MS Security Essentials
Overview
MS Security Essentials is a program developed by Microsoft. Upon installation and setup, it defines an auto-start registry entry which makes this program run on each Windows boot for all user logins. It adds a background controller service that is set to automatically run. Delaying the start of this service is possible through the service manager. A scheduled task is added to Windows Task Scheduler in order to launch the program at various scheduled times (the schedule varies depending on the version). When installed, it will add a context menu handler to the Windows shell in order to provide quick access to the program. The software installer includes 28 files and is usually about 26.17 MB (27,437,730 bytes). A majority of the PCs this is running on, most OS versions are Windows 7 (SP1). The distribution of this has mostly been seen in the United States.
Program details
URL: go.microsoft.com/fwlink/?LinkID=195291&mkt=en-us
Installation folder: C:\Program Files\Microsoft Security Client
Uninstaller: "C:\Program Files\Microsoft Security Client\Setup.exe" /x
Estimated size: 26.17 MB
Files installed by MS Security Essentials
-
NisLog.dll - Microsoft Network Inspection System (Microsoft Network Inspection System Logging Provider)
-
NisWFP.dll
-
DbgHelp.dll - Debugging Tools for Windows(R) (Windows Image Helper)
-
SymSrv.dll - Symbol Server
-
EppManifest.dll - Microsoft Security Essentials (MSE Resource Module)
-
MSESysprep.dll - Microsoft Security Essentials Sysprep Module
-
msseoobe.exe - Microsoft Security Essentials OOBE Wizard
-
msseooberes.dll - Microsoft Security Client OOBE Wizard Resources
-
MsseWat.dll - Microsoft Security Essentials WGA module
-
MpAsDesc.dll - Microsoft Malware Protection (Definition Update Descriptions)
-
MpClient.dll - Client Interface
-
MpCmdRun.exe - Microsoft Malware Protection Command Line Utility
-
MpCommu.dll - Communication Module
-
mpevmsg.dll - Event Resource Module
-
MpOAv.dll - IOfficeAntiVirus Module
-
MpRTP.dll - AntiMalware Realtime Monitor
-
MpSvc.dll - Service Module
-
MsMpCom.dll - COM Utility
-
MsMpEng.exe - Antimalware Service Executable
-
NisIpsPlugin.dll - Microsoft Network Realtime Inspection Plugin
-
NisSrv.exe - Microsoft Network Realtime Inspection Service
-
MsMpRes.dll - Microsoft Security Client (User Interface Resource Module)
-
msseces.exe - Microsoft Security Client User Interface
-
Setup.exe - Microsoft Security Client Setup
-
SetupRes.dll - Microsoft Security Client Setup Resources
-
shellext.dll - Microsoft Security Client Shell Extension
-
MsMpLics.dll - Microsoft Antimalware (License Module)
-
SqmApi.dll - SQM Client
Behaviors exhibited
Context Menu Handler
- shellext.dll added to Windows Explorer under the name 'TVCShellExt' with a class of {4E33A7F5-8083-4C08-9D45-C5CED88F5C04}.
2 Scheduled Tasks
- MpCmdRun.exe is scheduled as a task named 'Virus Scan' (runs daily at 12:10 AM).
- msseces.exe is scheduled as a task with the class '{A6D0135F-63ED-48CC-95EA-FEEB56827132}' (runs on registration).
2 Services
- NisSrv.exe runs as a service named 'Microsoft Netwerkinspectie' (NisSrv) "Biedt bescherming tegen inbraakpogingen die gericht zijn op bekende en onlangs gevonden zwakke plekken in netwerkprotocollen".
- MsMpEng.exe runs as a service named 'Microsoft Antimalware Service' (MsMpSvc) "Helps protect users from malware and other potentially unwanted software".
Startup File (User Run Once)
- msseces.exe is loaded once in the current user (HKCU) registry as a startup file name 'Application Restart #0' which loads as C:\Program Files\Microsoft Security Client\msseces.exe -Recover.
Startup File (All Users Run)
- msseces.exe is loaded in the all users (HKLM) registry as a startup file name 'MSC' which loads as "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey.
Resource utilization averages
Show technical details
MpCmdRun.exe |
Kernel CPU: | 0.00196699% | |
MsMpEng.exe |
Memory: | 77.04 MB | |
Total CPU: | 0.0076680387% | |
Kernel CPU: | 0.00327013% | |
User CPU: | 0.00439791% | |
CPU cycles/sec: | 834,121 | |
Switches/sec: | 6 | |
I/O reads/min: | 107.8 KB | |
I/O writes/min: | 5.93 KB | |
NisSrv.exe |
Memory: | 7.71 MB | |
Total CPU: | 0.0024798467% | |
Kernel CPU: | 0.00081574% | |
User CPU: | 0.00166411% | |
CPU cycles/sec: | 25,483 | |
I/O reads/min: | 0 Bytes | |
I/O writes/min: | 28 Bytes | |
How do I remove MS Security Essentials?
You can uninstall MS Security Essentials from your computer by using the Add/Remove Program feature in the Window's Control Panel.
- On the Start menu (for Windows 8, right-click the screen's bottom-left corner), click Control Panel, and then, under Programs, do one of the following:
- Windows Vista/7/8/10: Click Uninstall a Program.
- Windows XP: Click Add or Remove Programs.
- When you find the program MS Security Essentials, click it, and then do one of the following:
- Windows Vista/7/8/10: Click Uninstall.
- Windows XP: Click the Remove or Change/Remove tab (to the right of the program).
- Follow the prompts. A progress bar shows you how long it will take to remove MS Security Essentials.
HOW IT STARTS
Automatically starts? Yes
(Found in the run registry)
|
|
USER ACTIONS
|
Uninstall it 4%
Keep it 96%
|
|
|
MOST USED OS
~99%
Windows 7 (SP1)
|
Geography
100.00% of installs come from the United States
Which countries install it?
About Microsoft
Microsoft Corporation develops, manufactures, licenses and supports a variety of products and services related to computing.
Publisher URL: www.microsoft.com