By Jonathan Imberi
If it is not broke...do not fix it! Well, that has been the case with AVG Free since 2007. However, all good things must come to an end. In its most recent update to AVG Free 2010 the program makes use of, for lack of better words, some rather malicious scanning techniques to make you think your computer is in need of a tune up. AVG calls this scan the PC Analyzer. In our studies, the issues highlighted by the PC Analyzer were actually created by the program itself and were not the result of normal PC degradation. If you happen to click on the Fix My Computer link it directs you to a page for purchasing AVG PC Tuneup. If you do not click on the link the incessant pop-ups begin, constantly alerting you to this false issue.
Microsoft Security Essentials updates itself very quietly in the background. In fact, I was never once bothered by its updating system; the only prompts I received were when the application actually needed my attention, like when it detected a threat that needed to be cleaned. Signatures are updated daily through Microsoft Update, with new signatures being published as often as three times a day. The core security engine is scheduled to update itself with new features and bug fixes on a monthly basis.
The History tab is useful for reviewing how well the program is working, and modifying decisions you have already made on previous detections. It gives you a great overview of what the program has found and also gives more information on each potential threat.
Considering the simplicity of the product, MSE has a surprising number of settings to work with. Power users will enjoy having tons of features to tweak, and I think they will be satisfied with the settings that can be changed in MSE.
MSE is the first Microsoft security product to make use of the company's new Dynamic Signature Service (DSS). When MSE detects that a file is making suspicious actions (such as unexpected network connections, attempting to modify privileged parts of the system, or downloading known malicious content) and it has no virus signature for it, MSE will send a profile of the suspected malware to Microsoft's servers. If there is a new signature for it, one that has yet to be sent out to the MSE client, MSE will be told how to clean the file. In this way, DSS helps ensure users stay protected by the most current virus definitions available without having to wait for the next scheduled download.
The EICAR Standard Anti-Virus Test File was developed by the European Institute for Computer Antivirus Research, to allow people, companies, and programmers to test their antivirus programs without having to use a real computer virus. There is not a single reputable security product in the market that cannot detect the EICAR test file. I used this test file to demonstrate MSE abilities. The top window is the prompt you get when you try to download the file and the second one you get after you hit the "Clean computer" button.
The threat above was detected while I was browsing the Internet. I did not notice anything odd until MSE told me it had found something and needed a single-click to confirm that I wanted it to finish its job. It did, and I continued browsing, virus-free.
As I continued testing MSE, it either caught threats after they were downloaded and executed, or blocked them from getting onto the computer in the first place. It would be impossible for MSE to have a 100 percent detection rate, but when I uninstalled it and scanned my PC with all of our security scanning tools, they all came up with nothing. Based on my findings, MSE was definitely doing its job well.
Performance And Unobtrusiveness
It should be noted that MSE installs very quickly and is very small. The program's folder takes up only about 13MB. MSE sports a single tray icon (hidden by default in Windows 7) that indicates it is running. The software does not add any browser toolbars, desktop gadgets, or additional bloatware during installation. An Internet connection is required for installation and to download the latest virus and spyware definitions.
MSE includes three features to keep it light: CPU throttling (the system will remain responsive to the user's tasks), idle-time scanning (scans and updates using a low-priority thread and only runs when the PC is idle), and smart caching and active memory swapping (virus signatures not in use are not loaded into memory).
Based on what I have seen so far, I have to recommend that everyone currently using free security software should give MSE a shot, and those with paid solutions should think about taking MSE for a spin before renewing subscriptions.
It should be noted that removing or uninstalling security software can be very tricky. These programs tend to leave all sorts of loose ends behind reeking havoc on your system. The techs at Imberi PC are trained in the techniques used to sucessfully uninstall your old security software and install and configure MSE for your PC.