Security, Technical

Making Microsoft Security Essentials behave like antivirus software

I have been running Microsoft’s free antivirus software, Security Essentials, on all of my home machines since it first was released.

On three separate occasions, I’ve discovered Trojans running on machines that are supposed to be protected by this antivirus software.

This freaked me out the first time, concerned me the second time and made me rage quit Security Essentials the third time. I’m now running Bit Defender at home.

I looked into these problems as I could not be the only one facing these issues. I was right – I found several forum posts by people complaining of the same problems.

Upon looking into the issue further, I discovered that there isn’t actually anything wrong with the detection on Security Essentials. In fact, it ranks quite nicely amongst alternative free antivirus solutions (Avast, AVG, Avira).

The problem appears to be its default settings. By default, Security Essentials will be setup to run at 2 am on Sunday, and will only look for an update on virus definitions just before it runs. If, like most home users, your PC may be off at 2 am on a Sunday, these two critical actions will not happen. No update. No scan. This will leave your PC with very little protection.

If you’re going to use Security Essentials, you need to tweak the settings to make it more protective of your PC. Below are my recommended settings. Fire up Security Essentials and navigate to “Settings”.

1. Scheduled Scan

I’d recommend having a daily “Quick Scan” at a time that you know your PC will be on. If you’re worried about the slowdown, simply limit your CPU usage. And remember, the slowdown and downtime that you get as the result of a virus will be a lot worse than any slowdown than you could get as a side effect of an antivirus scan:


SecurityEssentialsSettingsScheduledScan

2. Default Actions

If my antivirus thinks it’s found a severe or high alert, I want it removed:

SecurityEssentialsSettingsDefaultActions

3. Real-time protection

This should be on. If it isn’t, turn it on.

4. Excluded files and locations

Be sensible here. Add any directories and folders that you will be working on regularly that are unlikely to get infected. For example, as a developer, I know that my source code is unlikely to be effected by a virus. As I will be writing changes to these files to the drive regularly, I also do not want any slowdown as a side effect of the antivirus scanning my edited files:

SecurityEssentialsSettingsExcludedLocations

5. Excluded file types

Again, you want to be sensible here and ideally have as few files as possible being scanned here. The default settings of .ini and .log files should be sufficient here.

6. Excluded processes

If you use any heavy applications for work, it is worth adding them into this list. As a developer, I tend to spend a lot of time in Visual Studio. I know this process is a safe one as I installed it and it came from a vendor that I trust:

SecurityEssentialsSettingsExcludedProcesses

7. Advanced

The only change I’d suggest here is setting Security Essentials to scan your removable drives:

SecurityEssentialsSettingsAdvanced

Security Essentials should now be of a greater protective value to you. If you don’t think this will protect you enough, consider purchasing an Anti Virus solution.