# MS Support Emergency Response tool



## Stoner (Oct 26, 2002)

It's being touted as a new av,trojan, malware on demand scanner from MS.
Has anyone tried it and if you did, was it useful?

http://www.microsoft.com/security/scanner/en-us/default.aspx


----------



## Phantom010 (Mar 9, 2009)

Haven't tried it but I would guess it's something similar or identical to the useless *Microsoft Malicious Software Removal Tool* (MRT) already present on all computers?


----------



## Stoner (Oct 26, 2002)

I tried it last night.
I ran it from it's folder in Safe Mode.

None of my installed security apps were reporting malware....I just wanted to test out this new MS tool to see if anything was missed.

Nothing was found.....but 'how efficient is the tool' is the question.
I haven't found any reviews of significance, yet....


----------



## aka Brett (Nov 25, 2008)

I am skeptical
From the link



> Note: The Microsoft Safety Scanner expires 10 days after being downloaded. To rerun a scan with the latest anti-malware definitions, download and run the Microsoft Safety Scanner again.


Does this mean once installed it cant update for 10 days?...or definitions are released every 10 days and require a new version?


----------



## Elvandil (Aug 1, 2003)

It is probably similar to the MRT in that it targets specific, common infections and is not a general-use scanner.


----------



## slogger (Jun 2, 2011)

I have Defender Pro (that has not been working properly for months, and I think June 1st my subscription was up) so I ran this, and below is what was reported after a 3.5 hour scan.
trojan:win32/alureon.ec Partially removed

adware:win32/open candy  Exploit:Java/CVE 2008-5353.QV

Exploit:Java/CVE 2008-5353.SN Exploit:Java/CVE 2009-3867.EZ

Exploit:Java/CVE 2009-3867.HC Exploit:Java/CVE 2009-3867.IJ

Trojan:Java/Bytverify Trojan:Java/Mugadamel.A

Trojandownloader:Java/Openconnection.em Trojandownloader:Java/Psyme.D

I don't know how long they have been on my puter, but I am not sure why Defender Pro stopped working.


----------



## lunarlander (Sep 22, 2007)

I haven't heard of Defender Pro antivirus. I would only trust those av tested by av-comparatives and virus bulletin.


----------



## Snagglegaster (Sep 12, 2006)

Elvandil said:


> It is probably similar to the MRT in that it targets specific, common infections and is not a general-use scanner.


Actually it is a general purpose tool. I haven't used it, but a network administrator I trust uses it frequently.

Edit: When someone who runs the IT services for an organization with 2000+ users recommends software, I'm inclined to listen.


----------



## Snagglegaster (Sep 12, 2006)

lunarlander said:


> I haven't heard of Defender Pro antivirus. I would only trust those av tested by av-comparatives and virus bulletin.


Defender Pro is essentially crapware. It is a repackaged, outdated version of of Kaspersky AV combined with some useless spam blockers, etc. It's junk you buy at WalMart.


----------



## 1956brother (Jun 4, 2010)

what do you think of nortons. is it worth the cost. is there good and reliable anti virus software out there when i first came on site a member recommended a microsoft product


----------



## Phantom010 (Mar 9, 2009)

1956brother said:


> what do you think of nortons. is it worth the cost. is there good and reliable anti virus software out there


Do you really want to know? 

I would consider much better alternatives.

Paid:

- ESET NOD32

- Kaspersky

- BitDefender

Free:

- Microsoft Security Essentials

- Avira Antivir


----------



## 1956brother (Jun 4, 2010)

Phantom010 said:


> Do you really want to know?
> 
> I would consider much better alternatives.
> 
> ...


thanx:up:...you look familiar. do i know you from somewhere else?


----------



## Phantom010 (Mar 9, 2009)

You may have seen me on the forum. I've been here a couple of years.


----------



## Snagglegaster (Sep 12, 2006)

1956brother said:


> what do you think of nortons. is it worth the cost. is there good and reliable anti virus software out there when i first came on site a member recommended a microsoft product


Norton AV is still very good if you stick with their basic AV software and don't let them upsell you to NIS and Norton 360. All the same, I don't use it, and I don't sell it anymore. I run NOD32, and, in the interests of full disclosure, I sell it. However, if I wasn't confident about the product I wouldn't use it or sell it.


----------



## lunarlander (Sep 22, 2007)

A Trial version of Norton is commonly bundled with new computers now. Such that malware now knows how to bypass/disable it. The likes of PC Magazine and PC World may still recommend it, but I wouldn't. 

I think Aka Brett has done studies with new malware and find that ESET NOD is resilient. He also mentioned another one, but I forgot what it is.


----------



## Snagglegaster (Sep 12, 2006)

lunarlander said:


> A Trial version of Norton is commonly bundled with new computers now. Such that malware now knows how to bypass/disable it. The likes of PC Magazine and PC World may still recommend it, but I wouldn't.
> 
> I think Aka Brett has done studies with new malware and find that ESET NOD is resilient. He also mentioned another one, but I forgot what it is.


Okay. Av-Comparatives picked F-Secure as their Product of the Year for 2010, with Symantec (AKA Norton) as the runner up. So, it isn't just me, PCMag, etc. that still think it's effective software. Any AV product can be subverted by an infection, and NOD32 isn't exempt. Let me refer to my most recent post in the thread where I said, re: Norton; don't use, don't sell.

So, no matter how many things I dislike about Norton (service, support, marketing, etc.) I still have to say the product performs very well in most respects.


----------



## lunarlander (Sep 22, 2007)

According to Aka Brett's research with malware-de-jour, he said that ESET is one of those that survived attacks.


----------



## aka Brett (Nov 25, 2008)

Saw the mention
I had read through so many articles and reviews of AV products I was going in circles...There was nothing consistent about the reviews........I wasnt satisfied as I still didnt know which products did the best.
So I said to myself I have many,many hours of research involved and dont have anything conclusive,so there is only one way to find out.

I set up a virtual machine using XP for the testing..I then kept throwing zero day malicious files at the install.
Eset,Kaspersky,and Bitdefender stood rather tall among the many AV products 
Eset and Kaspersky did good jobs of protecting of the AV product itself
Bitdefender had great protection and had slightly better detection than Eset and Kaspersky but was the easiest to cripple of the trio.
The other 2 would still be able to receive "updates" and take care of the infections a few hours later.
While I am sure they could also be crippled given the right malicious file ..the software was designed to protect itself which IMO is very important...as the machine can be saved generally a few hours later when virus "updates" are received..
There wasnt much the 3 didnt catch...and in the event they did get infected were able to fix them selves within hours
However...........................
One file took over 3 days before Malwarebytes picked it up...Superantispyware actually picked it up first a day earlier
Bitdefender was crippled
Kaspersky and Eset were able to clean themselves when the updates hit later{3 days later as well}..
This was a very nasty file,,,and was showing clean when submitted to over 40 vendors for over 2 days...with Superantispyware being the first to list it.......A great product...IMO it was over rated in the past but it has come along ways and is a great tool with a deserving reputation.
No product will 100 percent protect you...but if you are going to spend money on it{as we are wanting to protect our OS}..then one should do it to the best of the ability and roll with Eset or Kaspersky.
Detection rates change daily for the products..as one engine may do a better job with the latest type of malicious files than the other..the next day when different type files are out..the other engine may be better.
But...for all around doing consistently good/ Eset and Kaspersky do just that
A machine is more responsive with Eset than with Kaspersky
Kaspersky is a better value if you are protecting multiple PCs...which most of us have.
I cant pick a clear winner...but at least I have narrowed my choices dramatically
I had done 2 rounds of testing a few weeks apart,and still favored the two


----------



## 1956brother (Jun 4, 2010)

thanx for your help

i asked these questions because i have had nortons for the past year. i was up for renewal. 

i tried to talk to nortons about the renewal. i was given a chat box which was not more than a commercial for their products. they did not care to answer my questions....i removed their product.

so right now i have only the microsoft security essential (free on line version). i have had this for some time along with the nortons. 

i have read you should not use two security software at one time is this true?...why

i will say without the nortons my computer seams much faster.

am i OK the the microsoft product or should i look to purchase a av software?

thanx again for your help:up::up:


----------



## Snagglegaster (Sep 12, 2006)

At the risk of redundantly repeating myself one more time, I use NOD32. Don't see how my recommendation can be any clearer.


----------



## 1956brother (Jun 4, 2010)

Snagglegaster said:


> At the risk of redundantly repeating myself one more time, I use NOD32. Don't see how my recommendation can be any clearer.


i thank you for your time.

i am new to this site. i have seen a couple of familiar faces. i would like to hear from them as well.

i would appreciate your patience


----------



## aka Brett (Nov 25, 2008)

I am a familiar face 
Eset{nod32} is among the top 2 choices

http://www.eset.com/us/

I actually tested smart security and not the stand alone AV{nod32}
The machine ran rather well for having a security suite installed.

Go for the trial..take it for a spin


----------



## Snagglegaster (Sep 12, 2006)

I agree that aka Brett is a familiar face. And, in fact, I mostly respect his opinions. So, can we have a group hug here, or do we need a third party?


----------



## aka Brett (Nov 25, 2008)

Its real easy to check AV products against the latest threats
Install virtual box {its free}
Put on a copy of which windows OS you want to test.{I use xp as it doesnt take as much resources}
You have 30 days before having to activate windows..more than enough time to check out the products.
Go hit the links on these sites
{DO NOT GO TO THESE SITES AND START HITTING LINKS UNLESS YOU ARE USING A VIRTUAL MACHINE},,,you can hose your machine real fast

http://support.clean-mx.de/clean-mx/viruses?response=alive

http://www.malwaredomainlist.com/mdl.php

I would like to point out that one should stick to the ones that are less than a few hours old.
This is how you separate the boys from the men with the AV products...heck anything will catch something thats been out a week.
What they do is modify the files somewhat then reintroduce them again to stay ahead of the AV products.
A good AV product doesn't catch a file by its signature but rather the files "behavior"

Be sure to test the products again in a few days with the latest files as one AV product may perform better today then another AV product tomorrow and vice versa

To confirm a clean system run malwarebytes after you test the AV product against the latest malicious files...and then 2 or 3 days later so you can get the latest updates

Superantispyware and hitmanpro are also very good to see if anything slipped past the AV solution you are testing.

I recommend testing Avira,Avast and AVG first to get them over with...all will fail within a few links.
With Eset, Kaspersky,and Bitdefender you may be there awhile

Just because one product does better than another doesnt mean it will be the best tomorrow...but the three products listed above did consistently well overall

Also part of the reason I had to try the products was because the posts of another member.
He was saying the free AV products were junk..I then started researching the products online and couldn't get any consistency with reviews.
So I tested them myself.......The member here was right...There is alot of difference in the AV products and online reviews mean very little.
But dont take my word for it...test them yourself to eliminate any doubts.

When you are done your list will be
Eset
Kaspersky
Bitdefender


----------



## aka Brett (Nov 25, 2008)

Also...and slightly off topic but somewhat related
Sandboxie

http://www.sandboxie.com/

Ideal for surfing the internet...an infection is cleaned when you empty the sandbox...its that easy.
You still want to keep a good AV solution though...since an infected sandbox is still infected until it is emptied.
We want to scan downloads we want to keep etc


----------

