Microsoft Security Essentials Anti-virus First Impressions

Posted: June 26, 2009 in Computers and Internet

Bottom line on top…  first impression on Microsoft Security Essentials (MSSE) has been excellent.

I had a coworker bring me their home computer (“It started to run really slow and I get these popups.”) I thought it would be a good opportunity to try out the beta of Microsoft Security Essentials and he was willing to give it a try. 

I booted to a new WinPE 3.0 (Windows 7) environment I setup and ran the command-line version of McAfee using their latest 5400 beta 2 engine.

McAfee VirusScan for Win32 v5.40.0
Copyright (c) 1992-2008 McAfee, Inc. All rights reserved.
(408) 988-3832  LICENSED COPY – Apr 16 2009

Scan engine v5.4.00 for Win32.
Virus data file v5654 created Jun 22 2009
Scanning for 530565 viruses, trojans and variants.

06/23/2009  05:14:32

Options:
/ADL /CLEAN /NOD /AFC=64 /STREAMS /PROGRAM /SECURE /EXCLUDE X:\*.* /REPORT X:\VIRUSCK.TXT

Summary report on C:\*.*
File(s)
        Total files: ………..  300323
        Clean: ……………..  293811
        Possibly Infected: …..       6
        Cleaned: ……………       0
        Deleted: ……………     319
Non-critical Error(s):                 2
Master Boot Record(s): ………       2
        Possibly Infected: …..       0
Boot Sector(s): …………….       1
        Possibly Infected: …..       0

Time: 01:45.37

The results were what I expected, even found 2 new unknown trojans/malware.  The system has multiple logons for his family and the infections were scattered among them.

I next booted to the installed OS in Safe Mode without any network connected.  I took a look around with msconfig for a quick check of anything that you wouldn’t want to auto start on a full bootup or login (things looked good). 

He had been running McAfee VirusScan 8.5i as part of our home-use site license. On booting to the full OS I found McAfee disabled (nicely infected for sure) but the Windows XP firewall still active (with expected active exceptions).  I uninstalled McAfee and plugged into my NAT’ed network and began the install of Security Essentials from my USB key. You can find elsewhere plenty of screenshots of the installation and main dialogs, so I’ll just show the goodies – what it looks like on an infected system.  After stepping through the installation wizard and getting the first signature updates, I chose to run a full scan – here’s the surprising results:

ms-se-found-virus

Microsoft Security Essentials found a number of infected (and nasty) files that McAfee missed (all under one users profile and not the one I was logged under). I let Security Essentials clean the computer and after running the recommended actions I had a clean system again (well, as far as Microsoft and McAfee knew…).

ms-se-fixed-virus

After another reboot and another quick scan using MSSE and my WinPE McAfee command-line scanner the system was coming up clean. I let my friend try out surfing and the system was back to its original speeds (still slow… it’s 6 yr old, ahhh).  With him understanding that it’s only safe after this kind of infection to format and reinstall he’s taking my advice that it’s time and makes sense for his type of usage and he’s getting a new computer. For the time being I at least set all their logons to regular users and created a new “Install-Admin” account.

I’ve been setting up for and pointing people to Avast for free home-use anti-virus software.  While I use it personally and have not had anyone complain about it (well, after I showed them how to turn off all the popup messages and voice prompts) I plan to start setting them up with Microsoft Security Essentials. I like the simple interface, low memory and CPU usage I’ve been seeing, and the experience from the first install.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s