Back on September 28th Microsoft announced the availability of a new free antivirus and antispam software tool, Microsoft Security Essentials, which extends the Microsoft product portfolio in a clever way.

In this article I will share my thought and personally first hand user experiences on the Microsoft Security Essentials software, which I can compare to previous used Eset NOD32 Antivirus and Windows Live OneCare software.

However let’s start with congratulating Microsoft with an impressive milestone of 1.5 million downloads of Microsoft Security Essentials in the first week:

“Now that Microsoft Security Essentials is generally available to consumers in 19 countries, we’ve had a chance to go over the data, and there are some very interesting results. Just in the first week we saw well over 1.5 million downloads of Microsoft Security Essentials, but the price (free to Windows users) is hard to beat! ”

Microsoft Security Essentials product overview

With such an impressive milestone it is certainly worth while to have a detailed step-by-step overview of the Microsoft Security Essentials application and its capabilities. As already mentioned in the introduction, I have some good references to benchmark the functionality and usability of Microsoft Security Essentials, so let’s start quickly with the application overview.

You can download your copy of Microsoft Security Essentials from the download page, and as mentioned by Joe Faulhaber, from the Microsoft Malware Protection Center, it is available in different languages and for different Windows Operating Systems:

“Microsoft Security Essentials is available in 8 languages and 19 markets at RTM, which covers a lot of the PC using world. The geographic distribution of detections so far still closely follows the Microsoft Security Essentials Beta countries, and is ramping up in other countries that use the 8 languages.”

This installation is pretty straight forward, but the video below gives you an idea of the installation process and the application itself:

httpv://www.youtube.com/watch?v=aPh09bapmCQ

The graphical user interface (GUI) of Microsoft Security Essentials is simple in concept, and makes it therefore easy to use. There are only 4 tabs within the Microsoft Security Essentials, which I will discuss one by one with help of some screenshots.

A.  Home tab

At first there is the home tab, which provides a general overview of the application and the status of Microsoft Security Essentials. On the left you can see the the “Real-time protection is on” and the “Virus and spyware definitions are up to date”.

In the left bottom part of the home tab you can find information of the scheduled scans, for example the time of the next scheduled scan and a link to change the schedule.

Furthermore on the right of the home tab there are three options to perform a manual scan with Microsoft Security Essentials:  (1) Quick, (2) Full and (3) Custom. These options probably speak for itself and don’t need much of an explenation.

In addition the status of Microsoft Security Essentials and the “current” risk-level are visualized with a theme (green, orange or red) on different place in the Microsoft Security Essentials application. In the article “Introducing Microsoft Security Essentials” you can read the following part in a note from the Microsoft Security Essentials team:

“Red or yellow means there is something that needs to be done to keep your PC secure. A single click and the PC is back to the green protected state.”

At first in top part of the window you can find the “computer status”, which in the example is shown as protected on a green background. Also the computer screen and the bullets in the home tab are colored green, while the green theme is further extended to the tray icon of Microsoft Security Essentials as well.

More interesting, and part of the main application window (so not tab dependent) is the “Help” and next to it a tiny pull-down-menu. This pull-down-menu has some clever options, like the “about screen” of Microsoft Security Essentials which shows the version numbers of the application and virus- & spyware definitions.

Furthermore there is an option to” upgrade Microsoft Security Essentials” to its latest version, and you can also submit a “sample of malicious software” in order to improve the software as well.

B.  Update tab

The name of the second tab covers its function really well. It simply is the place where you can hit a large update button to download the latest virus and spyware definitions from the Microsoft servers.

The status of the virus- and spyware definitions is shown in the top center of the update tab, while more details about the definitions like the version numbers and the creation date are shown in a listview below.

My experience is that the definitions are updated on a daily basis, and while using Eset NOD32 Antivirus these updates were pushed to your notebook. There is an option to check for the latest definitions before performing a scan, but that is a slightly different concept than a real push.

Another example of update-concept is from avast! Antivirus Home Edition, which downloads and installs the latest definitions at the Windows start-up of your machine, completely automatically.

Despite the fact that this an area for improvement I’m really confident that the Microsoft Security Essentials team is looking at different options. While Microsoft has an excellent mechanism in place for pushmail on Windows Phones, I’m really curious about the improvements in next versions of Microsoft Security Essentials.

C.  History tab

The third tab of this simple and robust GUI is called history, which provides and overview of the latest “detections”. Additional information about the infection is shown: “type of detection”, “alert level”, “date” and the “action taken”.

Despite that in the screenshot above this list is empty you have the option to apply a filter to this list. The three filter options are shown above the detection list, and consist of:  (1) All detected items, (2) Quarantined items and (3) Allowed items.

D.  Settings tab

The last tab in Microsoft Security Essentials is the most interesting one and consists of various settings which can be configured. At first you can configure the details / parameters for a scheduled scan.

In my personal case I have set this to daily at 10:00 in the morning , but more important I’ve marked the option “check for latest virus and spam definitions before running a scheduled scan“. In fact this means that the definitions will be updated on a daily basis. However remark the previous elaboration about definitions “push”.

Furthermore you can set the default actions, when Microsoft Security Essentials detects a possible thread to your computer. But more important is that Microsoft Security Essentials has a real time protection mechanism in place, which can be a little configured as well. Like you can see in the screenshot above “all downloaded files and attachments” are scanned, while also the “file and program activity” is monitored on a real-time basis.

I think this is an essential part of protection. The next three sub-tabs in the settings window are all about exclusions. You can excluded certain files, locations, file types and even processes to be excluded from scanning. Be aware however that this also brings a certain risk. By default these fields are empty and I would recommend that you leave it that way, unless you are a field expert on virus- and spamprotection.

More relevant than the exclusions is the “Advanced” sub-tab which easily lets you configure a little more options. First excellent that “archive files” are also scanned (remark the CAB-extension in the screenshot) which is the first option you can mark.

In addition you can scan removable drives when running a full scan. Although this is a good start I would personally like to see this taken one step further. While nowadays you often plug- and unplug USB flashdrives to your computer, I hope that in a future version the option will become available to perform a quick scan on insertion of the USB flashdrive.

Finally you can set the Microsoft SpyNet membership to basic or to advanced. The descriptions of each option are clearly shown in the screenshot above !

Microsoft Security Essentials data analyzed

Joe Faulhaber, from the Microsoft Malware Protection Center, has written an article “Microsoft Security Essentials – Week One“, which shows the (statistical) results of first analysis of Microsoft Security Essentials data. The second part of this article will have a look at the data and first results after an impressive first week.

In the introduction I already mentioned the impressive number of downloads, which was also reported by the Softpedia website. However how many detections are there registered so far?

“Computers reporting detections up to October 6: almost four million detections on 535,752 distinct machines. The detections are eight times the machine count because many computers are infected with multiple threats.”

Furthermore the article of Joe Faulhaber, from the Microsoft Malware Protection Center provides a more statistical analysis with the top virus-, worm- and other malware-families. In addition the geographical location is also included in the analysis as well as the operating system.

The bottom line is that Windows 7 machines have the least detections, with one of the main reasons is the use of the more robust 64bit variant of the Windows operating system. If you like statistics you should certainly have a look at some of the distributions and the reasoning behind some observed results from the data-analysis.

Wrap-up and conclusions

Mitchell Ashley, Editor on Networkworld, has written an excellent article “Microsoft Security Essentials – Never Pay For Anti-Virus Software Again” in which he touches a few points that are really valuable:

“No frills and a minimum performance impact on your system. MSE may not be the fastest scanner of the AV products, but it has a pretty small footprint on your system.”

Since the release I’m using Microsoft Security Essentials as my primary virus scanner and antispyware software. In this time I can only fully support the findings of Mitchell Ashley. Furthermore I just had a detection when some pop-up loaded in my browser, but this “thread” was directly neutralized. In the article there is furthermore an interesting test from PC World:

“When put against AV-Test’s “WildList” collection of 3,194 recent, common viruses, bots, and worms, Microsoft Security Essentials detected and removed each and every one of the malware samples. How does this compare to other security products? AV-Test coordinator Andreas Marx notes that “several other [antivirus] scanners are still not able to detect and kill all of these critters yet.” In addition, Microsoft Security Essentials put up a perfect score with zero false positives–it didn’t flag a single clean file as being malicious. AV-Test also took an initial look at Microsoft Security Essentials’ rootkit detection, testing it against a few rootkit samples, and found “nothing to complain about.”  — Nick Mediati, PC World, 06/25/2009

We don’t need to forget that this still is Microsoft Security Essentials v1.0 and there is expected room for improvement. The most important area for improvement would be the real-time push of virus- and spyware definitions.

Perhaps the Microsoft Security Essentials team could collaborate with the Unified Communications team which worked on pushmail for Windows Phones (very data- and battery-life efficient).

Right clicking on the Microsoft Security Essentials icon just provides the option “Open” now, but this could be extended with the most important commands like “update”, “full scan” “quick scan” in a kind of quick menu.

I have also installed Microsoft Security Essentials on my HP Mini 1000 netbook which has a 10.1″ screen in a 1024×600 resolution. My final point of feedback is that the standard height of the Microsoft Security Essentials Window on tha HP Mini 1000 equals or even exceeds the height of the HP Mini 1000 screen, and resizing vertically is not possible.

Concluding

If you add up the extreme simple,  robust user interface  and free price point to the minimum performance impact, small footprint and accurate detection you can clearly see that Microsoft developed a no-nonsense anti virus & -spyware application. I think it is an excellent addition to the overall Microsoft product portfolio, and you can’t go wrong with this application !!