Fake Av

[Banyarola]

Yesterday I was on the New York Daily news website and clicked on a story and got redirected to a fake AV scan page.
It really happened fast but MSE blocked it so I didn't get any infection..

Here's a screen shot..

[curiousclive]

Another thumbs up for MSE

[Banyarola]

Well, what gets me is you don't even have to click on anything to get this crap.
Of course, as long as you don't click on anything after you get sent to the site you are O.K. I guess...

It actually did a fake scan even though the virus was blocked.

[Roderunner]

Another thumbs up for MSE

Check your signature

And that has its own patients.

[Tinto Tech]

Sounds like Malvertising.

The most likely route for malvertising are scripts that exploit vulnerabilities in Adobe Flash. Recommend you verify that you have the latest version of Adobe Flash Player.

If it "ran a fake scan", it might still be active and MSE may not have picked up everything: run system restore to before it happened from Safe Mode and execute an MBAM scan just in case.

[Banyarola]

Tinto, I do have the latest flash version and I did run scans afterwards but not in safe mode.
I'll do that later, thanks for the tip..

[Tinto Tech]

Tinto, I do have the latest flash version ........

Yikes! Quite scary that it got its claws into a fully patched system.

Good hunting!

[Banyarola]

It really didn't get in.
MSE blocked the Trojan but not the site..

I didn't click on anything on the site and exited using Task Manager.

[Tinto Tech]

Sorry, poor wording on my part.

The vulnerability (whatever it was) was exploited even on a fully patched system, but could not deliver the payload successfully as that appears to have been contained by MSE.

Really good that you closed using Task Manager. Less experienced users may have interacted with the site which is never a good idea in these cases.

[Xircal]

Prevention is better than a cure as they say, so I'd recommend you install this add-on which allows you to scan links before you visit a site: VTZilla

It supports Firefox, Google Chrome and Internet Explorer (click the button top left).

After you install it, you'll also get the option to scan a file prior to downloading it to check it for malware, and to scan the site you're currently looking at.

What I'm going to say next though will obviously upset a lot of people, but the fact remains that MSE has the worst detection rate of any antivirus application currently available. It consistently comes bottom of the class in independent testing and personally, I wouldn't rely on it to protect my system if I was you.

System security should be left to professionals who devote their entire resources to one product unlike Microsoft who just wants to monopolise the industry rather than protect individuals' machines.

I would recommend you switch to AVAST free version which offers far better protection than MSE ever will.

[RussB]

Another thumbs up for MSE

And a thumbs Down for NYDN.

[Banyarola]

Xircal, VTzilla is for firefox not IE..

As I am sure you are aware, no virus program will completely protect you...

I have never had any problems with MSE.
I have read good reviews and bad reviews about MSE and, as a matter of fact, Avast also has it's share of pros and cons..

The version they tested on AVCOMP was version 2.1...MSE is now Version 4..
And the revision list on their site is dated 4/2012 so if they are testing Ver. 2 in April they seem to be a little behind...

Everyone has an opinion or some data to share to prove their point..

Any user practicing safe computing in conjunction with a virus program will stay safe.

[BruceR]

What I'm going to say next though will obviously upset a lot of people, but the fact remains that MSE has the worst detection rate of any antivirus application currently available. It consistently comes bottom of the class in independent testing and personally, I wouldn't rely on it to protect my system if I was you.

The best false positive result though.

Bruce

[Xircal]

Xircal, VTzilla is for firefox not IE..

Well, yes and no actually. The name is derived from both Virus Total which is the "VT" bit and "zilla" from "Mozilla" as the developer of Firefox.

So for Google Chrome, it's called "VTchromizer": https://www.virustotal.com/documenta...google-chrome/

And for IE, as one might expect, it's called "VTexplorer": https://www.virustotal.com/documenta...rnet-explorer/

But all three are one and the same plugin.

One of the negative aspects of MSE is the fact that it needs Windows Automatic Updates to be enabled and if you've disabled them, MSE will automatically re-enable them. That's a bit no-no for me since I prefer to decide what I wish to install from Microsoft, not what they want to give me.

[Xircal]

The best false positive result though.
Bruce

Well, I don't say these things lightly and I think you have to examine all the evidence before drawing a conclusion about any one particular product.

But as I mentioned already, MSE has the worst results where it counts the most i.e when you have a malware on your machine, can MSE see it? Here's another independent test where Microsoft comes bottom of the league table again, detecting only 14 out of a total 80 samples: http://malwareresearchgroup.com/malw...-test-results/ You'll find the methology used further down the page.

I'm not encouraged by those kind of results I'm afraid.