Microsoft Security Essentials

[Pic0o]

The touted Scanner from MS that rapidly closed it's evaluation window this summer, is now ready for download. I am installing this now, and as covered @ theReg, you get a free malware scanner, without all the addon stuff that slows down your rig. There is a Real-Time protection component and scheduled scanning features

 

This will be very nice, especially for friends and family to use, since jumping through hoops to use other products, or uninstalling the excessive components is pretty annoying. The interface is clean and simple, so non-savvy computer people don't feel like they are getting ready to launch the missiles from the silos. :P

 

I am up to 3 machines I have run this on, and one of the things I do appreciate, is the Option to remove or allow items detected. Some apps I run got mixed up as evilware, as they can be put into wrappers and be self deployable for nefarious purposes. In this scanner, it warns you of their presence, but does not block them automatically and leaves you the option to allow or delete it.

 

This is as big win, especially for machines you are working on remotely, as other Anti-V products have either disabled items automatically, or modified the configuration to remove the access password, and grant full console with no password. It's nice to see the scanner detection was given some logical though in design.

Edited October 2, 2009 by Pic0o
Feedback

[Pic0o]

I did a full scan, and a few old No-CDs and the like raised some flags. I'm pretty sure these be false positives. Pattern-based detection can only go so far. Keep this in mind when doing a full system scan.

[Pic0o]

We had the luxury of getting a horribly infected machine running mad nastyware, including a fake AV called 'GreenAV'. That was easy to purge as it resided in the 'C:\Documents and Settings\All Users\grw' folder and launched from the Run tree of the registry / easy to kill in TweakUI.

 

Once Green was gone, I still had much nasty shit on the PC. The MS scanner did a good job of detection and it cleared off all the shitware, making the PC usable again.

 

I'm doing some follow-up scans and such, but I suspect the evil has been purged. Very handy for home users, so they stand a chance of getting the nasty crap off, without needing to go to a repair shop, or bother the family computer people.

[Pic0o]

FYI - When you install this, it will Turn Auto updates on, without tipping you off.

 

Great to know if you have servers you'd rather not have auto update and reboot on Wednesdays.

[Pic0o]

It's certainly a Monday as I am cleaning another fake Anti-V off a PC. This scanner does have a critical flaw and that is the non-direct means of updating it, when an outside connection is either unavailable or blocking the update site.

 

I'm on the hunt for a MS link with the definition URL to get so I can deploy this, without every machine needing an active internet pipe. Yay, looks like I found the Manual Update page.

 

Damn You! Koobface.gen!G and D. :shank:

Edited November 23, 2009 by Pic0o

[Pic0o]

Bump to mention, I have noticed some later installs do default and auto-clean infections and alarm items. You can disable this in the Settings | Default Actions and remove the check from Apply recommended actions. Doing this, will let you see what was found, without auto-killing it.

 

Highly advised if you run remote admin apps and such.

[Pic0o]

Manual Update Page for MS Scanner.

 

To fix Auto-updates that don't install right, Disable the 'Install @ Shutdown'. Right-Click My Computer and goto Properties. From there, put the Dot next to Don't automatically install updates. That should fix that part.