Readers weigh in on MS Security Essentials

Fred langa By Fred Langa

A flood of reader mail (and comments in the Lounge) followed my report of a six-month, real-life test of Microsoft Security Essentials (MSE).

Many reader remarks questioned the uncontrolled nature of the test as well as MSE’s suitability for novices.

Two follow-up questions about MSE’s performance

These two letters are representative of many others I received. First, one from reader Sam North:
  • “I was very interested in Fred Langa’s review of Microsoft Security Essentials. However, it would be very helpful to know how many attacks were thwarted by MSE.

    Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!

    PC Drive Maintenance (Excerpt)

    Subscribe and get our monthly bonuses - free!

    Your hard drives store photos, books, music and film libraries, letters, financial documents and so on. This ebook is aimed at helping you understand your hard drives, expand their capacities and length of life, and recover what you can from them when they fail. We're offering you a FREE Excerpt! Get this excerpt and other 4 bonuses if you subscribe FREE now!



    “Does MSE track and report on attacks? Other security tools provide periodic reports on viruses, Trojans, etc., as well as real-time alerts to attempted system attacks.”
The second is from Ash Nallawalla:

  • “I also review Antivirus products from time to time. I should be installing them on my non-techie relatives’ computers because they come to me when they catch a virus. As a computer-literate person, I know when not to open an attachment or go to a phishing site, even out of curiosity.

    “A lot of home users go for free offerings, which is OK for cautious users, but I wonder how a reckless user might fare [with MSE].”
Good questions and observations, Sam and Ash (and everyone else who wrote in).

MSE provides basic reports on malware it’s found, as shown in Figure 1.

MSE's report
Figure 1. Microsoft Security Essentials’ no-frills reports provide adequate information on virus attacks.

As you can see, MSE does keep a record of malware it’s discovered. In the example, three malware programs made it through one test PC’s front-line defenses over a period of five months; all were caught upon receipt, before any damage could be done.

MSE doesn’t provide a further quantitative breakdown of the number of attacks and such. But I didn’t miss that level of reporting, and here’s why:

Fear helps sell security products, so to justify their continued use, many fee-based anti-malware tools tend to overreport and exaggerate security problems. Quantitative count the attacks or count the threats reports may be reassuring to PC users, but they’re often wildly inaccurate. Often, threats blocked and similar stats are little more than marketing propaganda.

For example, it’s not uncommon for anti-malware tools to count and report every trivial browser cookie as a threat. (Some tools even call all cookies tracking cookies to make them sound more ominous.) In reality, almost all cookies are harmless, posing no threat whatsoever.

There’s also no agreed-upon standard for identifying what truly constitutes a threat or attack, so there’s no valid way to compare one security tool’s numbers with another’s.

If you are skeptical about my test results, feed the search term “security essentials” test review (keep the quote marks) into your favorite search engine. You’ll see that MSE generally gets good marks in formal testing. For example, in a test done when MSE was brand-new, ZDnet reported that “MS Security Essentials test shows a 98% detection rate for 545K malware samples.” You can find other tests with the above search terms.

With that kind of quantitative data available from lab tests, I saw no value in trying to gin up threat counts or attacks-thwarted counts for my real-life tests.

Instead, I took a different tack. In running MSE for more than six months, my nine machines racked up over 4.5 years of cumulative, real-life use under a wide variety of conditions, including portable-PC use in numerous public hotspots during some 20,000 miles (32,000 km) of travel.

After all that, the machines still tested clean. They’re still clean today.

I consider that a pretty fair indication of MSE’s overall competence.

Now to Ash’s comments. It’s true that — like most Windows Secrets readers — I know enough not to click blindly on every attachment that’s sent my way; I don’t download pirated wares and so on. For WS readers — the folks I wrote my story for — MSE is a viable choice for online security.

With that said, any security tool can be circumvented by human error, misuse, or other forms of security lapses. No AV app is 100% foolproof, and I make no claim that MSE can protect all users in all cases.

So, no: MSE won’t work for everyone — no software does. And if it doesn’t work for you for whatever reason, then by all means use a different product.

But for me — and I’ll bet for the majority of Windows Secrets readers — MSE is a set-and-forget product that makes a good foundation for your PC security system. And it’s free.

That’s a combination that’s hard to beat!

Get an old digital camera working with Win7

A note from Steffan jumps right to the point:
  • “Can anyone tell me how to get Win7 to see my Sony digital cam?”
If you’re sure the camera and PC are separately OK — if they both work with everything else but not each other — it’s probably a driver issue.

Some hardware manufacturers don’t offer updated drivers for even slightly older devices. I believe they do this as a way to, shall we say, encourage you to upgrade to a newer version of the hardware. (I’ve been burned by Sony on this very point myself.)

Check the Sony tech support site and make sure you have the latest Win7-compatible drivers and software for your camera — if Sony offers them.

If you can’t find Win7 drivers or camera software, you may be able to get things working via Windows 7′s basic compatibility options. For more info, see Sevenforums.com’s nicely illustrated article, “How to run a program in compatibility mode in Windows 7.” Or, for the official Microsoft explanation, see this Win7 “Help & How-To” article, “Make older programs run in this version of Windows.”

If that doesn’t work, you can also try a full-blown virtual machine using Win7′s XP Mode (info/free download); or you can use an old XP setup disk and free software such as Oracle/Sun’s VirtualBox (site).

Once you have XP running inside a virtual machine, try installing the camera drivers and software there. The virtual machine’s hardware-emulation layers just might be able to bridge the gap between your older hardware and your new operating system.

SFC and ‘Repair install’ may fix config errors

Bob Ellis encountered an unusual configuration problem:
  • “I have been dealing with cleanup and defrag tasks, deleting some unused files. In that process, after many moves, my Windows XP Pro presented a message paraphrased:

    “‘You have two corrupted files: SQLWriter.exe and SQLdumper.rll. Run setup to restore these files.’

    “How one runs setup to restore damaged files is over my head. Can you help with some guidance/instructions?”
That’s not a lot to go on, Bob, but I bet I can help!

The error message is connected to Windows SQL Server. SQL (or Structured Query Language) is the most common programming language used in databases.

Windows uses some basic SQL-related components for internal databases and record-keeping. Various add-on components and programs also may require SQL services.

If you have a standalone copy of Windows SQL Server installed (check the Programs list in your Start menu), your best bet would be to rerun the original SQL Server installation CD. (I’m guessing this won’t be the case, though.)

Likewise, check your Programs list to see whether anything there jogs your memory as being database-related. If so, try reinstalling that software.

Make sure you’re up-to-date with Windows Update, in case the error is related to a patch, update, or Microsoft add-on.

Depending on your original setup, Windows’ built-in System File Checker (SFC) might correct the error.

If you’re using Windows XP, check out Microsoft’s SFC page for how to use it; MS Support article 310747 offers a more detailed “Description of Windows XP and Windows Server 2003 System File Checker.”

Vista/Win7 users can read about SFC in MS Support article 929833.

If SFC can’t fix things for you, try a Repair install of XP, which refreshes the operating system without altering your other software. See the MS Help and Support article, “Perform a Repair Installation.”

In Vista/Win7, it’s called In-place Upgrade; bleepingcomputer.com offers a nice tutorial.

Of course, as with any serious system maintenance or repair, make a backup first.

With luck, after a few minutes with one of the simpler fixes, you’ll be good as new!

Sources for free versions of older software

John O’Regan reminds us of a nifty site:
  • “I came across the Last Freeware Version site recently. It lists the last-available freeware/shareware versions of 206 popular software titles that later went commercial. Most of them are utilities. New entries are added regularly. You’ve probably already heard of it, but I thought it was worth a mention.”
Thanks, John. It’s a nice site and has several competitors that also stock freeware/abandonware, including OldVersion.com, OldApps.com, VersionDownload.com, and Old-Versions.net.

If you want or need an older version of some software, it’s entirely possible that it’s out there waiting for you — free!

Have more info on this subject? Post your tip in the WS Columns forum.

Reader John O’Regan will receive a gift certificate for a book, CD, or DVD of his choice for sending the tip we printed above. Send us your tips via the Windows Secrets contact page.

Fred Langa is a senior editor of the Windows Secrets Newsletter. He was formerly editor of Byte Magazine (1987–91), editorial director of CMP Media (1991–97), and editor of the LangaList e-mail newsletter from its origin in 1997 until its merger with Windows Secrets in November 2006.
= Paid content

All Windows Secrets articles posted on 2010-10-07:

Fred Langa

About Fred Langa

Fred Langa is senior editor. His LangaList Newsletter merged with Windows Secrets on Nov. 16, 2006. Prior to that, Fred was editor of Byte Magazine (1987 to 1991) and editorial director of CMP Media (1991 to 1996), overseeing Windows Magazine and others.