Difference between Malicious Software Removal Tool, WinDefender, Security Essentials?
I could google them for you but I'll try to answer from memory.
- Malicious Software Removal Tool looks for a small set of specific common malware. Each version runs once and is delivered via Windows Automatic Updates
- Windows Defender is MS's antispyware program which monitors changes to startup locations in the registry etc. (see Sysinternals' Autoruns for many examples) It's a free download.
- Security Essentials is MS's antivirus program. It's also a free download.
The short version is you need only consider getting and installing the latter tool (Security Essentials).
The three products are all free from Microsoft under the Windows Genuine Advantage distribution method which first verifies that your license to Windows is valid. They all remove some level of bad software aka malware.
Malicious Software Removal Tool
This is sent out with Windows Updates approximately monthly. It scans for only the most likely current threats out now, and therefore only a small set of threats (say <20) which affect mostly networks of Windows machines. EG blaster at one point. In theory you do not need to think about getting this tool onto your machine unless you're not on a network, in which case you should put the latest version on a usb stick or something.
Windows Defender
Formerly another company's product, it has a lovely name and only handles spyware. It runs a process called MSMpEng.exe
among others. It is the free component of One Care, a subscription based spyware and anti-virus contender directly from Microsoft itself. One Care is no longer available for sale. This generally implies that the Windows Defender tool has also been replaced.
Microsoft Security Essentials
The One Care subscription gave way to this security tool which is provided free under the genuine advantage idea. It provides the same anti-spyware protection as Windows Defender and adds anti-virus protection, I'm unclear on it's trojan and root-kit detection ability. A statement at onecare.live.com says:
On September 29th 2009, Microsoft introduced Microsoft Security Essentials, a FREE consumer anti-malware solution for Genuine Windows based PCs.
Learn more about Microsoft Security Essentials or download from Microsoft directly at: http://www.microsoft.com/security_essentials/default.aspx.
You'll find that this tool also runs MsMpEng.exe
along with msseces.exe
. It should stop Windows Defender from running once installed. If it does not, and you see two MsMpEng.exe
processes, you will experience major slowdown as neither process trusts the other and they attempt to scan each other at startup.
For me personally this software doesn't perform as well as I'd like it to. It doesn't always show up in the taskbar, or start it's gui, even if I ask it to; particularly when it's using 50% or more of my cpu. Some times it logs an error about not being able to submit a sample. It likes to block some of my steam games from running, claiming they need to be submitted for analysis as they're likely threats (they get updated a lot, I see a small bit of logic there). I put in exclusions for each exe I found under my steam folder, but it doesn't support excluding a whole directory it seems. It says it does, but it doesn't work as well as explicitly listing the hl2.exe
etc.