Monday, June 21, 2010

Microsoft Security Essentials Up-Close

Microsoft Security Essentials is Microsoft’s free alternative to Norton Utilities, or McAfee anti-virus. Along with that, it serves as true competition for other competing free AV programs already available, such as AVG Anti-Virus (which, I might add, I had used as my sole-AV program for quite some time before MSE was released). However, Microsoft Security Essentials is so much more than just a free competitor, it elaborates on Microsoft’s push into creating stand-alone applications for it’s Windows operating system that, over time, can be updated on the fly without actually having to change or update the Windows components themselves.


Development of MSE had occurred over quite some time. Looking back at some of my notes, I recall that Microsoft had first announced that they would discontinue its Windows Live OneCare Suite and replace with Microsoft Security Essentials, a free anti-virus solution. However, Windows Live OneCare users wouldn’t be left in the dust, Microsoft would continue to support them for a little longer, and when support finally ended, users could immediately switch to MSE.

Is this really free?

Before I get into a more detailed look of MSE, I just want to answer one question that is probably floating around in most people’s minds right now. Is MSE really free or is there some type of catch. My answer to that, and the correct one, is yes, it is free. You will not have to pay any yearly fees with this product, no catches here. That means you will get up to date virus definitions (meaning at least daily, if not more) free of charge.


Oh, but wait, actually there is a catch, you must be using a legitimate copy of Windows (that is XP, Vista or 7) that is both activated and passes the Windows Genuine Advantage. Considering one reason Microsoft is producing this product is to protect people (from malware) in foreign countries who don’t want to purchase software is another story. However, if you are currently running a legitimate copy of Windows XP, Vista, or 7 you are good to go to install and use MSE.

Overall Feel and the UI

After installing MSE for the first time I was impressed with the way the program looked and felt. It installed relatively quickly--it is after all only a 3.5 MB install--and I had no problems getting it up and running. It has a basic user interface that neither makes the user guess where to go next nor lacks important features and functionality. It has four main “pages” or tabs that you can click on for more options or features: Home, Update, History, and Settings. Along with these four tabs there is also a help button on the right hand side of the screen. Here’s a brief rundown of the tabs:



When you first start MSE you will be brought to the home screen in which displays information such as whether or not Real-time protection is turned on or not, and whether your virus & definitions are up to date. You can also perform three different types of scans from this screen as well. I’ll go into a little more depth with scanning later on, though for right now here’s a brief look at the three default scans:

Quick. This scans for files and folders that are most likely to be infectable. This would be your system folders and files, documents folder, etc.


Full. This will scan for all files on your computer. Plain and simple, this is the most in-depth scan that is possible and through a couple of option changes you can make it scan all of your removable drives as well.


Custom. This is where you can select specific folders or files for MSE to scan. You can also have MSE scan for files or folders by right clicking them and selecting “Scan with Microsoft Security Essentials…” I like this feature as I used it quite a bit with AVG free edition.






The update page is quite plain and clear, it tells you whether or not MSE is up to date, when the definitions were created, and the version of MSE’s virus and spyware definitions. You can also, obviously, manually update MSE via the large Update button provided on this screen.






The history page is good if you want to look at previously deleted items, i.e. items that were infected and deleted from your PC. That’s all it’s good for though. With AVG free edition, you got a whole lot more with history, such as the ability to view all of your previous scans and what time they started and ended. It isn’t necessarily bad, but it was a good way for me to make sure that my automatic scans were completed.

One other thing to note with the History page is you have three selections to select from (coming from Microsoft’s own mouth):


All detected items. View all the items that were detected on your computer.


Quarantined items. Items that were disabled and prevented from running but didn’t remove.


Allowed items. Items that you’ve allowed to run on your computer.






Ah, the meat of the interface. Here you can select many different options to enhance or de-enhance your protection. The options are very basic and all but the least computer literate should be able to peruse through them with little problem. Here’s a look at the different subscreens:



Scheduled scan. This area allows you to choose when and how often MSE should scan your computer for viruses. It also allows you to choose what type of scan that should be taken place. You can also make MSE check for definitions before scanning, which makes for the best overall scanning experience. For me, I allot a quick scan on a daily basis.



Default actions. Use this screen to change how MSE handles viruses found on your PC and what actions should be taken.



Real-time protection. MSE offers what all AV programs should, the ability to use real-time protection. It’s enabled by default, and I highly recommend it being enabled. Using real-time protection, files will be checked as they are being used to further prevent the spread of an already infected file.



Excluded files & locations. MSE also allows you to choose specific files or folders that you don’t want to be scanned.



Excluded file types. This section allows you to choose specific file types that shouldn’t be scanned. (I.e. EXE, DOCX, XLSX, etc.)


Excluded processes. As MSE also scans processes, some users may not wish for it to scan everything single process. Use this section to include those specific processes that shouldn’t be scanned.


Advanced. Advanced settings of course. These allow for four different options. The ability to scan archive files (ZIP, CAB, RAR), scan removable drives (USB Keys, external hard drives), creating a system restore point (in case anything happens during/after the scan), or allowing users to view the full History results. The last of these allows normal users (not just administrators) to view/edit the MSE’s History results.


Virus-scanning, the meat of the program

Well, yes, as pretty, feature packed and easy to use as the program is it may not be worth much if it doesn’t do a good job with what it was designed to do. As I cannot give you an accurate description of the percentage of viruses it actually finds and removes (don’t worry this information is floating around the web somewhere), I can instead discuss how the program works to keep you safe.


Like most anti-virus programs, MSE does allow for automatic scans. You can further customize these scans under settings, you can have MSE do quick or full scans. MSE will scan either on a weekly or daily (recommended) basis; however, you cannot set up an automatic scan for more than once a day. That’s not really a problem though, as you can still perform manual scans as often as you would like.


MSE also works in the background (albeit, using very little of your computers resources) to perform real-time scans, which allow for scanning of files when opening them. MSE does not, however, offer any type of link-scanning as is a feature with AVG Free edition.


Further, you can also select to scan specific files/folders or external devices by simply right-clicking them and selecting “Scan with Microsoft Security Essentials…” MSE will simply scan only the specified files and give you the results.




One of the most important parts to making or breaking an anti-virus product is whether or not it updates on a fairly regular basis (and automatically). MSE updates at least once a day and on average I found that it would often update more than twice per day. Not too shabby. The update process works with Windows Update, so it makes for a quick and out of the way update process.


I’ve had, which I’m sure many other people who are reading this, issues upon issues with AV programs bogging down my computer. (Recall Norton AV, anyone?) I at one point in time almost got to the point (yes, I’ll admit this was back when I was using Symantec on all of my PCs) where I didn’t even want an AV program on my computer.


I found that AVG did stellar in the performance category, but MSE has somehow completely outperformed any other AV program I’ve ever tried. It uses a mere 4 MB of RAM while performing a scan. Mind-boggling. MSE also does not bog down your processor while performing a scan either. So far, although I haven’t looked at every anti-virus program out there, MSE performs the best out of the ones I’ve tried.

Attaining Support and Help with MSE

Getting support or help while using MSE is actually quite easy. There are two ways in which you can do this, either online or offline. Online would obviously be the better of the two, but Microsoft realizes that in a crunch you may need offline help to (in case your PC is infected and cannot connect to the Internet).


As this is also a free program, Microsoft will be releasing regular updates which will be available through the help dropdown box. Via this same box you can also submit a malicious software sample that MSE has apparently not been able to locate on your PC.

That pesky SpyNet

Don’t worry SpyNet isn’t a network that spies on you. It was first introduced in Windows Vista, or to put it more precisely in Windows Defender. However, it continues to live on with MSE. It is essentially a community where you can send information about threats that you have found on your computer, in which MSE has yet to discover. Fear not, this program will not violate any privacy issues. It does however have two different memberships (as Microsoft calls them), Basic and Advanced. Unlike Windows Defender you cannot opt out of this membership you have to choose one or the other. So, there you go, for those with any privacy issues there’s another catch.


The basic membership only sends basic information (and is the default) about programs that seem to be malicious, such as where they came from, how the behave, etc. Advanced membership goes a little further and reports the file name and location if need be, yikes.


Don’t worry though; no identifiable information will be given to Microsoft at least not on purpose, perhaps by accident though. (You know, like how Google “accidentally” retrieved information.)



Wrapping it up

Microsoft Security Essentials is a good lightweight, full-featured, easy to use and very well integrated anti-virus program. As with all AV programs it should not be used as a primary defense, but instead as backup, your primary defenses should be learning better browsing habits, having a firewall, etc. As such this makes a very good companion for Windows 7.


Ethan said...

Quite a good post. How about a few figures? Also, I disagree that "AV programs [...] should not be used as primary defence" ;if an AV program is not good enough to protect my computer, I don't know what it does do.

jctierney said...

Thanks Ethan!

On the AV programs not being a primary defense, this goes back to using your computer safely and correctly. Even the best AV programs available won't be able to catch every virus on the market. However, using smart/safe browsing habits, not downloading rogue files, not visiting sites known to contain viruses, etc. should be one of the first steps in preventing getting a virus on your system. If this step fails, then your AV program should come up and protect you. Also, having a properly equipped firewall (the one in Windows should suffice for most users) should also be a step used before anti-virus kicks in.

AV is used most often as a way of detecting/catching malware and removing it once it's already appeared on your system, using safe browsing habits and having a secure firewall can prevent many of these viruses from even appearing in the first place.

Of course, security can be discussed in so many ways and everyone would have a different opinion on how each specific component should keep your computer secure. But in the end, I've found that creating your own plan for security works best. Personally, I've been virus free now for eight years and counting and I've had a number of machines come in and out of my home/network.

For your discussion of figures and numbers, I probably won't update this post, but I may write something up on my new blog which replaced this one ( sometime in the future. But for now, I'll leave you with an article from ZDNet that discusses an independent institute which conducted its own test and the results were quite positive, 98% of viruses were caught by MSE:

Hope that helps!

Post a Comment