[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 667
  • Last Modified:

Advice Re: MSE, Combofix others

I just loaded MSE.  There seems to be widespread agreement that this is a good overall program.  Just wanted your thoughts. Also, there are some setting I wanted advice on (see screenshot).

My biggest concern is that these programs use up lots of the CPU.   I'm going from 2 gigs to 4gigs so that memory is never an issue.  Will I experience any improvement?  

What are the dangers of combofix.  One guy recommended it but others say NO.  
mse.bmp
0
ralphwalkerdj
Asked:
ralphwalkerdj
  • 7
  • 3
  • 2
  • +1
2 Solutions
 
younghvCommented:
ComboFix is one of the most powerful "Repair" applications available.
It is never loaded unless needed - then it is uninstalled when done.

Go with Malwarebytes-Pro for on-access, 24/7 protection.
http://www.malwarebytes.org/ (About US$25 each)
0
 
younghvCommented:
Just as an FYI...please take a read through to published instructions for the use of CF.

Unfortunately a lot of people like to give their 'opinions' on its use, so you should go to the source and read it for yourself:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

0
 
younghvCommented:
My final comment (for now).
I've been replacing AVG and AVAST (with MSE+MBAM) on all of my customer's computers for about a year.

Some of these computers are quite old and were definitely lagging. MSE appears to have a much smaller drain on the processor and RAM - and - with 4 GB RAM you shouldn't see anything but a lot of speed improvement.
0
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

 
rossfingalCommented:
Hi!
Just to add to the good advice posted.
The feedback concerning MSE appears to be favorable.
Here's some more info from the source (or, very close to it) of "Combo Fix" - regarding it's usage.

http://www.bleepingcomputer.com/forums/topic273628.html

An interesting read.
0
 
ralphwalkerdjAuthor Commented:
Thank you, younghv.  I don't have anything regarding viruses.  But sometimes things can slip under the radar.  I guess I think of things like Combofix and analagous to using amonia once in a while to kill of any possible bacteria in your clothing.

I'm not too wild about paying on a per computer basis for MBAM, as I sometimes change drives.   Is the free version sufficient to be used along with AVG.    I guess i'm wondering if I can have things like CCleaner, SuperantiSpyware, etc as part of my arsenal, just to use once a month or so.
0
 
younghvCommented:
OK - good questions.

1 - I have had several problems with MBAM playing nice with AVG. For me that is OK, since AVG (pro) has gotten so convoluted I no longer use or recommend it.

2 - The $20/license is for your lifetime. You can install it on every REPLACEMENT computer or HDD you ever buy. (Incredibly cheap when you look at it that way.)

3 - The free version has all the same protection, but updates and scans must be performed manually. To me, just not worth it. Your choice on which way to go.

4 - I also load CCleaner on every computer I touch and wish they had a paid version that would let me schedule updates and runs.

5 - Install MBAM and forget about all other spyware type protection. SAS, SpyBot, etc. They have all (IMO) been far superceded by MBAM. I used to use them all the time, but the folks at MBAM have put together a team of developers that is unbeatable.

6 - Really important - the ONLY free AV I would ever install is MSE. You MUST have on-access - full time scanning going on 24/7 or you and your users will get infected.

7 - Thanks for listening to me rant.
0
 
npg-computersCommented:
All the above comments are right on target.

IMHO Mbam is great and a necessary part of any spyware removal toolkit.  But I usually install spywareterminator (free) plus MSE or Avast on each customer PC before it goes out the door.  If the customer doesn't want to pay for mbam, then spywareterminator is the next best thing for realtime scanning and auto updates.

Combofix = Wonderful.  You may have to uninstall whatever AV you have before running it, but the extra time is well worth it.
0
 
younghvCommented:
As noted above - ComboFix is never loaded as a casual tool.
It is only installed when other applications have not done the repairs needed and it is always uninstalled as soon as you are finished.

In some situations, CF can cause your OS to malfunction.

When your OS is damaged/infected, it is worth the risk because - at worst - you will re-load an OS that isn't working.

It is such a popular and effective tool that many times you will see it recommended as something good to have on your system.

It is not and never should be used that way.
0
 
ralphwalkerdjAuthor Commented:
Younghv and Npg-

Thank you for ranting!  Incredible answers.  There's nothing that seems seriously wrong, so I'll get rid of Combofix.

Does MBAM work for Server 2003? I have a desktop, a laptop, and my music production computer.   Just to make 100% sure, if I buy the licence for $24.95 and I get ANOTHER laptop, would I be able to load it on that?

My other question is IMPORTANT:  I have MSE now running scans and updates at 3AM on Sundays.  

a) Do I need to make sure that MBAM and MSE are scanning and updating at different times?
b) Just to make 100% sure, are these basically the only Virus and Anti-Spyware tools I need?   What do I use to put between my modem and router?
0
 
younghvCommented:
Another great question - and one I had to go to the MBAM forums to find the answer for a couple of days ago.

(1) MBAM is NOT a "supported function" for Servers...but all of the developers use it on their servers.

If you have a "Corporate License" with MBAM (I think about $100/year), they will support you if you have problems.

So the answer is (typical geek) No and yes.
No it isn't supported, but yes it works fine on Server OS.

(2) The license could be used on your new laptop legally if it were replacing another computer. I'm not sure if/how MBAM tracks license installations and use.

(a) I run MSE and MBAM scans concurrently and always have. No conflicts at any time.
(b) That is all I am running (8 computers between wife, son, daughter-in-law, grandchildren, and me). That is all I load on my customer's computers.
(c) Cheap firewall (Linksys/Netgear) that I buy used off Ebay for about $25-35.

I actually wrote an EE Article about this if you would care to read the details (and vote).

http://www.experts-exchange.com/A_1958.html

0
 
npg-computersCommented:
@Ralphwalkerdj

The only reason to have them scan at different times would be for lower CPU utilization.

Yes, they are the only REALTIME tools you need.  With all the malware infected PC's we deal with everyday, I would recommend more than one AV and Anti-spyware tool.  Things such as SuperAntiSpyware, Spywareterminator(manual mode), DrWebs CureIT, etc are all good extras that can be ran manually whenever you feel something just isn't right.  We never rely on just one AV or AS.

As far as what to put between your modem and router, I'm sure you meant a type of firewall, but here's something else - after being in the wireless ISP business for 5 years and seeing LOTS of fried routers and PC's due to lightning, you may consider putting a CAT5 surge protector in-between the modem and router.  Just google CAT5 Surge Protector and you'll find a thousand of them.  Typical cost is $20 to $30.  Well worth it if it stops the surge before it hits your PC.
0
 
npg-computersCommented:
Yes, consider it closed please.
0
 
younghvCommented:
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

  • 7
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now