Thursday, June 28, 2012

MSE - Microsoft Security Essentials

If you practice safe surfing habits and have a good backup strategy, consider installing Microsoft's Security Essentials (MSE). It is fast, unobtrusive and free. Article originally published 2010.05.  Updated 2012.06.    



This article has been retired.  See this up-to-date Keyliner article:
Keyliner - Virus Cleanup Steps




I am asked to fix friend and family computers and I get asked to fix friends-of-friends computers. The number-one complaint is invariably the same: "the computer is too slow," along with "it used to be faster -- should I buy a new computer?"

As I've worked on these machines, the most common reasons for slowness are, in order:
  • McAfee Virus Scanner
  • Norton Symantec Virus Scanner
  • AVG Virus Scanner
  • Too many (legitimate) programs running in the background (system tray)
  • Actual viruses and spyware problems
  • Insufficient RAM; dial-up Internet; really-old computers
Notice that viruses are not at the top of the list.  In other words, the machines are generally virus-free.  The best solution has been to uninstall the virus scanners and install Microsoft's MSE.

Current Affairs

The expense and complexity of the commercial versions have driven me away.  To gain market share and revenue, they add features and raise prices. In the end, the McAfee and Symantec/Norton suites are too complicated and the software does so many things that system resources are fully-consumed. Admittedly, these products do more than just scan for viruses.

But if you practice safe surfing habits, then these other products may be overkill.  Safe habits include:
  • Avoid free music bit-torrent sites and porn.
  • Surf with Firefox (not IE), keeping ActiveX from running.
  • Up-to-date with Adobe Acrobat and Flash patches.
  • Full-system disk image backups on a regular basis.
  • Keep teenagers off your computer and give them their own machine.
Improvements:

In the past two years, both Norton and McAfee have improved their software and they now have smaller footprints.  If I had at-risk computers, where virus infections were a re-occurring problem, I would consider more robust software and would probably choose Norton.  But in general, I still do not trust most commercial virus scanners.  Case-in-point, McAfee is aggressively installing on unsuspecting users.  See this Keyliner article: McAfee Security Scan Plus.

PC Magazine's most recent Virus Scanner Reviews 2012, seem a little vague and almost non-committal and it doesn't mention Microsoft's product.  In a separate review, PC magazine rates MSE 2012 as mediocre, but most other reviewers generally like Microsoft's product.  The biggest failing is when a machine is already infected. I agree.  On an already-infected machine, you need to use several tools, including Microsoft's bootable "Windows Defender Offline," along with other's, such as Malaware Bytes (see Keyliner article:Removing Win32/Cryptor). But if you practice generally safe browsing, then MSE will work well-enough.


What I am Doing Now

I now exclusively use Microsoft's Security Essentials.  

Although Microsoft claims they are not competing with commercial software, they are doing relatively well and by most accounts, MSE is a decent program. Almost all reviewers report the software is capable and does not sap system resources.

Benefits:
  • It is tightly-integrated into Windows and runs well in Windows 8, 7 and XP.
  • Performance is invisible.
  • Unobtrusive - no nagging.
  • Quiet, automatic updates; several times per day.
  • A simple, straight-forward user-interface.
  • It is free; no registration; fully-functional; no upgrades to paid packages.
MSE not only uses virus signatures to detect malware, it can also flag suspicious activity, such as an unexpected network connection, modifications to system files, or if software attempts to download in the background. When MSE sees activity like this, it automatically sends the suspected malware to Microsoft's servers for analysis. With 100 million PC's, this gives Microsoft a good pool for correcting problems.

Drawbacks:

Because it can't be configured or controlled from a central server, it is not suited or licensed for business use.

Rootkit detection is weak and you should not rely on this tool to repair an already infected machine. With a raging infection, you will probably have to rely on other tools before MSE can be effective.  I recommend starting with Microsoft Standalone Windows Defender and then see these popular Keyliner articles: Removing Win32/Cryptor and Removing Personal Security ).


Downloading and Installing

Download directly from Microsoft by using this address:
http://www.microsoft.com/security_essentials

Installation is easy and even your grandmother can do this. 
Un-install old virus scanners before installing MSE.
If you have Microsoft's older Windows Defender, it is automatically disabled during the install.

Once installed, let it kick-off a full scan. From then-on, you can basically ignore the software.






When it does have something to say, it is obvious and UAC nag-screens appears, assuring you are not looking at a virus-look-alike.



Conclusions:

I am pleased and now use MSE on all my personal equipment. Microsoft Security Essentials may not be as powerful as other packages, but I have a low risk of infection and am comfortable with my backup strategies.  For at-risk computers, a more robust solution is needed and I would tentatively recommend Norton Antivirus 2012.  Some day, I may give Norton/Symantec and McAfee another try.


Related Keyliner articles:

Use this when your machine is already infected.
Microsoft Standalone Windows Defender.
Removing Win32/Cryptor
Removing Personal Security

HowTo: Fixing Slow Computers
HowTo: Cleaning Windows 7 Startup Programs

HowTo: CPU Utilization and Diagnostics

Reviews:
PC Magazine Virus Scanner Reviews 2012
PC magazine rates MSE 2012
PC Magazine Norton Antivirus 2012 Review

No comments:

Post a Comment

Comments are moderated and published upon review.