Microsoft Security Essentials
So yes, I primarily use a mac, but I do use PCs with windows on it all over the place even at home and not just in bootcamp either. As such most if not all I do run an antivirus, except in very specific conditions/situations where it is not that necessary due to the nature of what is being done or how it is operating in general. Anyways the point at hand, Microsoft Security Essentials. I have been running it now for a while and I have to say pretty impressed with how it runs and the simplicity of just having it on. The installation is a snap, just run the installer and when it is finished it wants to be updated and run a quick scan which in all reality is pretty quick. Where it really shines kind of surprised me a bit.
In my particular line of work I deal with PCs that are infected with viruses on a daily basis. One of the worse ones I have seen so far (aside from rootkits) has been the rogue anti-viruses or rogue security software like total security or the hundreds that are known out there. Now I have seen how security essentials runs under my normal usage and has held up extremely well, but I wanted to see how it could handle a couple of already installed viruses in more of a real world scenario than what the eicar file offers. So the other day on a drive that will be wiped here in two weeks anyways I decided to try and see how well security essentials held up against a variety of ways of getting infected and then the actual infections themselves. So I went in search of some viruses, including the rogue security software. Turns out when you are searching specifically for viruses on google the returns are less than ideal to get to an infection (good for google). Kind of a pain when trying to find some viruses. So eventually I did find them, via an unusual way a site that is dedicated to keeping you safe by telling all the threats out there, ironically the site gives the full addresses to the bad content and made it really easy to get to them. The flip side of this site is it listed the 10 most recent submissions, so I was going into environments that were running some real nasty versions, or modified versions of malware. Each site that I ended up going to resulted in Security essentials going crazy and warning and everything else. The way that it warns is it takes you to a screen and blatantly says that this content is bad and will mess up your PC but if you really want to allow it you gotta hit a drop down menu and hit allow. This is fantastic to me, because most anti-virus software tells you in a popup that the content might be bad and give you the option right there to allow or block. Moving on, I ended up with a total of 5 viruses that I had to fight with security essentials to let me have on the PC, one was a rogue security software and a bit of a nasty one. It disabled the task manager and hid all the desktop icons and turned off the background (not sure if it did more or not). Ran security essentials after removing all the viruses from the allow list and it said your PC is infected (obviously). It was able to kill the rogue security software process, and was able to detect all the other viruses that were on there. This is unusual because most retail AVs will not even so much as notice its existence. Wonder if it means that security essentials is running at rim 0 with the windows kernel. It would kill the process but it wouldn't remove the actual executable for the rogue AV, still that point is pretty minor as it tells you right where it is at and that it was very aggravated that I installed it in the first place.
So unless the user is a real flake and allows everything after a couple of messages of "STOP this will screw up your pc if you proceed" in which case they deserve the infection. Also considering that I went to sites that were on a last 10 threats reported and gets updated as threats are added (so constantly changing with new stuff) I thought overall Security essentials did a very admirable job and I will continue to use it for now and in the future. With the simple user interface but with some real solid performance under the hood all around it is a contender with the other Anti-Virus software even the commercial ones. (whoever said free can't be good software).
Bookmark/Search this post with: |
|||
I've only encountered one
I've only encountered one scenario where Security Essentials has proven itself inferior to other antivirus software in certain areas. A NSIS self-extracting archive containing large (~6 GB) InstallShield executables (in this case, it was a single executable that contained graphic and audio data) causes MsMpEng.exe (AntiMalware Service Executable) to triple its resource usage. And even running a reasonably fast processor with dual Wolfdales at 4 GHz, it brought my system to its knees, causing the extraction process to come to a halt, and Task Manager took about 5 minutes to launch.
Other than this particular instance, I've had no issues with Security Essentials and consider it among the finest antivirus software I've used, and by far the most streamlined.
Agreed
Yeah I agree MS SE is pretty nice. A torrent site I visit regularly has become infected with a fake AV pop up that even closes the main site when it opens. After a few seconds MS SE was like HEY! You are getting infected. Clean? As soon as I clicked yes, the message went away. Less than a minute later, "Your system has been successfully cleaned". No problems. Good stuff!