Apparently I had reached some kind of crapware overload point. My system is back to normal after I uninstalled the following:
Intel Desktop Control Center. That’s a monitoring & overclocking utility that came with my Intel DX58SO motherboard. I used it only for monitoring but it had a permanently loaded driver, so who knows what it was doing.
Creative Labs Zen software. No longer necessary since I switched to an iPod touch. The resident part should be just a file system hook that’s inactive unless a Zen is plugged in, but… it’s Creative Labs.
Bonjour file server. Gets installed automatically with Apple iTunes even though almost no iPod user ever needs it, and sure enough it’s also running some permanent background service.
Nvidia 3D vision support. Gets installed automatically with Nvidia display drivers even though almost no Nvidia user has the required 3D glasses. Haven’t checked if any part of this software is permanently resident but I’m sure I won’t ever need it.
Now the crashes seem to be gone, and a strange slowdown when starting Speed Commander after bootup has disappeared as well.
edit: Crashes returned, and eventually the real culprit turned out to be missing drivers for… the SATA hard disk! Apparently you always need Intel’s Matrix drivers for AHCI SATA drives, even if you’re not running a RAID.
Thanks, I didn’t find that report. So MSE ranks in the top category of this test for the removal of known malware, and higher than OneCare did. That’s good to know – now I’d just like to know how good the heuristics for unknown viruses are.
Hmm, that report must be bogus because MSE and Symantec are both listed as the only two ‘good/good’ for removal and leftovers :) Going for the ad dollars perhaps?? <jk, but it is certainly a little different>
I would think heuristics would be it’s weak spot, mostly due to it’s small footprint and absolute care in backgrounding itself as much as possible. I guess you take the good with the bad. Though it is mentioned that it’s there.
I ran across this post from the Microsoft forums:
MSE requires that the Automatic Update service be running and started, but it does not matter what you have selected in Control Panel/Automatic Updates for the way you want to handle critical and important updates for Windows. It is recommended, however, that you at least allow Automatic Updates to notify you about critical and important updates so that you can choose to download and install them as soon as possible and help keep your operating system secure with the latest patches from Microsoft.
You will not be offered MSE signature updates via Windows Automatic Updates automatically and they will not be offered if you go to Windows Updates manually to check for updates. MSE uses the “pipe” for Windows Update only.
MSE Updates are downloaded automatically using the AU “pipe” which includes BITS, the Background Intelligent Transfer Service. It must be running and up to date, or MSE updates may have a problem.
The Microsoft Antimalware group deploys updates for MSE (also Forefront and Windows Live OneCare) typically a few times daily. It is not critical for you to check for updates throughout the day because when MSE checks for updates, the offered updates will be downloaded and added to the database.
MSE will report that it is up to date and in good status even if the definitions are a few days old on the PC. Note that MSE uses the local signatures for common protection, but it also employs behavioral detection. If suspicious activity is detected, MSE will communicate with the servers to determine if a match has been reported and will immediately download any information needed to deal with the threat if a match is found.
Updates are a once per 24 hour check on a schedule determined by MSE. There is no setting within MSE to change the scheduled time or frequency.
Optionally, you can add a check for updates by setting check for updates before scan and setting up a scheduled scan daily (for a time when the PC will be on as it won’t run a missed scan later).
MSE will also check 10 minutes or so after boot or wake from sleep if there is a
network connection and the current updates are greater than 24 hours old.
It will not perform this catch up check if the current definitions were installed within the past 24 hours, but will wait until the next scheduled check time.
** This “catch up” check is apparently not always working for people on wake
from sleep/standby/hibernate. Microsoft is aware of this problem and are working to fix this in a future release. So, if the PC happens to be asleep when the scheduled check is supposed to happen, and you don’t have the extra check enabled, and you don’t reboot, you can have older definitions. In some cases, several days old. MSE will report that it is up to date until the signatures are greater than 7 days old. At that point, it will change the status to At Risk so that you can check for updates manually.
MSE will not update through an authenticated Proxy Server.
MSE cannot update using WSUS. Since MSE is designed for home use, this should be rarely encountered.
You can manually check for updates at any time, though this should not generally be needed. Open MSE, click on the Updates tab and click the button to check for updates.
You can manually download a full engine and definition package from theMicrosoft Malware Protection Center and apply it to a PC running MSE without a clear network connection, if desired. The full package is quite large, about 40 megs. Typically, the automatic (or manual from within MSE) updates are a few megs in size.
Good information to know, and also a big note on that bug, which I hope they resolve quickly (as I am an avid PC sleeper versus rebooter.) It’s also nice to see there are full packages for download to use for cleaning work.
AV Comparatives has just published PUA detection rates (“potentially unwanted applications”, i.e. adware, spyware etc.). MSE ranks 13th of 16 but that’s not as bad as it sounds as the field is rather close together – MSD still has a 94.6% detection rate, compared to 99.8% for the best product (G Data Antivirus).
I wish they’d include the number of false positives on there. Getting a false positive is almost as annoying as getting the occasional mal ware and seem to happen far more often.
Every time steam updates and has to restart MSE pops up with a possible “unidentify threat” and wants to quarantine it. This is happening on both my Vista 32 and Win 7 64 machines.
