Microsoft Security Essentials 4.1

[3link9]

Alright, After getting into so many arguments about MSE, I decided to do a more up to date test.

Download and Install was easy.
Memory usage was very low.

MSE has a simple to use interface, However little custom settings for us Advanced users like to play with but great for the Normal/Average user.

Link test:
It detected 4/10 links
It let a Fake AV, Rootkit, Adwares, and a couple of trojans.
Thanks to the rootkit, This part took a lot longer than usual. So I had no choice to dig out TDSS Killer and get rid of that for me. Kill Switch took care of the fake AV for me.

I did a full scan with MSE and it found a trojan.Banker which took about 2 minutes to remove. I also noticed the CPU spike.

I ran CCleaner to get rid of the temp files.
Malwarebytes detected 16 infections minus the 2 false postives by detecting RKill and a VMware service and it detected the FakeAV.
Hitman Pro found a rootkit and a trojan.
I did a restart and the system seemed to be clean according to KillSwitch.

File Detection Test:
100 Pack
It detected 20/100 - 20% and the pack was almost 48 hours (2 days) old.
I took about 6 peices and MSE did not prevent any of them running due to its lack of prevention features.
They were all trojans.
Malwarebytes detected 4 Infections which were all Trojans and hitman pro found 3 trojans.

I Grabbed a Ransom which was the FBI CP scare and MSE did not detect it and I was unabled to boot into safe mode or anything.

So its safe to say, MSE did NOT protect the system.


For another MSE review, Take a look at Biozfear review here:
http://malwaretips.com/Thread-Review-Microsoft-Security-Essentials-version-4

 

[starchild76]

thanks for this review! I did use mse for a short time and it truely , truely sucked! I had to update the definitions manually eveytime! and those dreadfull cpu spikes! my cpu was round and about 49% - 51% , during startup , spikes of 100%! I tested this once aiganst a internet chicken / malwarecentre pack ( 283 items ) it took a ridicolous 15 minutes to scan and it detected about 45 items , and the best part : it froze during removal! had to manually force a reboot!!! I feel sorry for the people who use this and do their online banking and shopping and online game playing with this as your major protection....

 

[Deleted member 178]

You have to know that MSE was designed to be a simple line of defense vs real-world threats and not to protect against packs of malwares and dozen of malicious 0-days links.

in a classic usage MSE (and mostly any AV) will perform correctly.

 

[spywar]

It's very very simple ... to simple ! They rely on signatures only and not interested in AV that only rely on sigs as nowadays you cannot protect users with that.

 

[BSOD]

I actually think it's a good product for those who do light browsing and average usage. It's light on the system (although, Avast! is now supposedly lighter according to the latest AV-C Performance reports) and it does a great basic job.

It's simple interface and 'install-and-forget' characteristic is great for novices.

 

[Deleted member 178]

For HIPS users like us it is right, but most of users just want to be protected without being annoyed.

 

[Ramblin]

It's very very simple ... to simple ! They rely on signatures only and not interested in AV that only rely on sigs as nowadays you cannot protect users with that.

If you team up MSE with Sandboxie, nothing will get through AND your computer will not feel heavily loaded. I dont use an antivirus but sometimes I play around with them under TimeFreeze, IMO, most of them feel terrible.

A few good points about MSE: MSE does not kill computers by releasing bad updates as Avast did recently (2 or 3 times in the last 3 years), will install and uninstall easily (and it will not wreck your computer when doing it), it does not slow your computer if you are in W7 and it doesn't conflict with SBIE.

Bo

 

[spywar]

Umbra you're right but that's the problem.... As you say many users want to install a soft and then forget it and then they get infected because the product is not powerfull ...you know that's the main problem.

 

[spywar]

@bo.elam
Most of the average users who do not care a lot about their security will install MSE and forget it. Anyway MSE + Sandboxie is enough.

 

[Ramblin]

spywar, the honest truth is that all antiviruses will fail sometime, it is just a matter of time. In my opinion AVs are not useless but they all are about the same. Since MSE works perfectly with SBIE, that's why I recommend it.

Bo

 

[3link9]

@bo.elam
Most of the average users who do not care a lot about their security will install MSE and forget it. Anyway MSE + Sandboxie is enough.

Very true.

MSE is good if you have companions like Kingsoft, Emsisoft, Sandboxie, etc.

Most people get infected by Rouges that are zero days.

most average users does not know about companions, web blocking, etc.
They will just see the Anti-Virus, Install, and forget about it.

I use people who I see in the Malware Removal part of the forums and real life people such as my family for an example and my Cousin for a huge example who will get infected every other week for a rouge thats very new. After comodo, he has yet to get infected for awhile now but before that he got infected every other week from some zero-day.

Everyone says that an average user will rarely encounter a Zero-Day infection, From what I seen and experienced, Its simply not true. I canno't stress that enough.

People will tell me that MSE is good because you can use companions, web-blockers, HIPS, etc but an average user would care less and not install all these programs. They will just install MSE and forget about it.

Microsoft needs to step up and add some User Friendly prevention features and start working on getting more signatures.

 

[Ramblin]

All antiviruses are terrible against rogues. MSE does as bad against them as any of the others. By the way, if your cousin browses using a restricted sandbox where only the browser is allowed to run and connect, he will never see a rogue again.

Bo

 

[LawnTractor]

Something interesting I've observed over the years is MSE usually protects well enough that if the machine becomes infected, you can get rid of it and use your computer again. I used MSE alone for a couple of years w/o problems, but I don't stray far off the main road. Amazingly, it did catch a fake AV. Would recommend using with Comodo Firewall or Private Firewall.

 

[Overkill]

@bo.elam
Most of the average users who do not care a lot about their security will install MSE and forget it. Anyway MSE + Sandboxie is enough.

Very true.

MSE is good if you have companions like Kingsoft, Emsisoft, Sandboxie, etc.

Most people get infected by Rouges that are zero days.

most average users does not know about companions, web blocking, etc.
They will just see the Anti-Virus, Install, and forget about it.

I use people who I see in the Malware Removal part of the forums and real life people such as my family for an example and my Cousin for a huge example who will get infected every other week for a rouge thats very new. After comodo, he has yet to get infected for awhile now but before that he got infected every other week from some zero-day.

Everyone says that an average user will rarely encounter a Zero-Day infection, From what I seen and experienced, Its simply not true. I canno't stress that enough.

People will tell me that MSE is good because you can use companions, web-blockers, HIPS, etc but an average user would care less and not install all these programs. They will just install MSE and forget about it.

Microsoft needs to step up and add some User Friendly prevention features and start working on getting more signatures.

What was your cousin doing when he gets infected every other week?

 

[Littlebits]

I will have to disagree, I believe Microsoft Security Essentials is an excellent product. I have several customers that use it and never get any infections.

What I have found, it focuses on widespread infections in the wild that are most common for users to get.

Microsoft Security Essentials has got a very good track record on VirusBulletin for detecting all known malware samples in the wild.

So when you test Microsoft Security Essentials, if you only use malware samples that have been verified to be in the wild and widespread it will have excellent detection rate.

If you test it against samples on MDL or remote malware, it might not do so well.

It is all about what samples you use to test it.

1. Make sure to use samples that are currently widespread in the wild.
2. Make sure to use samples that have been reported as infection in the last 3 months.

Tests and reviews never show you the complete picture.

But despite all of the negative reviews and tests on Microsoft Security Essentials, it still manages to protect many users and never has false positives. That should be enough to count it as an excellent product.
When several of my novice customers can use Microsoft Security Essentials and never get infections, that is proof enough that it qualifies as an excellent product.

Here is a simple question for all of those members who gave Microsoft Security Essentials a poor rating.

Did you get an infection with Microsoft Security Essentials? and was it an accidental infection or did you purposely use a sample malware to test it?

Enjoy!!

 

[Plexx]

The only issue I have with MSE is this: Scan and removal process speed and its resources usage.

Now that aside, MSE would be ok for the beginner user but then again, there are other good free alternatives (skipping avast issues with recent updates that seem more like lets test out with the public if this bugs raise any alarm), such as AVG, FortiClient, Avira Free, Kingsoft AV.

Detection rate on older samples is still ok but yes there are features that it lacks, but still the main issue that needs to be improved in my opinion is the very first sentence of my post.

 

[illumination]

I find MSE to be an excellent product for novices users. Most of the users i see in this category do not even know how to run a scan, let alone mess with settings. Of course this also means most novice users like this, do not venture far out into the internet either, as in most cases, they check email, look at the weather, ect..

Now for those of us, that are all over the net, a little stronger protection may be required!

 

[McLovin]

Thing I found with this is that it is really slow at removing threats. One thing that that I found to have improved is the updates and how long it takes to update.

 

[gone]

Its the updates i am afraid. very slow and infrequent updates.
but for normal user its good nothing to complain.

 

[mercurial]

It's just a basic AV it won't do everything it's main purpose is to provide you a decent AV solution while at the same time keeping your system light, with win 7 firewall it does a pretty decent job and most users will be pretty happy just using that. Though i will agree scan time's take's forever , but that's the case with pretty much most of the AV solution out there ( Kaspersky, Bitdefender, etc) If you want blazing fast scans go with Webroot or Eset .