Jump to content

Microsoft security essentials and Windows XP


Recommended Posts

Posted

essentially alot of the files are the same

opened with 7zip

I wonder with a bit of manipulation you could swap file(s)

I did try a windows defender definition update, didnt work it;s called mpas-fe instead of mpam-fe

mse10.JPG


Posted
36 minutes ago, Dave-H said:

Silly question I'm sure, but the latest definition for Windows Defender on Windows 10 is 1.293.45.0.
I presume that can't be used in MSE?
I only very recently started using MSE on the XP side of my netbook because its original AV stopped supporting the last XP compatible version of its program.
I don't know much at all about how its updating system works, but surely it's not just a matter of copying files across to make MSE think it's got the latest version?
:dubbio:

I would think swapping to Defender will probably be same as MSE the definitions will not update

Posted (edited)

I'm not taking about the old XP Windows Defender, but the one that comes with Windows 10.
A very different animal, but it may still share the same definition files with MSE.
:)
 

Edited by Dave-H
Typo
Posted

Well, for the moment, the safest thing to do is to stick with v. 1.291.2489.0

47 minutes ago, Dave-H said:

I don't know much at all about how its updating system works, but surely it's not just a matter of copying files across to make MSE think it's got the latest version?

It may be. Than again, it may not. We simply don't know yet. However, if it validates its signature files every time it uses them for a scan, then we'll be in deep waters. If, however, it validates the files only at install/update time, we've got a good chance of bypassing that.  

Posted

If in an event ther eis No workround to get MSE defs again, what would be a lightweight friendly AV, alot I had in past like Avira, Avast wasn;t too kind and threw false positives.

Norton embeds into system too much  and Mcaffee is a No go, what about Black Ice or Panda

Posted (edited)

I found Panda to be very similar to Avast when I tried it a while ago.
This is off-topic for this thread anyway, which is specifically about MSE, not possible alternatives to it which is a discussion that could go on for many pages!
There's are threads all about XP-compatible AV and security programs here and here.
(The second thread is specifically about Avast).
:)

Edited by Dave-H
Addition
Posted

Actually I think it's the same file. (M$ updates the definitions 2-3 times a day, so the third number keeps increasing.)

The downloaded file can be opened with 7-Zip. It contains four malware definition files: a spyware definition "base" and "delta," and a virus definition base and delta. (It also contains two executable files: mpengine.dll and mpsigstub.exe.)

On Windows 7, Windows Defender is antispyware only, so I'd assume it only uses the spyware definitions. You have to install MSE to get antivirus functionality.

But I think on Windows 10, Windows Defender is both, and essentially replaces MSE.

Posted
10 hours ago, Mathwiz said:

Actually I think it's the same file. (M$ updates the definitions 2-3 times a day, so the third number keeps increasing.)

The downloaded file can be opened with 7-Zip. It contains four malware definition files: a spyware definition "base" and "delta," and a virus definition base and delta. (It also contains two executable files: mpengine.dll and mpsigstub.exe.)

is it or would it be possible to put the file(s)extracted with 7zip (mpengine.dll and mpsigstub.exe.) or whatever relevant files straight into the Antimalware folder

Posted

MSE is not much of a loss.  It is/was possible to try to get a virus intentionally and have MSE fail.  This had been documented on sites that compared it to other virus scanners and it showed to be weak. 

To be 100% honest I do not know how to actually get a virus aside from downloading sketchy cracks off the darkweb and trying to install pirated software that had been infected, I don't know how you can actually get a virus on XP.

I suppose there is a threat of opening email attachments and getting a virus, but honestly you should know better to do that if you are so worried about it in the 1st place.

Moving forward Clam Win is going to be the best option for XP.

Posted (edited)
2 hours ago, DrWho3000 said:

is it or would it be possible to put the file(s)extracted with 7zip (mpengine.dll and mpsigstub.exe.) or whatever relevant files straight into the Antimalware folder

Maybe: I moved the four definition files to folder "C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7B4903B6-59C9-4BB6-BB10-6B3CC934757A}" (on my system) and it seemed to work, but I haven't tried scanning anything yet:

untitled.PNG.e648d6b351a948cda47b5d8888c46ab0.PNG

Edit: It's weird seeing definitions created on 4/23 but last updated on 4/22. I wonder if MSE will start claiming it's "out of date" in a few days even if the definitions are current?

Edited by Mathwiz
Posted (edited)

First I had to run services.msc and stop the M$ Antimalware service. (MSE complains when you do this, but you can ignore it). Then I copied:

mpasbase.vdm
mpasdlta.vdm
mpavbase.vdm
mpavdlta.vdm

... to the folder mentioned above, and finally restarted the service (MSE's complaint goes away and the icon turns green again).

Edit: I'm hoping that, if this process works, @heinoganda or someone can automate it. Then we'll be good at least until M$ shuts WU down forever.

I didn't copy mpinstall.dll from the update, even though it lives in the same folder; I was worried it'd be flagged for NT 6.1, or have unresolved dependencies.

I just completed a scan. It seemed to work, but didn't find anything. I guess for a true test, you'd need to put some piece of malware that MSE is known to recognize on your PC and then run a scan. :crazy:

Edited by Mathwiz
Posted

I did what you said, I had 3 defs folder so copied the files to 2 off them, it didnt work then I got the folders were inaccessible, restarting exploer they disapppeared, only one there and it won't let me copy the files into folder,
I think I borked it

the files are deffo not in use

i might have to do a system restore to yesterday

mse111.JPG

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...