Page 1 of 2 12 LastLast
Results 1 to 15 of 18
  1. #1
    5 Star Lounger
    Join Date
    Jan 2011
    Location
    Seattle, WA
    Posts
    1,070
    Thanks
    42
    Thanked 132 Times in 86 Posts

    More free security tools from Microsoft




    LANGALIST PLUS

    More free security tools from Microsoft


    By Fred Langa

    Three useful malware tools from Microsoft run on XP, Vista, and Windows 7 but — inexplicably — don't work on Windows 8! Plus: Questions about running multiple security apps together, solving hangs at shutdown, and curing homepage hijacking in a browser.


    The full text of this column is posted at windowssecrets.com/langalist-plus/more-free-security-tools-from-microsoft/ (paid content, opens in a new window/tab).

    UPDATE: On May 18, one day after this story was published, Microsoft released the Enhanced Mitigation Experience Toolkit v4 Beta. According to the specs published on the app's download page, EMET now supports Windows 8.

    Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.
    Last edited by Tracey Capen; 2013-04-18 at 19:17.

  2. #2
    New Lounger
    Join Date
    Dec 2009
    Location
    Palm Beach County, FL, USA
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Hi Fred,

    Been years since I corresponded with you on the old LangaList. Howdy, and all that.

    Re running multiple security products: I've used MSE combined with Prevx (paid) for several years. Works great, and I haven't had an infection since I started, despite some fairly devil-may-care surfing from time to time. I have the same setup on our desktop, my laptop and my wife's netbook (Win 7 Pro, 7 Home Premium and 7 Starter Edition). All work perfectly, and all are malware free when I do my monthly scans with other products.

    Sitting here with a printout of your upgrade/refresh article while "upgrading" 7 on the desktop. So far so good...

    Regards,
    Bill Webb
    Last edited by digitalzen; 2013-04-18 at 01:39.

  3. #3
    New Lounger
    Join Date
    Jul 2010
    Location
    Liverpool
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Hi Fred,
    What are the issues with EMET under windows 8? I have it (v3.0) installed and apparently working okay on two computers. Should I be uninstalling it?

    Kev

  4. #4
    2 Star Lounger
    Join Date
    Mar 2010
    Location
    Midwest USA
    Posts
    120
    Thanks
    2
    Thanked 2 Times in 2 Posts
    In my experience running multiple real-time scanners always becomes a problem when one of them is Norton or AVG or McAfee, etc. Running MSE alongside MalwareBytes seems to work fine, with no major performance hit. One of the biggest problems I see happens when the fools from Comcast install their special flavor of Norton and its associated dumb-ware on top of an existing anti-malware tools. It can bring systems to a halt.

    As to Fred's dissing of SuperAnti Spyware...it's deserved. The tool is excellent but the marketing guys at that company are idiots. SAS is one of the few tools that kills off tracking cookies, its results reports are very good, and it also has easy settings for how much CPU power to use.

  5. #5
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,482
    Thanks
    176
    Thanked 152 Times in 129 Posts

    SUPER Antispyware Tips and Info

    If for some reason Super Antispyware does not completely uninstall with the built-in uninstaller, you can download and run the Super Antispyware Uninstaller Assistant. (FAQ Page)

    I have found that when used only as an installed but non-active second-opinion spyware scanner, Super Antispyware has found spyware which was ignored or not detected by MSE, Malwarebytes and other AV/AS applications. Whether or not you prefer to keep cookies will determine whether or not you appreciate the Tracking Cookies being labeled as malicious and removed. Fred has labeled this kind of behavior as "scareware tactics" in past columns.

    The fact that the SAS Technician's Edition (their actual name for the USB-based stand-alone .COM program -- it is NOT a Win32 .exe program unless the download link was not working when you tried to obtain it) must be installed into a computer to work does deprecate this tool below the usefulness of a CD or USB based true stand-alone application like Microsoft's Windows Defender Offline Tool. But the purpose of getting a scan to run when malware blocks access to the Internet or to specific AV definitions download sites, is equally well served by SAS Technician's Edition as by any truly offline scanner tool. It gets the same job done. In most cases where folks resort to such extreme measures, I would recommend wiping the hard drive and restoring from a backup image using an offline backup and recovery CD. You'd be safer and more sure of a quick return to a clean PC status.

    So Super Antispyware is not perfect. Neither is Malwarebytes, as it routinely sends dire messages about Nir Sofer's utilities and tries to mark them as "Hack Tools" or some such, raising the need to make 50 Exceptions with every MBAM run. MSE has the same nasty habit.

    Overall, no I wouldn't recommend SAS as the only second-opinion scanner to be used. And I wouldn't recommend it for use if the hard drive won't boot or if there's a severe infection which is messing around with Internet access. Then again, in such extreme cases I wouldn't advise continuing to use that installation of Windows at all. It's safer and faster to wipe the drive and restore from a disk image or system image and data backup.
    Last edited by bobprimak; 2013-04-18 at 16:49.
    -- Bob Primak --

  6. #6
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,482
    Thanks
    176
    Thanked 152 Times in 129 Posts
    Quote Originally Posted by kev160967 View Post
    Hi Fred,
    What are the issues with EMET under windows 8? I have it (v3.0) installed and apparently working okay on two computers. Should I be uninstalling it?

    Kev
    Here is the story of EMET and its issues on Windows 8. It will install and does work -- sort of. Sort of is not good enough for me.
    -- Bob Primak --

  7. #7
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,748
    Thanks
    171
    Thanked 649 Times in 572 Posts
    Quote Originally Posted by bobprimak View Post
    Here is the story of EMET and its issues on Windows 8. It will install and does work -- sort of. Sort of is not good enough for me.
    EMET 4.0 due for full release within a month sounds promising though (includes Windows 8 compatibility fixes).

    Bruce

  8. The Following User Says Thank You to BruceR For This Useful Post:

    bobprimak (2013-04-20)

  9. #8
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Midwest, USA
    Posts
    108
    Thanks
    5
    Thanked 5 Times in 4 Posts
    I had the opportunity last year to clean two machines (my brother-in-law''s and a friend"s machine). Both were badly infected by a malware program. On the first machine I ran Spybot, then Malware Bytes to no avail. I ran both on startup before windows starts and it still was there. Finally I ran SuperAntiSpyware and it cleaned the machine. On the second machine I went straight to SuperAntiSpyware and it cleaned the machine on the first pass. I was hooked and bought the Pro version and installed it alongside MSE on all three of my own machines. I still run it on my machines. I now have a Windows 8 machine, spybot does not work on it. Malwarebytes does. I am waiting to see if SuperAntiSpyware comes out with a Windows 8 version. When they do I will install it as soon as I can. They earned my support by doing an excellent job. I always keep a recent disk image of my machines to make a cleanup easier, but have never had to use the image on any of them.

  10. #9
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,482
    Thanks
    176
    Thanked 152 Times in 129 Posts
    Quote Originally Posted by BruceR View Post
    EMET 4.0 due for full release within a month sounds promising though (includes Windows 8 compatibility fixes).

    Bruce
    Thanks for the update, but we've been warned that this EMET discussion seems to be getting to be too much for the Lounge Moderators. I guess this means we have to drop the discussion now. The update does look promising.
    -- Bob Primak --

  11. #10
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,482
    Thanks
    176
    Thanked 152 Times in 129 Posts
    Quote Originally Posted by caveman144 View Post
    I had the opportunity last year to clean two machines (my brother-in-law''s and a friend"s machine). Both were badly infected by a malware program. On the first machine I ran Spybot, then Malware Bytes to no avail. I ran both on startup before windows starts and it still was there. Finally I ran SuperAntiSpyware and it cleaned the machine. On the second machine I went straight to SuperAntiSpyware and it cleaned the machine on the first pass. I was hooked and bought the Pro version and installed it alongside MSE on all three of my own machines. I still run it on my machines. I now have a Windows 8 machine, spybot does not work on it. Malwarebytes does. I am waiting to see if SuperAntiSpyware comes out with a Windows 8 version. When they do I will install it as soon as I can. They earned my support by doing an excellent job. I always keep a recent disk image of my machines to make a cleanup easier, but have never had to use the image on any of them.
    As of October 2012, Super Antispyware's Forums state:

    "The new version is compatible with Win 8." This has been my experience with Windows 8 Pro.

    As an adjunct to MSE, I'd count SAS as about as good as Malwarebytes. The choice is yours.
    Last edited by bobprimak; 2013-04-21 at 06:32.
    -- Bob Primak --

  12. #11
    3 Star Lounger
    Join Date
    Dec 2009
    Location
    Bozeman, MT
    Posts
    328
    Thanks
    2
    Thanked 3 Times in 3 Posts
    Installed EMET beta on Win 8x64 machine. Tried switching from good site in Opera to IE10 (InIE on my toolbar). EMET threw up endless error boxes and wouldn't let IE open. So much for that (for now at least).

    Agree with Bob about SAS Pro, both its operation and compatibility with Win 8. Been many months since I had MB on my machine, but for years SAS Pro has done better for me (in Win 7 too). Drives me crazy when someone on a forum insists on an MB run, that it's the only valid one. But then with Win 8 I haven't had need for that.

  13. #12
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,491
    Thanks
    284
    Thanked 577 Times in 480 Posts
    Quote Originally Posted by highstream View Post
    Been many months since I had MB on my machine, but for years SAS Pro has done better for me (in Win 7 too). Drives me crazy when someone on a forum insists on an MB run, that it's the only valid one.
    It's been my experience with various free versions of SAS that it's more prone to false positives than MBam's quick scan is therefore MBam is quicker and safer for the uninitiated to setup correctly and run (no cookies scanned for etc.), then select all to remove than SAS.

    It's about "first, do no harm", similar to Combofix, which is updated so frequently that 'bad' versions do sometimes slip through the net, which really shouldn't be used by less experienced users except under careful guidance.

  14. #13
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,482
    Thanks
    176
    Thanked 152 Times in 129 Posts
    With SAS Free, false positives range from user preferences not to delete tracking cookies to programs such as the Nir Sofer Utilities which are harmless but whose behaviors are similar to malicious hack tools. User perception will influence with SAS, MBAM and MSE whether or not false positives are really that much of a problem.

    I always try to make my own decisions about any malware warning or flag. I have learned to recognize typical false positives. In my experience, all good anti-malware programs err on the side of caution, and flag too much rather than allow anything truly harmful to slip through. These cautions apply especially to deep or full file scans.

    False positives -- this is what Ignore Lists are for.
    -- Bob Primak --

  15. #14
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,491
    Thanks
    284
    Thanked 577 Times in 480 Posts
    Quote Originally Posted by bobprimak View Post
    False positives -- this is what Ignore Lists are for.
    That's fine for the likes of us who can recognise them as such.

    How would you rate a file that scored "Detection ratio: 22 / 46" in VirusTotal?



    VTtest.jpg

  16. #15
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,491
    Thanks
    284
    Thanked 577 Times in 480 Posts
    I just noticed a recent comparison of MBAM and SAS: http://www.techsupportalert.com/best...re-remover.htm
    Discussion

    Top of the list is Malwarebytes Anti-Malware Free (MBAM). MBAM is a top notch and reputable product. A fairly lightweight download (just over 10 MB) and simple installation means this is not a burdensome product. In my testing, even when the PC was severely infected with many nasties running, it started without any problem and scanned and removed those nasties effectively. The interface is very simple, the scans are very fast and detection is first class. A reboot to complete cleaning was still required for some malware, though this is a minor inconvenience, and required by most programs of this type. The only downside is it has no portable version, and if there is no working network connection in the infected PC you won't be able to download the latest virus definition updates.

    Second is SUPERAntiSpyware (SAS). Once upon a time this was a good product but recent releases have not been up to the mark. The interface is simple, updates are speedy but it still installs a start-up item which doesn't actually do anything at all. The scan speed is twice to thrice that of MBAM and the detection is less than half of it. The removal also left a lot to be desired. It left a few nasties running even when it showed them as removed. SAS also requires a reboot to complete the removal process. The upside is, it has a portable version which will help with the removal of infections from computers without a working network connection. I hope version 5 brings improvements.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •