Windows Live OneCare Review

Rumors of Microsoft's involvement in the PC health and safety market began appearing several years ago, back when Windows Vista was still called Longhorn and was expected to ship in 2003 or 2004. Pulled from Vista, this service began life as MSN OneCare back when MSN was still the hub around which most of Microsoft's online products and services were introduced. But it's since become known as Windows Live OneCare in keeping with the branding used for the other Windows Live offerings.

Paul Thurrott

March 31, 2006

16 Min Read
ITPro Today logo in a gray background | ITPro Today

Rumors of Microsoft's involvement in the PC health and safety market began appearing several years ago, back when Windows Vista was still called Longhorn and was expected to ship in 2003 or 2004. In July 2003, I wrote an editorial for Windows IT Pro UPDATE in which I noted that "Microsoft plans to offer its own antivirus service with a low-cost subscription fee." At the time, it was expected that this antivirus subscription service would ship alongside Windows Vista and be offered to customers, electronically, from within that OS.

What a difference three years makes. Since then, Windows Vista has been delayed again and again as Microsoft continuously stripped away key features. And that antivirus subscription service? Pulled from Vista, it began life as MSN OneCare back when MSN was still the hub around which most of Microsoft's online products and services were introduced. In late 2005, however, Microsoft gathered much of MSN into its Windows Division and relaunched the various products and services it had been working on under the Windows Live umbrella (see my preview). So MSN OneCare became Windows OneCare Live, briefly, and then Windows Live OneCare, in keeping with the branding used for the other Windows Live offerings.

There's been a bit of confusion about what Windows Live OneCare--hereafter referred to simply as OneCare--really is. Microsoft describes it as an automatically self-updating PC care service that encompasses security features such as antivirus, anti-spyware, and firewall, as well as PC tuning features like backup, disk defragmentation, and so on. What makes OneCare unique is that it essentially provides many of the centrally-managed IT administrative functionality one might expect in a corporate environment, but to home users. But instead of providing a human administrator, Microsoft provides an Internet-based service that works continually and automatically and is always up to date. You only deal with OneCare, per se, when something goes wrong. And if something really goes wrong, Microsoft is providing support via phone, email, or Web chat.

Also, OneCare is a subscription service for which you must pay a yearly fee (see below for details). This alone differentiates it from most Windows Live products and services, most of which are free and ad-driven. Too, it's worth mentioning that one key part of OneCare's functionality, anti-spyware, is actually provided via loose integration with Windows Defender (see my review), Microsoft's free anti-spyware application (currently in Beta 2 form).

Installing Windows Live OneCare

OneCare is installed via the Windows Live OneCare Web site, from which you can purchase a subscription, activate a subscription using an existing product key, or download a free trial version of the product (Figure). (Alternatively, you can purchase a boxed retail version of OneCare from electronics retailers like Best Buy.) Before you can download OneCare, however, you have to logon to your Passport account and install an ActiveX-based System Check application; this latter task means you must use Internet Explorer (IE) in order to install OneCare. Once you've downloaded the ActiveX control, System Check runs and ensures that your PC meets the minimum requirements (i.e. is running Windows XP with Service Pack 2 or later) and that you don't have any competing security applications installed. If you do have such a thing on your PC, System Check will prompt you to uninstall it first (Figure).

Once that's all taken care of, you can review and approve the terms of service and launch the installer. Unfortunately, the OneCare installer only runs from the Web (Figure). I don't like that you can't simply download the OneCare installer, though I suppose that could change in the final release. This is the type of service you'd want to have available locally, so that you could install it before you even got online the first time. Once OneCare is downloaded and installed, a process that takes only a few minutes, you're prompted to reboot.

Your first reboot is likely to be a bit time-consuming. If you have Internet-based applications that run at boot-time, such as Windows Live Messenger (see my preview), be prepared for a few alert dialogs (Figure) and a bit of waiting time while everything sorts itself out. Eventually, you'll be presented with the main OneCare application window and a helpful starter dialog (Figure).

Using Windows Live OneCare

The OneCare application window looks a lot like Windows Defender, as you might expect, and provides a simple front-end to the various PC protection, performance, and backup features it provides (Figure). Curiously, there's no simple wizard that runs on first boot, letting you configure the various features. Instead, you can poke around the application window or simply close it and wait until OneCare prompts you later to take various actions, which it will.

Once it's up and running, OneCare is pretty-much hands off, though it's not as good as Defender in this regard. If you close the application window and get to work, you'll only run into OneCare when it needs to alert you about something. These alerts range from applications it has blocked to prompts to run various scans or PC health tasks. But unlike Defender, which acts largely as a true background task (that is, it's not seen or heard from usually), OneCare has the unwelcome habit of popping up completely unnecessary notification balloons on a fairly regular basis. You'll thrill to discover how often OneCare is up to date (Figure) and be happy every time it tells you it allowed some application to run (Figure). OK, not really. It's annoying.

Taking a cue from the Security Center tool that debuted in Windows XP Service Pack 2, OneCare utilizes a "green check of health" graphic to visually communicate that all is well with your system from a PC health standpoint. This status graphic appears in the top right corner of the main application window and is quite prominent. If all is not well, such as when there are missing updates to install from Microsoft Update, the graphic will turn into a yellow exclamation point (Figure). And if things are really bad, such as when antivirus protection is disabled, you'll see a red cross (Figure).

What's nice is that in either of the latter two cases, OneCare will also provide a button that lets you fix the problem. Some of these solutions are more integrated than others. In the case of the missing updates, you literally visit Microsoft Update with IE and are forced to manually download whatever's missing. However, when antivirus protection is disables, OneCare provides a single button for re-enabling that functionality.

Overall, OneCare works largely as advertised, providing almost everything you'd want from an all-in-one security suite, with one glaring exception, which we discuss below.

Configuring OneCare

All of Windows Live OneCare's features are configured through the Settings dialog, which is accessed via the View or change settings link in the main application window (Figure). This dialog has tabs for tune-up, backup, antivirus, antispyware, firewall, and logging. The Antispyware tab is interesting because this functionality is actually provided by Windows Defender, which is a separate application. Basically, you can turn off antispyware reminders, which is handy if you're using a different antispyware solution (oh, the shame).

There's also a Manage account link in the main application window, which launches a Web site from which you can manage your subscription (Figure).

Windows Live OneCare features

Windows Live OneCare provides a fairly comprehensive set of functionality. While most security suites, such as ZoneAlarm Security Suite, also bundle antivirus, anti-spyware, and firewalling functionality in a single, easy-to-digest package, OneCare goes the extra mile by adding other useful features designed to keep your PC running smoothly, which is a great idea. This more holistic approach to PC health--where Microsoft goes beyond simple malware protection--really sets this service apart from the competition. In this section, I'll examine each of the features OneCare provides.

Anti-malware

In the Protection Plus section of the main application window, OneCare provides links to its antivirus and firewall features, the Windows Defender application (which must be downloaded separately if it's not already installed), and its front-end to the Windows Automatic Updates feature, which ensures that your system is up-to-date.

The antivirus functionality is two-fold: A feature called antivirus monitoring ensures that your system is constantly being monitored for any suspicious malware activities. And you can also run an antivirus scan, which checks the files on your hard drive for infections. (This latter functionality is exposed through the Tune-up feature in Performance Plus.)

When files are found to include a known virus, they are quarantined. You can view quarantined files by clicking the View or change settings task in the main application window and then choosing the Antivirus tab; then, click View Quarantined Files (Figure). In the resulting dialog, you can attempt to clean infected files (which doesn't always work), delete them, or restore them (the latter of which is obviously not recommended).

Like any antivirus application, OneCare maintains a collection of virus definitions, which it updates on a regular basis. You shouldn't have to deal with that per se, but you can manually update the definitions if you'd like.

If you click the Scan for Spyware link, Windows Defender launches and scans your system for spyware as you'd expect (Figure). Windows Defender is still in beta, and the initial shipping version of OneCare works with the Defender Beta 2 release. (If you don't have Windows Defender when you download OneCare, you'll be prompted to get it.) When the spyware scan is complete, the Defender UI stays running, which might not be optimal for some users.

OneCare includes a firewall that is dramatically better than the firewall built into Windows XP and Windows XP with Service Pack 2 (SP2). Unlike the SP2 firewall, the OneCare version is bi-directional. That is, it scans files leaving your system as well as files attempting to enter your system.

You configure the OneCare firewall from the Firewall tab of the Settings dialog (Figure). The default protection level is Auto, where only known good programs are allowed to access the Internet. You can add programs to this list by OK'ing them in the alert dialogs that OneCare generates when an application attempts to get online. You can also configure the firewall to prompt you the first time any application tries to get online, or turn it off.

An annoyance: There's an option to show a notification when the firewall blocks or allows a program. This should be two different options: I don't personally want to know when OneCare allows a program, but I do like to know when it blocks one.

The final option in this section ensures that Automatic Updates is enabled on your system and configured to download and install updates automatically. With this setting enabled, your system might periodically reboot on its own, but it is the safest setting.

PC performance

In the Performance Plus section of the main application window, OneCare provides a link for running what it calls a system tune-up. This tune-up involves several tasks that help to keep your system secure and performing at a high level. These tasks include:

Hard disk defragmentation. This task regularly runs the Disk Defragger that's built-into Windows, enhancing the overall performance of your system. Since this is a task most users won't think to run regularly, it's a great option to include here.

Virus scan. Not to be confused with OneCare's constant antivirus monitoring, this feature actually runs a virus scan against the files on your PC, ensuring that none are infected with a computer virus. You should run a full scan when you first install OneCare, but if you don't, it will eventually prompt you to do so.

Backup. This feature checks the files on your hard disk against the list of files that were backed up during your last regularly-scheduled backup, and provides a prompt for backing them up if any have changed since that backup. See below for details on the Backup and Restore functionality.

Automatic Updates. OneCare manually runs Automatic Updates to see whether there are any new updates to download from Microsoft Update. These updates can be for Windows or for other supported Microsoft applications, including OneCare itself.

Remove unnecessary files. This optional task, which is disabled by default, will delete or compress files that are on your hard drive but not needed. Fear not, OneCare won't delete the latest version of your next novel, but it will delete files like unnecessary program installation routines, Windows temporary files, temporary Internet files, and the like. The idea here is to save hard drive space, not over-think which files you are and aren't using.

When you run the Tune-up, a Tune-up dialog appears and runs through the list of tasks you've configured (Figure). There's no way to skip parts of the tune-up, so if you just ran a manual virus scan and then launch tune-up, you're going to have to sit through another full scan, sorry. By default, the tune-up runs automatically once every four weeks at 1:00 am on Saturday morning, but I've set mine up to run weekly.

There's one curious omission in Tune-up: OneCare can't trigger a spyware scan as part of the tune-up. Technically, you should be using Windows Defender to monitor your system anyway, and presumably you ran a full scan when you first installed that application. But it would be nice if there were some way for these products to be more closely integrated so that OneCare could trigger Defender spyware scans as well. "We'll get there eventually," Microsoft lead product manager Larry Grothaus told me during a recent briefing, indicating that the company would like to add this functionality to Tune-up.

Backup and restore

In the Backup and Restore section of the main application window, OneCare provides a handy way to backup and restore data files, a feature that, frankly, should be included in Windows itself. (Windows Vista will actually include a much-improved backup and restore application, however.)

Unlike many backup and restore applications, the OneCare version uses a very simple wizard, which makes a lot of sense. You can backup to a CD, DVD, external hard drive, but not a network drive. The first time you attempt a backup, OneCare scans your system and then presents you with a list of the file types you can backup (Figure). Alternatively, you can simply add folder locations and individual files to backup. Once you've completed a full backup, future backups will proceed much more quickly because they only include the files that have changed since the original.

When restoring backups, a similar wizard is employed, and you can choose from a list of backup collections (Figure) and then choose whether to restore all missing files, select files to restore by type, or even search for specific files to restore, which can be very convenient. The wizard also lets you choose how to handle restored files with the same name as files on your PC: You can copy the restored files to a temporary folder or choose not to restore duplicates.

File backup and restore is one of those much-needed tasks that has always been far too painful with the built-in Windows tools. Now, with OneCare, even a beginner should have little trouble backing up important documents.

Problems with OneCare

While Windows Live OneCare is reasonably comprehensive, the one major feature it's lacking is email antispam protection. Microsoft tells me, however, that antispam was low on the list of features its customers were looking for in a managed PC care service, and that most people get this functionality through their ISP or mail provider. This may or may not be the case, but my opinion is that you can never have enough spam-fighting tools at your disposal. ZoneAlarm Security Suite, for example, includes this functionality, and I missed it sorely when I uninstalled it to test OneCare. If you think you might need antispam functionality, you may need to look elsewhere, consider a separate antispam email application plug-in, or move to a mail service that provides excellent spam tools. I've begun using SunBelt Software's IHateSpam 4.0.

Microsoft notes that its free Hotmail email service includes pervasive antispam tools. That's fantastic, but I still believe antispam needs to be included with OneCare too, and certainly the number of spam messages I still receive through my Hotmail account suggests a second layer of protection would be helpful there as well. Perhaps a future revision to OneCare will add this functionality.

Most of my other issues with OneCare are minor and will likely be addressed by future updates. I'd like to see closer integration with Windows Defender and a reduction in the number of alert balloons that it pops up (or at least the option to reduce pop-ups). And if you're running one OneCare task--like Tune-up--and attempt to start another--like Backup--you'll get a dialog alerting you that you need to wait (Figure). I guess I understand why this is necessary.

Cost, support and availability

So how much would you be willing to pay for an automatic and mostly comprehensive PC health and security service? Microsoft is charging $49.95 a year for Windows Live OneCare, but thanks to its new home license, users will be able to install the product on up to three PCs. Because this is a subscription service, you'll need to pony up $49.95 every year, though I should note that this is standard practice for security services. Microsoft says that OneCare goes beyond competing services, however, because this yearly fee also includes product updates. If the company releases a new version of the firewall or whatever, you'll get it automatically. By contrast, you would need to purchase a brand new version of Symantec or McAfee's security suites to get such updates.

For now at least, Microsoft does not have the ability to de-authorize PCs from the OneCare service. For this reason, you could technically install the service on as many PCs as you own, and Microsoft (temporarily) won't try to prevent that. However, this liberal policy will likely be made more compliant with the company's anti-piracy initiatives in the future, so enjoy the free ride while it lasts.

Another feature that separates OneCare from the competition is Microsoft's support policy. In an unprecedented move, the company is supporting all OneCare customers via telephone, online chat, or email. This gives customers a variety of options, so they can choose the method with which they're most comfortable. I think that's a nice gesture, and I'm interested to see which methods customers ultimately utilize the most.

Windows Live OneCare requires Windows XP with Service Pack 2, but it will be upgraded to support Windows Vista as well when that system becomes widely available in early 2007.

Conclusions

I really like Windows Live OneCare and though it lacks a single important feature I feel is absolutely essential for some people, it does go well beyond competing security suites by tackling non-malware-related problems that affect over PC health, including PC performance. If you're using an email service that provides extensive anti-spam and antivirus filtering, OneCare is a no-brainer: It's reasonably inexpensive, can be installed on multiple PCs in your home, and provides virtually every PC health feature anyone would want for a home PC. Because it's configured as a centrally-managed, automatic service, it's always up-to-date and can be updated with new features and functionality as-needed. My understanding is that Symantec and McAfee are racing to ship product suites that compete more closely with OneCare. I'm not surprised. With OneCare, Microsoft has looked past standard anti-malware functionality and come up with a more complete PC health solution. Highly recommended.

About the Author

Paul Thurrott

Paul Thurrott is senior technical analyst for Windows IT Pro. He writes the SuperSite for Windows, a weekly editorial for Windows IT Pro UPDATE, and a daily Windows news and information newsletter called WinInfo Daily UPDATE.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like