Helping people with computers... one answer at a time.

When installing anti-malware tools on your machine makes things worse, it's one hint that there may already be a deeper problem.

I followed your recommendation and installed Microsoft Security Essentials. It's been a nightmare ever since. Things are worse than before. I don't know how you can recommend something like that. What do I do to get this mess cleaned up?

I stand by my recommendation.

Microsoft Security Essentials is a solid anti-malware tool that works and works well in the vast majority of cases. I like it because it's a one-stop solution for a fairly broad base of protection and it's kept up to date by Windows Update.

So why'd it mess up your machine so badly?

I have a theory.

And I have some steps for you to try and dig out of this mess.

Which came first?

My theory is simply this: your machine was already infected with malware.

“If there's malware on your machine then all bets are off; it's not really your machine any more.”

Malware these days is pretty sophisticated and part of that sophistication is that viruses and spyware will take steps to protect themselves. Most often, this is in the form of preventing anti-malware tools from running or updating, and perhaps even preventing you from accessing download sites where you might get anti-malware tools.

What I believe has happened is that the malware already on your machine seriously interfered with your installation of Microsoft Security Essentials. Either the installation was prevented or corrupted or the program's ability to run was somehow disabled.

In other words, the malware made a further mess of things.

That makes things kinda tough, because if you have an infected machine, one of the first things that you want to do is to update or install anti-malware tools to eradicate the infection.

But you can't clean the infection ... because the machine is infected.

Try this instead

Using a different machine, download the Microsoft Standalone System Sweeper and burn that to a CD.

Now, reboot your infected computer from that CD and run the tool to scan your machine's hard drive for malware.

Booting from that CD prevents the malware on your machine from ever gaining control and thereby stopping that malware from interfering with the anti-malware tool.

Which, by the way, is really just a version of Microsoft Security Essentials, in a stand-alone, boot-from-cd form.

My guess is that there's a good chance that the sweeper will detect and remove the malware that started all of this.

If not, I'd point you at How do I recover from a bad virus infection? for further, more aggressive steps to take to rid yourself of the problem.

Assigning Blame

Don't blame the messenger.

If there's malware on your machine, then all bets are off; it's not really your machine any more.

As such, that means that the malware could be responsible for all sorts of mischief, particularly making anti-malware tools fail or otherwise misbehave.

Microsoft Security Essentials is a good anti-malware tool. Because of that, it's very likely that malware would target it, not just to prevent it from working, but perhaps even to make it look bad.

Article C4965 - October 26, 2011 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

27 Comments
Zebeldakh
October 27, 2011 1:18 PM

I stand by your recommendation of MSE but after installing MSE there is a process which slows down the pc and it is MsMpEng.exe (uses up to 90,000 of resources) this process is a nightmare and I have contacted Microsoft customer support and they weren't able to help me, although my problem still exists, I still use MSE.

Not sure what you mean by "90,000 of resources". There is an option in MSE to limit the amount of CPU usage. In my experience I see MSE hit most heavily only while it's performing a scan, and even then not on most machines.I'd look at configuring the options controlling when to scan, and the aforementioned CPU usage.

Leo
28-Oct-2011
Nick Taylor
November 1, 2011 10:15 AM

I use Microsoft Security Essentials and have found it to be very good, no problems at all.

Adrian Poyner
November 1, 2011 10:29 AM

I installed MSE on my lap top and had all sorts of problems, OS is Vista and after hours searching removed windows defender in add/and remove and this solved all the problems that I had experienced, defender should automatically shut down when you insatll MSE but in my case it failed, its worth checking this out if you are still having problems.

Dell Hill
November 1, 2011 10:29 AM

I agree with Leo. And if 90,000 is slowing your computer down, you have a much bigger problem somewhere else....or your machine is in serious need of an upgrade. Some programs (streaming video, for instance) pile up 600,000 before it's time to reboot, and I'm sure other, better machines, go longer.

Allen Moure
November 1, 2011 10:35 AM

I have tried MSE and it slowed my computer took long time to load my email would take along time to load uninstalled and the problems went away

nytibcp
November 1, 2011 10:53 AM

I've read that MSE may be slowed if it's allowed to scan its own folders. The recommendation is to go to MSE's Settings | Excluded Files and Locations and exclude the following folders: Program Files\Microsoft Security Essentials, Program Data\Microsoft\Microsoft Antimalware, Program Data\Microsoft\Microsoft Security Client, and Program Data\Microsoft\Microsoft Security Essentials. The folder names may vary somewhat depending on whether you're using XP, Vista or Windows 7, but the principle is the same.

Steve
November 1, 2011 11:17 AM

I remember someone who already had an antivirus program installed on their computer and then installed another one. His computer was almost unusable until we finally uninstalled one of them. My guess is that they each thought the other was a virus 'cause of the virus signatures each used.

Per-Ola
November 1, 2011 11:28 AM

I used Norton, McAfee, AVG, Avast, etc, and eventually settled on MSE for all our PCs at home. It is slim, low demand on processor capacity, and has also protected us from all types of "crap".

How do I know? I sometimes run a web based scanners (TrendMicro, Norton, etc) just to verify, but nothing has been triggered at all since MSE was installed.

In fact, on new Win7 work laptop that came with a bloated Norton package, I quickly uninstalled and put MSE to to work. It just runs...

Benmara
November 1, 2011 12:01 PM

Another great article and suggestion from the Leo Meister I recently put MSE on both my machines (Desktop XP and Laptop Vista). I had three scanners/virus protectors on Vista (2 turned off) but even off they messed up MSE! The key is to definitely remove everything before installing MSE! Finally fixed that self-made fiasco and both machines run fine. Thanks nytibcp for your tip!

Alex
November 1, 2011 12:51 PM

I've been using MSE for about 2 years now, and find it excellent:
- it does the job (I have to admit, though, I'm a conscientious Internet/PC user, and became even more so since I came across "Ask Leo!");
- has a little impact on the system (it feels like no antivirus at all installed, apart from a little at the PC's start-up, which is still pretty decent, and during the database updates/scans);
- very easy and quick to install;
- very easy to use;
- does not take too much space on the hard drive;
- does not require one to be very technical in order to understand and change the settings, and in case - should it find a malware on your PC or external hard/thumb drive - it offers a straight forward solution and suggests which actions to take therefore not confusing an average user with the choice to make in order to clean up PC.

To the person who originally posted the question for this article:
Please do not make any rushed conclusions until you carefully investigate and find out what exactly the cause of the problem is in your particular case (like Leo described in the article). If for any reason you’re not able to do it by yourself then address the issue to a tech guy like Leo or elsewhere, but please do not make a statement until you’re absolutely certain about the issue, product or service that the website’s author recommends/offers. At the end of the day, I think, we should be very grateful for the service like Leo provides – highly technical and professional, yet very clear and relatively easy to understand for an average user. And it’s free.
Also, have you uninstalled your previous antivirus software as you must not run more than one on the same PC at the same time (I hope you’re aware of that). Your description suggests that your system is ‘messy’, - is it also unstable (you, unfortunately, did not describe what exactly you mean by ‘messy’)? That could help Leo to help yourself.
Unstable system could be also caused by running more than one antivirus software on the same PC at the same time in addition to all the points that Leo has covered in his article.
Please read some other articles on "Ask Leo!" in order to educate yourself and understand more on a specific subject - there's really so much covered on this website.
Regards,
Alex.

bpooler2
November 1, 2011 3:26 PM

Some great responses, particularly the last one from Alex. . . I agree with all Leo's responders,
he provides a great free service and uses simple English into the bargain. . . . Thanks Leo....

donotreadonme
November 1, 2011 4:09 PM

Are you telling me Microsoft is not infallible? jajajajaja

thanks for the laughs...

soloman
November 1, 2011 4:09 PM

some great advise in replies
i have used mse for two years after trying other security packages two of them brought me huge problems (norton-couldnt even sort the problem out and later descovered it was of their fault)(mcafee was problems the first day and i ditched it) mse is the best and i have never once had any problems as previously stated its best to fully remove other security that conflicts with each other norton has/does treat other security as a threat
leo gives great help and even though i follow this site have never made a remark until mse was mentioned so keep calm follow the help leo has/can/ give and then come back and let us all know how good mse is for you its ok to put a downer on things when we are upset but in a cooler light we oftern think clearer so let leo/us all know how good mse is for you
thank you.

Burt
November 1, 2011 6:40 PM

I have used M.S.E now since I discovered it from a Leo article , I installed the prog and also have A.V.G free adition M.S.E runs perfectly , I have had no problems to Date .
I read every word that Leo writes and find the articles to be excellent and very well presented .

Rob
November 1, 2011 10:00 PM

I do so agree with all of the foregoing comments about Leo - he is invaluable to us all. This, however, does not make MSE infallible!!! I tried to install MSE on my (XP Home) having removed all previous security except WinFirewall of course. The Stand Alone had found nothing I should add.
I experienced so many problems that I cannot remember them all but my desktop became a tortoise in the extreme.
I and your contributor are not alone - I am an avid reader of all such sites as this and would say that MSE's popularity is not as 100% as comments here would seem to indicate.
I wanted to install MSE but had to re-install my
previous protection which is magnificent!!

steven
November 2, 2011 5:10 AM

Nobody is mentioning if anyone is running TWO real time virus protection programs at the same time. If you do, and yes any antivirus program will crash or slow down, a lot. Pick one and get rid of any other real time scanners. This does not apply to on demand scanners, such as Malwarebytes FREE! edition(without the protection module). Of course, the Free edition does not come with the protection module.

wrinklysteve
November 2, 2011 5:14 AM

Potential users of Microsoft Standalone System Sweeper should know that it will only download to an SP3 version of Windows XP.

Anonymous
November 2, 2011 5:40 AM

Hi Leo, I downloaded the Microsoft Standalone System Sweeper (32-Bit version) on CD. After booting the CD and selecting drive C: (I have 2 systems on my pc [Win7 -32bit on drive C: (disk 1)] and [Win7 -64bit on drive D: (disk 0)]) the "Sweeper" discontinues with error message that I am using the 32-bit version on a 64-bit operating system. Disableing disk 0 (with the 64-bit OS) reveals the same error.
Do I have to disconnect disk 0 before I can continue with the test?
Remark: the 64-bit system was installed before I installed the 32-bit version and switched afterwards the drive letters.

Regards
Lutz Pansegrau

I'm wondering if C: and D: are reversed when booting in the sweeper. Try scanning the other drive. My guess is you'll need the 32 bit scanner to scan the drive with 32 bit Windows, and the 64 bit scanner to scan the drive with 64 bit Windows.
Leo
02-Nov-2011
Paul G Pousson
November 2, 2011 6:29 AM

I am doing just fine with Malwarebytes and Spysweeper thank you. If it ain't broke, don't fix it!

Dave Markley
November 2, 2011 8:50 AM

I agree with Steven, definitely make sure that you are using ONLY ONE anti-virus. This applies to Firewalls as well. As far as 'anti-spyware' and 'anti-malware', you can usually run two or three without a problem.
I highly recommend (on a second PC) downloading Emsisoft's free 'A-Squared Emergency Kit' and putting it on a flash drive. I personally don't think that there is a better anti-malware software anywhere (free or paid). Fully update it, then run a ' full computer scan' on your computer from the flashdrive. (you can also run it from your desktop - it doesn't actually install - but it may occasionally crash). Then try to re-install your anti-virus

m afsar
November 2, 2011 10:47 AM

this comment use full for me specially stand alone is good idea that i don t know before i will keep it as a new experience and knowledge .about pdf reading alert also usefull for me thank you

soloman
November 2, 2011 1:00 PM

@rob 1-11-2011
greetings you do not mention 32or64bit?i have done a quick google search and microsoft show answers for 2011 on this subject mse only available for 32bit i'm not sure if we are allowed to post link but you can find all the info including the the same advise leo/others have given on this subject i have to be honest and say i have installed mse for other people over a dozen infact on new win7 computers no problem so may be an idea to re search google as you have missed this microsoft advise page which also tells you to make sure you have the latest service pack
thank you.

Mark
November 2, 2011 8:55 PM

MSE has worked fine for me and other computers. I would make sure Windows Defender is disabled. Use Malwarebytes to scan and clean anything MSE doesn't detect.

soloman
November 3, 2011 5:03 PM

ive spoken with a few people that ive put on to mse and even though i know they would contact me if they had a problem i though there may be a couple who may not as they would not wish to take up my time and for this article i must report non have had any problems at all yet most had loaded the free trial of norton/other when they first got their machines either them-selves or with other help those i helped from scratch(from new just getting their computers i scrapped norton/other and put in mse so infact ive proberly put mse on over 20 machines new/used by owner prior to my mse boasting and of the few ive asked all love it mainly its easy to use and because they have had no trouble with it unlike their previous free trial security
i wonder if the person who first had the problem has re contacted leo as i can not see who it is to ask by name/may have overlooked it but apart from leo/help by others check list for installing mse answers microsoft 26feb2011 google makes it more than clear do/dont em proberly another leo production but it would be nice to know if leo/this forum has made/been any help to those with problems as a couple of people ive used mse are new to computers and in their more senior years they keep messing up their e-mail but have no problems following the mse/my advise/instructions so pleas if any-body leo/all have been of any help please say so it makes it more interesting and lets you know you are not talking to yourself
thank you.

Ken in San Jose
November 5, 2011 10:22 PM

Leo,
I agree with using Microsoft Standalone System Sweeper. But I would install it on a empty USB pen drive (Microsoft Standalone System Sweeper formats the USB drive so use an empty one). Then you can update it before you run it to get the latest data set. I do this weekly, so far it has found nothing. But it's free and runs off the USB drive so nothing is in use and it can check everything.

Rob
November 8, 2011 8:52 PM

To thank Soloman - 32-bit and, yes, all updates (service packs) installed as I have a licensed version of XP. Maybe this is a nefarious MS method to get me to update to Win 7?

Nancy Hastings-Trew
June 21, 2012 9:55 AM

"I've read that MSE may be slowed if it's allowed to scan its own folders. The recommendation is to go to MSE's Settings | Excluded Files and Locations and exclude the following folders: Program Files\Microsoft Security Essentials, Program Data\Microsoft\Microsoft Antimalware, Program Data\Microsoft\Microsoft Security Client, and Program Data\Microsoft\Microsoft Security Essentials. The folder names may vary somewhat depending on whether you're using XP, Vista or Windows 7, but the principle is the same.
"

I installed MSE program today after completely removing Avast Antivirus using it's own removal tool. With MSE running everything started taking forever to open and opening a file folder required a wait for files to appear. Definitely not good performance. Tried the above tip and now everything is fine. Thanks to nytibcp who suggested it.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.