Early tests with the full version of Microsoft's new free malware scanner software reveals a no-frills security package that does what it says on the tin. Microsoft Security Essentials offers a significant opportunity to improve internet hygiene in much the same way Windows firewall brought a then endemic worm problem to heel …
What you don't know WILL hurt you.
If this is actually a half decent scanner, Microsoft should be applauded for their work.
The trouble is, with it not being made available through Windows Update, only people who know about virus scanners will install it and chances are they already have something in place. At the risk of an anti-trust violation, Microsoft should check whether a PC already has an anti-virus installed and if not offer to install one as an update. People who are already aware will either have a product installed or deselect it from the updates to be installed.
Friends don't let Windows friends run without a virus scanner.
It's the same as web browsers; those who know of alternatives will use what they like, those who don't know should be given a helping hand.
"MSE may be bundled onto new PCs by OEMs, though not very widely."
"MSE may be bundled onto new PCs by OEMs, though not very widely."
Presumably because, unlike Symantec, MS aren't willing to pay PC builders to put NAV blackmailware on the pre-installed software list.
"Microsoft Business Partner"? Organ donor, more like.
With everything from DoubleSpace (maybe before) on, MS let someone else build the market and then once the technology is accepted they steamroller the "someone else" out of existence. Symantec do have a bit more to their toolkit than just NAV, but there are other players in the Windows Insecurity market who surely have reason to be very afraid.
Doesn't seem to be Proxy aware, so not able to get updates which means it won't even run. Poor show.
Is it worth it?
Before you download this great new Microsoft product, read their privacy statement!! You have to agree to give them everything except your first born child. I, for one, don't need anything that badly.
You'll have to download it and begin installation to find this information.
Read the Small Print
I downloaded it and bothered to read some of the terms and conditions before installing it.
In addition to having to have a genuine copy of Windows (which I have), I did not like the implications behind the rest of the things that I was expected to agree to and immediately clicked the "I do not agree" button.
I will stick to my very good and reliable free AVAST thank you very much.
Thumbs down from me.
Nice to see Microsoft creating yet another UI standard.
Think I'll stick to AVG.
@Cachehunter:Is it worth it?
No it isn't... After reading the T&C, especially the part referring to SpyNet:
"Information collected, processed, or transmitted: Microsoft SpyNet reports include information about the files or programs in question, such as file names, cryptographic hash, vendor, size, and date stamps. In addition, Microsoft SpyNet might collect full URLs to indicate the origin of the file, which might occasionally contain personal information such as search terms or data entered in forms. Reports might also include the actions that you applied when Microsoft Security Essentials notified you that software was detected. Microsoft SpyNet reports include this information to help Microsoft gauge the effectiveness of Microsoft Security Essentials' ability to detect and remove malicious and potentially unwanted software.
Reports are automatically sent to Microsoft when:
* Microsoft Security Essentials detects software or changes to your computer by software that have not yet been analyzed for risks.
* You apply actions to software that Microsoft Security Essentials has detected.
* Microsoft Security Essentials completes a scheduled scan and automatically applies actions to software that it detects, according to your settings.
Reports might unintentionally contain personal information. To the extent that any personal information is included in a report, Microsoft does not use the information to identify you or contact you."
And after discovering what a default install of Windows7/IE8 (If one takes all of MS recommended actions during install/first run) does in the background, I have come to the conclusion that MS is moving further and further into the spyware business. SpyNet is a good name for this data collection service, SpyUser would be more accurate.
Tried AVG, now using MSE
I tried AVG on a fresh install at the weekend. After installing, rebooted and got stuck in a logon logoff loop which is apparently not as uncommon as it should be. This was a clean install of windows with office 2003 and norton ghost. Luckily I created the ghost image before trying AVG.
After restoring from the ghost image, I've now installed MSE.
I can still log in, so it is better than AVG as far as I am concerned.
No idea if it actually will detect anything, but at least I have something installed now.
Before knee-jerking about the data collection in MSE, read the AVG statement on same:
WGA ... surely the people most likely to be carrying nasties are a certain type of person where WGA might not pass.
If Microsoft was serious about fighting malware they'd not WGA validate the OS?
Not working for 64 bit XP Prp
Support pages confirm it, not available for 64 bit XP. Vista and 7 64 bit *are* supported.
But no mention of this on the System Requirements page.
WTF?! XP 64 *is* still an officially supported OS.
Data Collection - SpyNet
I think the use of the name 'SpyNet' is very apt. I have just installed MSE and looked at the SpyNet options - Basic or Advanced membership - there is no 'NO MEMBERSHIP' option. the results of the scan are nobody's business but my own, and unless I find away to disable this comms channel I shall be removing the 'SpyNet Agent' PDQ.
Why should I trust....
....an antivirus from Microsoft any more than I trust anything else from Microsoft?
It would appear that it also disables Windows Defender (which has some nice tools in it - none of which are included in MSE), so, as I already have another AV app I shall be removing it to get WD tools back.
My mistake - Win Defender is still there (mine disappeared and I read that WD used to be disabled by MSE so assumed the worst).
It doesn't matter
It's been proven for 20 years that User Education and the USER *NOT* deliberately installing supposed codecs, scanners, toolbars and whatever and NOT running attachments is the solution.
AV software is a failure. I know people using the Internet for 12+ years and no viruses ever and no AV. I know other people that have AV and seem to need re-installed every few months.
Almost all PCs I've cleaned have had AV.
@Cachehunter just uninstalled it
... because of that EULA..
I also took the time to make sure everything related was disabled in services, and went a bit mad and disabled almost every services.. machine works far faster now :-)
I believe the naughty-net boys have already started playing with DNS and search engines to hoodwink people who're searching for the new MS goodies, into going to dodgy sites and downloading malware ridden versions of the new MS toys!
Does really Win7 phone home?
@adnim (or someone that is in the know): Could you please provide more data and indicate where you have found evidence of what precisely "Win7/IE8 ...does in the background" ? Does it send more private data to Microsoft than XP or Vista?
Looks like I may keep it after all
having discovered how to disable spynet..
Bitch Bitch Bitch Bitch ...
There. Saved the next 2 million commenters from having to type anything.
I've had the Beta for 3 months. It managed to find and get rid of a few nasties. The only downside is that full scanning is slow. Took 10 hours to scan my computer. I did have 3TB though.
@ Not working for 64 bit XP
Same reason itunes doesn't. Its perfectly capable of working but you are not supposed to have it because they don't want you to have it (blessing in disguise with itunes though)
Even with a legit machine, i'm not letting that sh*te anywhere near my machine.
I'd rather use "potentially unsafe" updates for Autopatcher !
Ditch AVG, try Avast
I ditched AVG after weeks of constant "need update" followed by "need reboot".
What I found as a response in their was to upgrade to the paid version, so I switched to Avast and it seems to do the job.
I recommend f-prot to end users normally if they have XP SP2 or above or Vista. Windows firewall is fine for home users so a "suite" is a waste of money. F-prot is lightweight, cheap and easy to use. Now Microsoft have made it cheaper!
XP SP2 upwards has a reasonable home user firewall anyway, and you can't seriously suggest home users need an IDS/IPS...
So enable Windows Updates, make sure Windows Firewall is turned on and install MSE. Free, easy and lightweight.
Tried It in VPC2007...
... and immediately uninstalled it.
Do I really want a Microsoft product that whose default is to change my decision to turn off Auto Updates and then phones home to the very company who I trust the least? The data gathering disclaimer even states from time to time personal information will be transmitted to Microsoft. They do state they wont use or sell it. Do I really trust that? I don't think so. Microsoft has proven themselves to be liars and unethical corporate money grubbers just once too often for me.
No Time To Test Its Efficacy
"Testing MSE's effectiveness in detecting and removing malware was beyond the scope of our quick run through"
What, really, is the point of having a hands-on with an antivirus package if you're not going to test its ability to actually, err, detect and remove?
Ooh the interface is nice, and it installs quickly. That's very helpful, but if it lets your PC contract something like Antivirus2009, you're no less boned for the ability to install it speedily.
Microsoft offers free software and majority of responses are negative like this? Even the author of the article whospent exactly 10 minutes with it, compares it to 2001 software and did not even test it on real virus samples?
come on, this is FREE basic AV tool, it is there for people who don't want to spend a dime on full AV solution, nothing more and nothing less. I'm really glad they came with this tool, there are way too many users with no AV at all and they computer became zombie in DoS attacks.
....I take it noone read the thing saying it's opt-in?
without opting in, the only thing sent is what nasties were detected, and what action you took
That MS had an anti-virus program before, back in the early '90s. Lame program, couldn't catch a cold, or the early '90s dos viruses. I tossed it, used IBM anti-virus, what is now Norton anti-virus. These days, when I run widows (seldom), I use clam, run the scanner when I feel paranoid. Not hooking the file system improves performance a lot.
@you can't seriously suggest ...
"... home users need an IDS/IPS..."
ROFL. Never watched the outside of a firewall have you?
When I stick a free one on peoples computers they always say "why? theres windows firewall already running." then an hour later I show them the thousands of attack attempts made since it was installed... and the hundreds of "hi my name is USER-PC I belong to XYZ contact me at <ip-address>" messages flooding out from various software on the windows firewall "safe" list.
so much for privacy.
Windows Firewall does stop the attacks trying to respond to the hello messages. but it needs to make the damn machines stop spreading useless details so widely in the first place.
...............I'll stick with Comodo Internet Security, MBAW and SAS, along with CCleaner, ATF-Cleaner, MRU-Blaster, SpywareBlaster and Firefox with NoScript and Adblock Plus Add-ons.
All FREE and FAR more effective, applied with GOOD browsing/email sense.
Can someone tell me why Comodo's free av/antimalware/firewall is never mentioned? We turned to it a while ago after AVG free became rather bloated.
I just did, directly above your comment. ;p
need a spread in AV software
If this goes mainstream and the majority of users have one malware detecter then it makes it eaier to create malware as you have a known target.
I have only used the RC version of Windows 7 so the retail package maybe different. The user can opt out and disable most if not all of the data collection services that will run if the user accepts all of MS recommended settings. Microsoft also inform the user of the nature of the data collected, so this data collection is not underhand as such. However most users and nearly all new users to Windows 7 will accept and opt in to the data collection services because the wording in the opt in/out dialogues hint that it would be a bad thing to turn them off.
Here are some links discussing what Windows Vista/7 does regarding user data collection.
I will let you decide if you feel you are being spied upon.
A default install accepting all of MS recommended settings enables the following
WMP: sends usage data to MS
Media Center: joins the Customer Experience Program and sends usage data to MS.
IE8: Suggested Sites sends browsing history to MS
IE8: Smart Screen Filter sends website addresses you visit to MS.
The Customer Experience Program sends Windows usage data including installed apps and app usage, the file and folder structure of your PC and system specific hardware data to MS amongst other things.
This data collection can be either opted out from or disabled, but your average user is just going to accept the defaults and MS recommendations for fear of something not working properly.
Microsoft state that spyware is something that collects user data/info without informing the user. I would call that covert spyware, MS spyware is overt spyware. Whatever hairs one wants to split it is still spyware.
I think, in fairness, it's safe to assume you didn't write the article though :-) That will be Steve's gripe.
Steve - I stopped using Comodo when I realised it tried to bundle the Ask toolbar (may not anymore in fairness), which I generally count as adware. Kinda figured if that passed their logic test, I wouldn't be trusting their product!
I dont think a toolbar like Ask is a problem any more than google's or yahoo's etc and Comodo seems to has too much reputable business, like digital certificates, to be on a simple scam.
It's about time
Although I won't be using it, I think this product is great news.
Microsoft has provided simple firewalling since NT (given a fancy overhaul in XP), added Windows Defender to tackle Spyware and finally have a full anti-virus solution.
This means someone can purchase a Microsoft OEM system that will have a decent set of protection of which *none* is trial-ware that will expire in 60 days.
Users who buy systems can actually be permanently protected out of the box.
This is good news.
I prefer to use a more fully featured suite, but the option to have something supported entirely by Microsoft is pretty tempting for systems I support but don't own.
Being OLD and BAD TEMPERED - with a LONG memory
Almost all of the "Save yo' Ass" Microsoft software is worthless bullshit.
It's the cheapest, lowest standard, minimal effectiveness, lowest investment, lipstick on a pig software since the last worthless security software offering by Microsoft.
In terms of effectiveness - "It's as useful as a postage stamp on a letter going into the paper shredder......."
Get it? Use it? I wouldn't even bother downloading it.
so...shane, is it?
Why bother commenting on something you have no interest in?
You feel all self-important now?
There's a term for ignorant, loudmouthed people like you, but it's often used as a racial slur so I'll skip it.
As for MSE? It does what I need, and it's lightweight. The SpyNet thing is used to develop definitions and the Malicious Software Removal Tool.
It would be good if it was ready installed machines when bought.
Many have MacAfee or Norton but only a few month free trial, I suspect many never register them so have very out of date protection on their machines. The more PCs with uptodate protection around the better.
Too bad that all Malware gangs are going to circumvent it.
The biggest problem with MSE is that it's only a scanner and lacks all advanced heuristics of modern packages.
Which means that it is ok for cleaning up system that got infected about a month ago, and rather useless in preventing the infection in the first place.
Almost all malware is professionally produced nowadays, and bad guys use their in house equivalent of Virus Total to make sure that all major scanners will miss their malware.
Or at least that is what I have seen when watching big AV vendors scanner results on any new malware family, it's almost certain that none of the big vendors detect the malware just with the scanner.
But when you try to infect a system with new malware it's totally a different story, the heuristics in Symantec, Trend, F-Secure, etc usually are pretty good on spotting suspicious code and ask customer for sample upload.
Being OLD and BAD TEMPERED - with a LONG memory #
Too true, don't even have to be old to recall Live One Care, local ISPs are still tricking customers to install their spyware under the guise of a modem set-up/activation disk. Besides more unnecessary services(read:ineffective), slowing down the systems(high mem&cpu usage when idle) and being a delivery method for ISP's "I'm on-the-spyware-bandwagon-too" suite, what good was it? Obviously not too swell if it's being reworked and renamed already... Bing!
Let's see, what has MS f'ed lately? Live *, Live *, Live *, WGA, Vista, WinMobile, Danger/Sidekick, "Mojave/Seinfeld/laptop-punter/puking porn anonymity/7 party" marketing genius. Why can't Steve-o see this just isn't his bag? Lord knows he's got a chest full of booty and can afford to do anything else. Jump ship before all is lost, Steve! When & if 7 and Bing keep the ship afloat, you can still claim it was all b/c of you!
***I take it there will be no SB avatar b/c he will be gone soon anyway?***
Using MSE and it's not half bad
It updates regularly.
It scans much more quickly than the last version of NAV I had (last year's edition)
It scans much more quickly than AVG current edition.
It has picked up things AVG free edition didnt before it was uninstalled, MSE installed straight away and then it picked up two threats which after a bit of research, are disappointing that AVG didn't get them!
Overall, this can only move the Windows ecosystem in a good direction, now hopefully the EU won't do something ridiculous like stopping Microsoft releasing it on Windows Update due to competition rules that people without AV software have made that choice. Although this is true, it's to the worlds detriment that they aren't using AV software so it should be made compulsory to anyone without AV software currently.