Jump to content

Just Say NO! to Microsoft Security Essentials


mhmallory

Recommended Posts

I sucessfully installed Microsoft Security Essentials on my Compaq D51S Desktop, P4 and 2 GB of memory which has a fresh install of XP Pro fully patched and all hot fixes applied. The desktop did not have Windows Defender installed or any other AV or Firewall. After the install of Essentials with the latest definitions installed, I did a full disk scan with no malware or viruses detected. I then decided to 'disable real time detection' but opted for a full scan every twenty four hours.

After several hours, I noticed that the desktop was at %100 CPU utilization. I checked 'Task Manager' and the only abnormal process was MS Essentials. I also looked closely for any process I did not recognize, and also at 'svchost' processes which were normal. I also use a opensource called svchost viewer tool from http://svchostviewer.codeplex.com, which gives provides a detailed list of what an 'svchost' process is connected to. The desktop became more and more unresponsive, but I was able to reboot from the "Start Menu'. After rebooting, the desktop became unresponsive to the point of necessitating a hard boot. I reboot several times, regained control to the point that I was able to use 'Add Remove Programs' from the 'Control Panel', and removed Essentials.

After removing Essentials, and the high CPU usage problem non-existent, I attempted to open a 'Word Document' and received the following error pop-up box post-15886-1245903337_thumb.png. I attempted to create a new Word document, and received the same error. The weirdest thing was that I could create or open an attached Word document in Outlook 2007, which uses Word 2007 as the message editor.

I then did a 'repair install' of Office 2007, navigated to Office Updates, and Windows Updates to make sure that no hot fixes or patches had been removed with the 'repair install' process. The only patch that was missing was Office 2007 SP2 which I reinstalled and rebooted. After reboot, I again attempted to open or create a Word document, and received the same error message.

I decided to do a 'remove' Office 2007 using the DVD. This is when everything really went to 'Hell'. After removing Office 2007 and a reboot, I attempted to do a 'Install' of Office 2007. After accepting the product key, after several minutes the Office installer stopped with an error.

I tried a couple of more times to install Office 2007, but continuously get an installer error. I know what followed at this point is a full OS install, but I decided to attempt an install of Office 2003 which fails with an 'incorrect product key'. My XP, Office 2007, and Office 2003 are valid purchased MS products. I' m making the assumption that once the Office 2007 service packs and patches are installed, their is no longer a downgrade path from Office 2007 to Office 2003.

I' am a Software Quality Engineer by profession. I can fully sympathize with Microsoft Software Quality Assurance and System Test Engineers. They have an enormous software product base to support, as well as a huge hardware platform base to support and perform regression test with any new product base release or software hot fix/patches/service pack release. Microsoft has acknowledged that it took a 'big black eye' with Vista and its release to the public for consumption. I hope for their sake, that Essentials does not 'blacken the other eye'.

Link to comment
Share on other sites


I also was pretty encouraged when I read the reviews. For me it just did not perform as advertised. If you notice, I did not bash MS. I personally think that MS Development has a vast knowledge base to draw from. This said, I' m speculating that Essentials uses software hooks in yhe kernel that possibly did not get cleaned up during uninstall. Also note, the system CPU was at %100 during removal of Essentials, and there is no telling what process did not complete as it normally would have.

Also, if other users are not aware the http://www.codeplex.com/ site is Microsoft sponsored. Microsoft Software Developers release many useful utilities and programs to the public as Open Source.

mhmallory

Edited by mhmallory
Link to comment
Share on other sites

I tried it today. It's nothing spectacular, but then again 99% of AV programs aren't, especially the free ones.

My main gripe is with RAM usage (private bytes around 110MB for MsMpEng.exe alone, then the user interface, msseces.exe uses another 8MB or so). Other than that, no problems yet, no false positives, the GUI is alright, and there's no annoying "upgrade to pro!" kind of popups and so on. Not bad at all for the first beta of a brand new product.

I'd say NOD32 is still better, at least in terms of RAM usage (actually, haven't tried v4 at all), but it would also cost $100/year for our home PCs. That's enough $ over a 3 year span to buy like 24GB of RAM at current prices.

Then again, it's a bit early to say how well MS will be at keeping definitions current.

Link to comment
Share on other sites

I' m wondering if anyone tried the scenario I described. In other words turn off real time monitoring, and leave the system alone a few hours. The situation I described usually indicates a 'memory leak' or a problem with one of the sub modules in the program itself. I would not be surprised to see an issue like this, with Essentials at the beta stage. As I said installation went smoothly, the %100 CPU usage problem began to appear after several hours.

mhmallory

Link to comment
Share on other sites

My main gripe is with RAM usage (private bytes around 110MB for MsMpEng.exe alone, then the user interface, msseces.exe uses another 8MB or so). Other than that, no problems yet, no false positives, the GUI is alright, and there's no annoying "upgrade to pro!" kind of popups and so on. Not bad at all for the first beta of a brand new product.
You're running a beta checked, unoptimized build. Expect RAM usage to be high. It's checked (debug build), constantly logging, and it's very likely completely (or at least compile time) unoptimized, so it's going to be really "heavy". If you want to see what I mean, download a checked Windows build and a retail Windows build of the same OS from MSDN, install both, and run perfmon - especially x64, the load can be almost 100% more (in fact, I've seen worse with VS betas) with the checked build than the optimized retail release.
Then again, it's a bit early to say how well MS will be at keeping definitions current.
Not really - they're the same as forefront uses, and those are updated daily (sometimes more frequently, depending on what happens that day). I don't know if you'll find these available on WSUS in the future as the forefront defs are, but it's not impossible to imagine this may happen in the future after RTM (maybe not, but there are other "consumer" things in WSUS, so I guess anything's possible). However, the defs release at least daily.

And to the OP, if you find a bug, don't just say "don't run this beta software!!!". Report the bug, otherwise this could make it into the shipping version. That's why they do betas, remember? Being an SQE you of all people should know this ;).

Link to comment
Share on other sites

The first thing I did was to open a bug report at the Microsoft Essentials Connections site, and turned on tracking to be notified of a response. Note, I choose not to post it to the forum because I kept screen shots of the results, and I felt that someone in development would want to take a look at what happened. I'm hoping to hear something back soon, to give them a chance to retrieve any log files that might be relevant or any session events in the events logs.

I have been 'trolling' the MS Essentials Forum, and have noticed a couple of posts with similar problems. MS has suggested the same steps I followed, 1)Make sure there are no conflicting anti malware programs installed. 2)If no conflicting programs, submit a bug report.

In beta of any product I' m willing to accept the risk of doing a 'repair install' of the base OS if things don't go as planned. I also fully understand the need for email scanning but I was a completely shocked to see Microsoft Office 2007 hosed. At this point, my only solution is to reformat the disk and reinstall XP, Office, etc.

I' m sure MS development understands 'software life cycle management schedules', and Office 2007 will be a supported offering for a few more years down the road until Office 2010 is fully deployed.

To clarify, I should have phrased my post strongly suggesting to not install on a system that you use on a day to day basis, only on a spare system. I' m lucky because I have my essential files mirrored to a backup disk. The only thing is I' m gun shy at this point and would only install and evaluate Essentials on a VM. The problem with this approach is if a bug pops up, rightly or wrongly I' m sure MS response would be that this is invalid testing because it is running in a VM and to contact VMWare support to address the issue.

The only fault is on me because I thought according to MS and other tech websites, was that there was a push to release Win 7 and Essentials RTM at the same. I wrongly considered Essentials 'beta' as a more mature 'beta' release and closer to going 'gold' and RTM at a fast tracked schedule.

I also just recently checked the MS Essentials forum, and there are a couple of posts of high CPU use when real time protection has been turned off. I also noticed that are a few posts complaining of high CPU/RAM use with MsMpEng when system is idle.

mhmallory

Edited by mhmallory
Link to comment
Share on other sites

I'll have to try it next week when I'm back in the office, but I'm wondering if you could get a few dumps of it either consuming a lot of VA or using high amounts of CPU (or both) so we could take a look.

Link to comment
Share on other sites

  • 5 months later...

I recently tried MSE on Win7 x64. After updating it, my system immediately began hesitating and pausing like something was using up every possible resource, yet hard drive access was minimal. The mouse pointer was stuttering across the screen when I moved it. I'd click something, and there was a delay of about 2 seconds.

I didn't bother checking task manager, I just uninstalled MSE and the odd behavior ceased instantly. I won't bother with it again.

And no, I didn't have any other sort of anti anything running, as MSE automatically disabled Windows Defender upon install, and I don't use antivirus apps so there was nothing to interfere with MSE.

Link to comment
Share on other sites

unrelated,

but hilarious that directly underneath it says 'please read the rules, folks" in large font.

Though I imagine he is mistaking forefront/defender-ish type software for security essentials. Cant think anyone would burden themselves mass rolling that out when the others are so easy.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...