Microsoft Security Essentials beta

I was never a big fan of , so I shed no tears when last November. The company promised to replace it with a lightweight free solution wholly dedicated to consumer anti-malware protection. That solution, formerly known by the cool code name "Morro," is now available for public beta testing as Microsoft Security Essentials. (Microsoft expects business users at all levels to rely on Microsoft Forefront instead, but both products use the same anti-malware engine and signatures.) On my tests, its malware protection proved okay, but not outstanding—just like OneCare's.

The download is pretty small (about 7MB), and the installation is fast. But the mandatory download of updated signatures tried my patience: It took anywhere from 5 to 15 minutes. Also, the full installation occupied over 110MB of disk space, which isn't exactly lightweight compared with the 7MB required by .

The program's clean and simple interface shows security status and offers easy access to a quick or full system scan. Occasional pop-ups announce discovery of a threat by the real-time module, but you need only click a button to clean up the threat in the background. (Power users can dig in for more detail.) Because Microsoft Security Essentials piggybacks on the Windows Update mechanism for its signature updates, it forces Windows Update into fully automatic mode—something that won't please power users who want to control exactly when Windows downloads or installs updates.

Average Malware Removal

The progress screen during a malware scan says "This might take a few hours," and scanning some malware-infested test systems did require over an hour. But scanning my standard clean system took only slightly longer than an average anti-malware scan: about 35 minutes. I didn't have any problems installing Microsoft Security Essentials on 12 malware-infested systems.

The product's overall performance on the malware removal test was average, not outstanding. It detected 89 percent of the malware samples and scored 7.0 of 10 possible points for removal, the same score attained. On a parallel test using commercial keyloggers, its scores were decidedly low: 30 percent detection and 1.8 points for removal. But that low detection rate indicates that Microsoft isn't really trying to remove most commercial keyloggers.

Although Microsoft touts the product's live kernel behavior monitoring and other features specific to rootkit removal, in practice the software detected only 67 percent of rootkit-type threats and scored just 4.9 points for removal, well below average. Hitman Pro detected 100 percent and scored 7.1 points.

Earlier this year Microsoft warned that scareware (rogue security software) is a growing problem, but apparently the Microsoft Security Essentials team didn't get that memo. The product only detected half of my scareware samples and scored 4.5 points. Best against scareware so far is with 7.5 points.—

Decent Real-time Protection

On a clean test system with Microsoft Security Essentials installed, I tried to re-download all my current malware samples. The program didn't keep me from visiting any of the download sites; apparently that's not part of the service. But as soon as I opened a folder containing already-downloaded samples, the software started flagging them for deletion. It wiped out two-thirds of the samples on sight and treated a collection of hand-modified samples exactly the same way.

I launched all the surviving samples to see how well the program blocked them. Overall it detected 83 percent of them and scored 7.9 points for successful blocking—both figures slightly below average. Prevx ruled this test, scoring 9.4 points. Here, too, Microsoft Security Essentials was weaker against commercial keyloggers, detecting 40 percent and scoring 2.3 points.

It's easier to prevent a rootkit from installing than to dig it out afterward, and the rootkit scores reflect this fact. Microsoft Security Essentials detected 78 percent of the rootkit samples and scored 5.9 points for successful removal. That's still below average but better than its rootkit removal scores.

At this point, Microsoft Security Essentials is a decent anti-malware product. Its success rate isn't spectacular, but that could improve during the beta testing process. And of course it has one big selling point: It's free.

More Antispyware Reviews: