Romanian firm with NY offices, in | June 2005. With the acquisition, Microsoft acquired the Antigen line of | security products which got renamed to the Forefront product line and became | the basis for Microsoft's family of enterprise-level security products. See:: http://www.microsoft.com/presspass/p...8SybariPR.mspx | http://en.wikipedia.org/wiki/Microso...ity_Essentials | Microsoft purchased the Reliable AntiVirus (RAV) product from GeCAD, another | Romanian firm (Bucharest) but which continues to exist as its own company, | in June 2003. Users had to wait another 2 years before RAV showed up in the | summer of 2005 in a beta version of OneCare. See:: http://www.microsoft.com/presspass/p...10gecadpr.mspx | http://en.wikipedia.org/wiki/Onecare | Both were acquisitions of or purchases from Romanian companies. I didn't | find out how much Microsoft paid to acquire Sybari and what they paid to buy | the RAV product. Antigen was a suite of enterprise-level security solutions | that became the Forefront family line with its Forefront Client Security | desktop agent going into MSE. RAV was a end-user security solution and went | into OneCare (and looks to have died there). I'm not convinced. As far as I know there is only ONE Microsoft AV engine and ONE set of signatures and that was OneCare and is now MSE. Perhaps something else is the engine for MS MRT. I have a couple of contacts to ping. I will look into this. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp |
#15
|
|||
|
|||
windows live onecare
From: "VanguardLH"
UPDATE: The same engine is used in ALL; Malicious Software Removal Tool, OneCare and Security Essentials. However, The signature sets are not necessarily the same. I was told "...it's not exactly the GeCAD RAV engine any longer - the code has evolved..." :-) This is a DEFINITIVE answer. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp |
|
Thread Tools | |
Display Modes | |
|
|