Microsoft Security Essentials

In September 2009, Microsoft announced the official release of MSE (Microsoft Security Essentials), its free security software. Fast-forward nearly two years, and MSE is still cruising along, protecting millions of Windows XP/Vista/7 computers (more than 31 million as of September 2010, per Microsoft). MSE has been independently certified for desktop and server virus detection and for desktop virus cleaning by virus testing firm ICSA Labs (Windows XP/Vista/7). It received the Checkmark Certification from West Coast Labs, scored very well with AV-comparatives.org, and was recently awarded the VB100 award by Virus Bulletin. So, is it a product you can rely on as your primary antimalware application? How does it stack up to the top-tier security suites? We recently gave it a test drive to see.

What MSE Offers

Microsoft Security Essentials offers straightforward, real-time protection against viruses and other malware, including rootkits, Trojans, spyware, and keyloggers. It also scans everything on your hard drive or your external drives, if you turn that feature on), from executable (program) files to email messages and multimedia files. It protects against malware that arrives via instant message or syncing with another device (it scans files locally, not on the device you are syncing with). It doesn’t protect against malicious invaders such as hackers (it leaves that task to your firewall). Nor does it defend against spam or phishing attacks, which can be handled by your email client and browser, respectively. Finally, it offers no protection against identity theft, which is generally a consequence of malicious invasion or bad Internet habits-two activities it doesn’t scrutinize. In other words, it is not a comprehensive security suite and does not pretend to be. Rather, it fills the security gaps not covered by Microsoft’s related, free Windows add-ons-Windows Firewall, Internet Explorer, and Windows Mail or Windows Live Mail, depending on your operating system. So, no matter what security solutions you are already using, MSE can be a final step to achieving end-to-end security at no cost. Virus Removal Las Vegas!

How It Works

Las Vegas virus removal – Like many current anti-malware products, MSE has a cloud (Internet-based) component, although it continually updates and uses locally stored virus definitions to protect your machine as well. The cloud component for MSE includes Microsoft SpyNet, a community of individuals who have agreed to let MSE harvest varying degrees of information about the suspect files it encounters on their systems. By using SpyNet, Microsoft is able to compile and access an extensive library of information about how viruses and malware are continually evolving and posing new threats. Microsoft will automatically enroll you in this group at the basic level by default, but you can change your settings if you wish from the Settings tab. In action, Microsoft maintains a rewardingly small footprint on your machine, working quietly in the background with little to no performance drain. Users generally despise security products that are resource hogs, to the point where some will disable them periodically to speed things up. We feel confident you’ll never resort to such a drastic measure while using MSE. System scanning is reasonably quick, depending on your settings. Quick Scan examines the most likely locations for malicious files to be hiding, but leaves the remainder of your drive unexamined until a later scheduled scan. In our test, MSE scanned approximately 19,000 items in seven minutes. Full Scan will analyze all your files, as well as your Registry, for signs of trouble. This will take much longer (hours as opposed to minutes). All MSE scans take place in the background, and we felt no overall slowdown of operations while they were running. MSE also lets you customize your scans-not only when they take place and what they scan, but also the resources they use. (This setting only affects scheduled scans, not those you request on demand.) The fewer resources you allow scans to consume, the longer they can take (the default is 50% of CPU usage). Should you decide to use MSE, visit the Settings tab on the main interface and click Scheduled Scan to establish your personal parameters.

Installation

After you download MSE (from www.microsoft.com /security_essentials), you can install it in a matter of minutes. The setup wizard will validate your Windows installation, and if Microsoft cannot verify you are running a genuine copy of Windows, you will not be able to install MSE. MSE instructs you to uninstall or disable real-t me protection for any security software you have in place (you can o this without leaving setup). It also recommends you upgrade to Internet Explorer 9 for its “SmartScreen Filter, which helps combat online threats with a set of sophisticated tools like anti-phishing protection, anti-malware protection, and application reputation,” as the setup wizard notes. (Whether you run it is your call; Internet Explorer 9 works only with Windows Vista and Win7 and has been out fewer than six months, so not all sites are compatible with it. Otherwise, it appears to be a solid upgrade.) After installation, the setup engine updates virus definitions and offers to launch a Quick Scan of the system. It is always a good idea to let security software scan your system the first time out. If you have not been using protection previously, you should also schedule a Full Scan as soon as possible.

Wish List

MSE doesn’t have any objectionable quirks, but it does handle some functions differently than we would like. One feature with which we took issue is scanning. Although MSE offers scan-related options (including the ability to create a Restore Point), you cannot initiate scans for a particular threat, such as a rootkit. This won’t bother novice PC users, who are best-served by a comprehensive scan. However, expert users who recognize threat types and think they may have been exposed might like this feature. (Some, but far from all, security products allow threat-specific scanning). We noticed that you cannot establish more than one scan setting. Microsoft lets you exclude file types, locations, and processes from being scanned, which requires a fairly knowledgeable user to implement safely. However, you can only establish one set of parameters. We would like to see the ability to create multiple scanning scenarios. For example, you might like to perform a Full Scan once a month on Sunday morning, but scan only the most vulnerable (and heavily targeted) areas of your hard drive once a week. We were also surprised to read user reports that MSE turns on automatic updates in Windows. After some investigation, a Microsoft MVP (Most Valuable Professional) informed us that MSE uses the Windows Update feature as the easiest and least intrusive way to manage and download updates. In the current release of MSE, how it works with Windows Update depends on your settings for this utility. You can turn Windows Update off, but you’ll have to update MSE manually and should enable the checkbox (located on the Settings tab under Scheduled Scan) that initiates an update before every scan. MSE will alert you if updates become too outdated. Furthermore, if a possible threat is detected, our Microsoft MVP asserted it will scan for updates as part of its threat detection. Our test machine had Windows Update set to download updates but not install them until we allowed it, because we sometimes leave processes running overnight. MSE did not change this setting. Instead, it prompted us that new updates had been downloaded, which we then installed. You’ll have to decide what works best for you, because we don’t see Microsoft separating MSE Updates from Windows Update any time soon. Just remember that an out-of-date malware engine can be worse than none at all because it will miss the newest threats and return false positives.

How It Stacks Up

In the end, the answer to our initial question remains elusive. MSE has all sorts of certifications, checkmarks, and awards from major independent virus testing labs. On the plus side, it has a very low incidence of false positives, which is an increasingly important factor as anti-malware first continue to tweak their identification techniques. False positives can cause harmless or even beneficial files to be quarantined or eliminated and keep you in perpetual crisis mode. Like most of its competitors, free and paid, MSE detects active malware right away and generates a pop-up box offering to clean your PC. It offers a link to helpful details and gives you the opportunity to decide the threat’s fate on the fly. It also lets you set behaviors for threats, when they do arrive, based on severity. The most recent edition of MSE turns on Windows Firewall if you do not have another firewall in place. It also has added network inspection features, which works only in Windows Vista and Win7. Finally you can run other spyware removal programs as cross checks against MSE, provided you do not enable real-time protections on them. Realistically, no program will identify 100% of threats, which are becoming more elusive every day. An uncomplicated, easy-to-use and lightweight program such as MSE, paired with occasional cross checks with other free scanners and the use of the other security tools Windows offers, is an excellent way for folks on a budget to protect themselves effectively.

 

Smart Computing | September 2011 p.24

 

Please let me know your thoughts in the comments section below.

Neon Computers
Phone: (702) 240-6366
cash, credit card, invoice, paypal
6830 S Rainbow Blvd Ste 150
Las Vegas, NV 89118

Leave a Reply

Your email address will not be published. Required fields are marked *