Helping people with computers... one answer at a time.

Microsoft Security Essentials is a basic anti-malware package that's available for free from Microsoft. I'll demonstrate how to install and configure MSE.

Over the years, I've had various recommendations for anti-virus and anti-spyware tools. Last year, Microsoft released Microsoft Security Essentials, which I now recommend as a viable option for most of the average computer users out there.

In this video excerpt from an Ask Leo! webinar, I'll walk through installing Microsoft Security Essentials and point out a few of the settings that I think are important.

T]o0}`ҺI$5PSIGؗīgCB:iӜ8̥s1Px sS^CLk%}6DrGODZ4L&p`4~L(q4AI8 TM!a#!!dޗ3Ƥ m s.iP䬬2#k&xeSh4 \|~㵬FONp Rc˦ 7OܞAq[o\gUyKe_bZ"c6Hh45~z' [mc&y󙐶S9=h;m -Xq#c@K]p%O\k0LvH՗~jcu2^Љk䨏(3\jza&-fGY|mz9'_0/#xl|>sV.^|F!

View in HD (1280x720)


I have had various recommendations for anti-virus and anti-spyware software over the years and last year, I came to the conclusion that for the average computer user, who doesn't really want to think much about what they need, what they should have - they just want to install something and have it work - Microsoft Security Essentials is actually a very good solution.

There are alternatives that I often recommend as well, but Microsoft Security Essentials has matured to the point where it is a viable security solution that provides both anti-virus and anti-spyware technology.

As we take a look at my Windows 7 here, you'll notice that there is in fact an alert down in the lower right. So the very first one is a problem that we are about to solve. Windows does not come with anti-virus pre-installed so we're going to install Microsoft Security Essentials to solve that particular problem.

Windows Defender hasn't been run yet. Windows Defender is the anti-spyware solution that comes with Microsoft Windows. However, Microsoft Security Essentials will replace that.

So Microsoft Security Essentials is a free download from Microsoft. It actually detects what system you are running on and begins the download when you click on that. You have the option of saving or running it immediately. My recommendation actually is that if you're about to install it on more than one machine, go ahead and save it somewhere. Save this MSEInstall.exe to a location that you can access later. In this particular case, it's just a single machine we're going to install this on and I don't need to save the executable for that. We can just let it run once. I find it ironic that it's running a security scan on security software! As you might imagine, installing something as invasive as anti-malware software is going to require administrative privileges.

Next, on the opening screen, we accept whatever the license is. 'The Customer Experience Improvement Program' is totally up to you: it simply sends some anonymous feedback back to Microsoft on characteristics and behaviors of Security Essentials itself.

'If no firewall is turned on, turn on Windows Firewall'. Again, if you know you don't need one, that's fine. But if you're not sure, this is in fact the safest and recommended thing to do.

Now, one of the characteristics of anti-spyware, excuse me, anti-virus software in particular is that while you can have more than one installed at a time, there are options in various anti-virus softwares that will conflict with each other if they are not set properly. To those who know about this, it's basically that you can't have more than one real-time scanner active at a time. They can conflict with each other and the results are either they range from crashes to false positives to missed viruses and so forth. Microsoft Security Essentials takes the position simply that you're installing us, you probably shouldn't have another. In general, that's the right thing to do. If you have another anti-virus software installed at this point, it would make sense to uninstall it first. Graham asks, 'I know you can't run two AV at the same time but how about another anti-malware program, such as Super Anti-Spyware or Malwarebytes Anti-Malware, the paid version.' The short answer is that it depends. Both of those are specifically anti-spyware or sort of anti-spyware and typically don't conflict with the anti-virus programs. On the other hand, you can have more than one anti-spyware program that might conflict with another anti-spyware program. And, again, it typically only comes down to the real-time monitoring aspects of it. Anti-virus tools tend to work in one of two ways; actually in one or both of two ways. They either scan everything as it arrives on your computer; that's what we call real-time. That's the operation where if two programs are trying to scan what's coming into your computer at the same time, they can come into conflict. The other option, of course, is that they can then simply do a scan of what files are on your computer and we'll be talking about that in a minute.

Anti-spyware software tends to work primarily the other way. They tend to work first by monitoring for changes on your computer. How they do that and whether or not they will conflict, whether or not multiple anti-spyware programs will conflict, will depend a lot on the specific programs. Malwarebytes tends to be a pretty innocuous program; it tends to do a very good job of scanning for things that some of the other tools miss, and it also does a very good job of not conflicting with other programs. I actually don't have an opinion on Super Anti-Spyware because I've never actually used it myself.

Do you need Windows Defender if you have MSE installed? Actually, no, and that will happen automatically. Because MSE, Microsoft Security Essentials, actually goes through the process and replaces Windows Defender after it's been installed. Now that we're done installing, we're going to go and start a scan. You can see that the little flag in the lower right has turned from a red 'X' to a little exclamation point indicating that, well, you've got something but it hasn't quite completed securing your machine.

The very first thing that Microsoft Security Essentials does, after it's been installed is to download the updated database, the virus and spyware definitions from Microsoft Central Repository. This is critical and represents the fact that between the time that Microsoft Security Essentials was released, the download that we took was released, and the time that we actually install it, more viruses have been written; more spyware has been created. Downloading the latest database allows us to make sure that we catch everything up until the time that database was created which is something we are downloading right now.

Now, I'm going to switch to a different machine real quick because what it's going to do after this is start a scan and the scan is going to take a little while. So, on my other machine, this is what it looks like after you're done with the scan. It basically is telling you, 'Yep, you're up-to-date. You've got real-time protection; the spyware definitions are taken care of and so forth.'

The 'Settings' I want to encourage you to double-check. This is true for whether you are installing Microsoft Security Essentials or any other anti-virus or anti-malware tool. Because there are two things we need to care about: one is that you run a scheduled scan on your computer. I recommend it daily. In this particular case, you can see that MSE has defaulted to doing a quick scan, which is sufficient, on Sundays at 2 a.m. My belief is that if your computer is not on at 2 a.m., it will try to run the scan as soon as it can thereafter: once the machine is turned on.

The other thing that is incredibly important is this: 'Check for the latest virus and spyware definitions before running a scheduled scan.' The virus and spyware definitions, as I was just saying, are updated frequently. They're typically updated daily. Which means it's incredibly important that your anti-malware solution also check for updated databases daily. Again, the issue is that viruses are being written and spyware being created every day and you want to make sure that your anti-malware solution is looking for the latest and greatest, for lack of a better term, viruses and spyware that have come out even in the last 24 hours. In this particular case, MSE also allows me to make sure that the scan only happens when the computer is not being used. So, for example, if I were up late on my computer at 2 o'clock in the morning on Sunday, using my computer, actually using the keyboard and the mouse, the scan would be delayed until the computer went idle.

It also has the option to limit the CPU usage what that really means is that other applications have an opportunity run essentially as effectively or more effectively. If this is set to 100%, what will happen is MSE will start to run and it will try and use as much of the computer as it can, as much of the CPU as it can. That can impact other software that happens to be running at the same time. Even if you're not using the computer, your computer is technically idle. There may be other software on your machine that's attempting to do something. For example, in my case, my backups may be running at the same time. By limiting the CPU usage to 50%, we're giving MSE enough CPU horsepower to do the job but not so much that it's going to dramatically impact other software running.

So the short summary here for your Settings - and again it's true for MSE and for any other anti-malware tool you might be running - make sure you are setting up to run a regularly scheduled scan. And make sure that it is actually downloading the latest virus and spyware definitions regularly: Ideally, in this particular case, immediately prior to running a scheduled scan.

Now I want to also call out real-time protection. I talked about this a moment ago. It's basically the opportunity for the software to scan incoming data; the data that's being downloaded or copied to your computer as it's being downloaded or copied to your computer. Sometimes, especially when we're trying to figure out certain types of problems, or sometimes when you'll see 'Disable your anti-virus software' to install this unrelated thing, typically what they're talking about is something to disable the real-time protection and that's what this setting is. It allows you to simply say, 'Don't look at any files for awhile as they arrive; I know what I'm doing.' It will still do the regularly scheduled scan at night, in this particular case, or whenever you have it scheduled, it will simply stay out of the way of any information that's being downloaded to or copied to your computer. One of the most common scenarios that I run into, not with MSE, but with some of the other anti-virus tools is that they will monitor email as it arrives on your machine and unfortunately, sometimes that interferes with your ability to even get email. So this is the place to start when you are diagnosing that kind of problems. Then you can turn off the real-time protection and see if that has an impact on what's going on. So with that, I'm also going to shut down this virtual machine to speed things up; go back to our primary where it is installing, still installing, the latest updates from Microsoft.

Any questions relating to installing Microsoft Security Essentials or anti-virus,software? Graham is saying he changed his real-time protection to incoming files only as he found that it checked his old PC too much, say, when I opened My Documents. Absolutely, that's a fine, fine example of the use of that kind of a setting where if the anti-malware tools are somehow impacting what it is you are doing, you have the opportunity to fine tune the settings. I'm going to let this finish updating so that I can stop the scan thereafter and we will move on to our next topic.

Article C4869 - July 8, 2011 « »

Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

July 11, 2011 2:39 PM

Todah Leo! Thank you!
Your updates,input,info,and every answer given to questions asked...have been so-right-on and I know, you are helping not only me, but Millions Sir! I will download this A.S.A.P. onto my laptop.MA(Michka'el).Shalom!

Gabe Lawrence
July 12, 2011 12:41 PM

Curious if anyone has noticed that MS Security Essentials sometimes will make Windows XP "Add/Remove Programs" module hang. The window will open, but the list won't populate. (well, it will actually show the list but can take as long as 20 minutes!...I know I waited once just to see if it would come up). Add/Remove has always been a slow-loader on slow machines but this particular machine (with MS Security Essentials disabled) can load the list in 5 to 10 seconds.

July 12, 2011 1:33 PM

I've been using MSE for several months and it works fine for me.

July 12, 2011 10:45 PM

I have been using MSE for some months – until I ran into a vicious Trojan (unfortunately forgot its name). MSE could not get rid of it and it kept showing up and on until I was fed up. I replaced MSE with G Data Security, a powerful engine that keeps viruses, spasm, trojans, phishing and all kinds of other malware out, and I haven’t got any annoying intruders ever since.

July 16, 2011 3:40 AM

I installed MS Security Essentials more than a year ago and since that I did not have any trouble with viruses or so. It is really a great product.

January 8, 2012 4:48 PM

Recently finished a 3yr BullGuard subscription on my desktop and signed up for a 3yr subscription with Avira which is doing the job just as well and appears to have less effect on system resources (Win 7, 32bit). Then decided to purchase a Medion notebook with Win 7 64bit. Saw your comments re Microsoft Security Essentials and thought I'd give it a go. Very impressed so far. Will monitor and compare the two, but at this stage; "Well done Microsoft."

May 28, 2012 1:57 PM

Please see my comments 163/164 under "What Security Software do you recommend?" for malware that was either missed by well regarded programs (inc MSE) or is a false positive.

Nai Mao
September 21, 2012 9:05 PM

Is there a way to schedule both daily quick scan and weekly full scan Using MSE for Windows 7 Home premium?

Terry Phillips
December 14, 2012 1:25 PM

I recently received an unsolicited phone call from a software business organisation who told me that my MSE software protects I.E. but it does not protect other browsers - e.g. Mozilla. This unnerved me because I have been using other browsers as well as I.E. So I contacted Microsoft, and this is their reply:

I would like to inform you,that MSE works for all Internet Browsers.It works for Background task.Whenever your computer is infected ,MSE will remove all the viruses,provided those virus removal codes are present in the Microsoft Database.If they are not present in the Database,it will ask you to report to Microsoft.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to to ask your question.