Microsoft Security Essentials
What is Microsoft Security Essentials?
Microsoft Security Essentials is software application developed by Microsoft Corporation. It is most commonly found on computers running Windows 7 with nearly 86.91% of installations running this operating system. Microsoft Security Essentials's installer is typically 21.00 MB in size and installs around 63 files. The most common release is 4.5.216.0 with 17.34% of all installations currently using this version.
Microsoft Security Essentials is most popular in the United States with 52.31% of installations residing in this country.
Microsoft Security Essentials adds 6 scheduled tasks to the Windows Task Scheduler launching the program at randomly scheduled times. When using a computer that is connected to the internet, Microsoft Security Essentials is known to create 5 firewall exceptions to allow inbound and outbound connectivity.
About Microsoft Security Essentials?
Microsoft Security Essentials is an antivirus software solution designed to safeguard against a variety of malware, including viruses, spyware, rootkits, and Trojan horses. While initially compatible with Windows XP, Windows Vista, and Windows 7, it is not supported on Windows 8 due to the operating system's integrated antivirus component. Utilizing the same virus definitions and scanning engine as other Microsoft antivirus products, MSE delivers real-time protection by actively monitoring computer activity and scanning new files as they are downloaded or created. Upon detection of threats, the software prompts user input for appropriate action and, if necessary, defaults to predefined settings after a ten-minute window. Additionally, depending on the application's settings, MSE may create System Restore checkpoints prior to removing any identified malware.
Software Behaviors
- Services:
-
- NisSrv.exe runs as a service named 'Microsoft Netwerkinspectie' (NisSrv) "Biedt bescherming tegen inbraakpogingen die gericht zijn op bekende en recentelijk gevonden zwakke plekken in netwerkprotocollen".
- MsMpEng.exe runs as a service named 'Microsoft Antimalware Service' (MsMpSvc) "Helps protect users from malware and other potentially unwanted software".
- Firewall:
-
- shellext.dll is added as a firewall exception for 'C:\Program Files2\HEWLET~1\PCCOE3~1\OVCMS~1\radexecd.exe'.
- msseces.exe is added as a firewall exception for 'C:\Program Files\Microsoft Security Client\msseces.exe'.
- MsMpEng.exe is added as a firewall exception for 'C:\Program Files\Microsoft Security Client\MsMpEng.exe'.
- Setup.exe is added as a firewall exception for 'C:\Program Files\Microsoft Security Client\setup.exe'.
- MpCmdRun.exe is added as a firewall exception for 'C:\Program Files\Microsoft Security Client\MpCmdRun.exe'.
- Scheduled tasks:
-
- msseces.exe is scheduled as a task with the class '{6FA94EF8-7B88-4C31-9AF5-D831F612AF54}' (runs on registration).
- MpCmdRun.exe is scheduled as a task named 'Microsoft Security Essentials Scan' (runs daily at 11:00 PM).
- MsMpEng.exe is scheduled as a task with the class '{36EFC519-FFC0-44BA-A865-06780C54FA6D}' (runs on registration).
- Setup.exe is scheduled as a task with the class '{EAC44AF3-B6F9-401D-8A78-249D0D819684}' (runs on registration).
- MsMpRes.dll is scheduled as a task named 'Microsoft-Windows-TaskScheduler_Operational_Microsoft-Windows-TaskScheduler_103'.
- msseoobe.exe is scheduled as a task with the class '{F92EC1F7-C1CA-4B2B-88BD-D9BA16A7954C}' (runs on registration).
Startup Entries
- Startup tasks:
-
- msseces.exe is automatically launched at startup through a scheduled task named 5.
- MpCmdRun.exe is automatically launched at startup through a scheduled task named MS-AntiVir-Update.
- Registry entries:
-
- msseces.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'Microsoft Security Client User Interface' and executes as C:\Program Files\Microsoft Security Client\msseces.exe.
- msseoobe.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'msseoobe.exe' and executes as C:\Program Files\microsoft security client\msseoobe.exe.
- MpCmdRun.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'Microsoft Malware Protection Command Line Utility' and executes as C:\Program Files\Microsoft Security Client\MpCmdRun.exe.
- MsMpEng.exe is loaded in the current user (HKCU) registry as an auto-starting executable named 'New startup' and executes as "C:\Program Files\Microsoft Security Client\MsMpEng.exe".
- Registry entries (User):
-
- msseces.exe is loaded once in the current user (HKCU) registry as a startup file name 'Application Restart #1' which loads as C:\Program Files\Microsoft Security Client\msseces.exe -Recover.
Software Details
- URL:
- https://go.microsoft.com/fwlink/?linkid=195291&mkt=en-us
- Support:
- –
- Installation path:
- C:\Program Files\Microsoft Security Client
- Uninstaller:
- C:\Program Files\Microsoft Security Client\Setup.exe /x
- Size:
- 21.00 MB
- Language:
- English
Microsoft Security Essentials Executable Details
- Primary executable:
- msseces.exe
- Name:
- Microsoft Security Essentials
- Path:
- C:\Program Files\Microsoft Security Client\msseces.exe
- MD5:
- –
- SHA-1:
- –
- SHA-256:
- –
| File Type | Filename | MD5 |
|---|---|---|
|
EXE
|
e145cc2a3ccd7d8e1fb087882349f78e | |
|
DLL
|
55114fbd9326613d84fdbc1d81644be7 | |
|
DLL
|
851f980d79cf1bf6c6aa838ddc263e90 | |
|
EXE
|
7c4d1069f426892394ce8f8c6e3e2c9b | |
|
EXE
|
80929febfe9bcf622f9b1dd2a0018e01 | |
|
EXE
|
d9791bb34e4f2a00494da759b9bf7aac | |
|
EXE
|
7b6c835f134a1a2310540cd5f990fc96 | |
|
EXE
|
efb15bb0da906e8596cdd5b3cb019015 | |
|
DLL
|
5638cd78bc82608a5b69c9c7999b411c | |
|
EXE
|
12a6555dacda61d3bd9c3e4af887788d |