Solved

why, or why do I not, need Ad-Aware + MSE?

Posted on 2011-03-03
18
805 Views
Last Modified: 2013-11-22
I've got Ad-Aware and do a scan occassionally. All it finds and removes are tracking cookies. Are these the same ones that can be deleted in:
start > control panel > internet options ?
(causing me to have to re-enter passwords and user names to various sites?

Does MSE do the same things that this new version of Adaware does?
Giving you the power to use the Internet when, where and how you want
Real-time protection against virus, spyware, trojans,
rootkits, hijackers, keyloggers, and more!

I have Windows Vista.

revised:
well, I just did an Adaware scan for the first time in many months. It only found 8 objectionable items when it normally finds over 20-25. Does this mean that my MSE is removing these tracking cookies?

0
Comment
Question by:nickg5
  • 5
  • 5
  • 5
  • +3
18 Comments
 
LVL 35

Accepted Solution

by:
torimar earned 170 total points
ID: 35032857
1.) Personally, I stopped thinking about Ad-Aware or any other software of that kind when I became acquainted with the free edition of Superantispyware: http://www.superantispyware.com/
I use it for scanning once every 2-3 weeks. By definition, spyware/adware is no malware: it "spies" on you, but does not harm your PC or operating system. So you don't need resident protection.

2.) Presently, the MS Malware Protection Engine which also powers MSE is exploitable: http://www.microsoft.com/technet/security/advisory/2491888.mspx
To my knowledge, no security hotfix has been published so far.

Ergo, of the equation "Ad-Aware + MSE" I'd say you don't really need the first part, and you should be careful with the second one.
0
 
LVL 25

Author Comment

by:nickg5
ID: 35032884
I was using AVG and multiple people recommended MSE, so I switched.
I've used that for maybe 2 weeks, and see no problems.
A full scan does take a long time, though.
0
 
LVL 38

Expert Comment

by:younghv
ID: 35032954
Whoa!
I don't read that advisory anywhere near an 'exploit'.
The DAT file updates are all you need - and it only applied if someone had already created an account they can access.

Read through the details again and please point out to me what I am missing.
0
 
LVL 5

Assisted Solution

by:sweeps
sweeps earned 80 total points
ID: 35032972
The best program for AV that I have used for the last 6 months is Avast antivirus free edition.  It runs active and will block items from websites as you go to the sites and pops a warning telling you what it blocks.  It is a nice piece of software.  Most of our IT department uses it and are very happy with it.  It does block malware and spyware.

http://www.avast.com/free-antivirus-download

as torimar said superantispyware is a nice anti spyware/malware software also.  
0
 
LVL 82

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 60 total points
ID: 35033101
I agree with @sweeps, Avast is the best for me.  I have MSE on one computer and AVG Free on another and they work alright.  Also, Avast will work with SpyBot which I've been using longer than I can remember.
0
 
LVL 35

Expert Comment

by:torimar
ID: 35033219
>> "I don't read that advisory anywhere near an 'exploit'."

Quote: "An attacker who successfully exploited the vulnerability could gain the same user rights as the LocalSystem account. The vulnerability could not be exploited by anonymous users."

This talks about exploitation twice. On top of that, the vulnerability received the highest Exploitability Index Assessment.


>> "... and it only applied if someone had already created an account they can access"

Not necessarily created; rather hacked or social engineered. Yes, that is the whole point about elevation/escalation of privileges: http://en.wikipedia.org/wiki/Privilege_escalation#Background
You start off with a hacked normal user account, which is often more exposed and less secured, and then expand your privileges to SYSTEM or administrator by means of exploiting known vulnerabilities.
0
 
LVL 38

Expert Comment

by:younghv
ID: 35033268
Try reading the part that includes the date of the alert (23rd Feb) and that it would be fixed within 48 hours.
0
 
LVL 35

Expert Comment

by:torimar
ID: 35033318
Yes, I forgot to admit that you were right about this:
The vulnerability was indeed removed in Version 1.1.6603.0 of the MPE and will have been addressed about a week ago for those who apply regular updates.

It was, however, still an unaddressed issue when the asker of this question switched to MSE because multiple people recommended it to him.
0
 
LVL 23

Assisted Solution

by:phototropic
phototropic earned 85 total points
ID: 35034490
AdAware was first developed in 1999, and for a long time it was part of a triumvirate (along with Spybot and ZoneAlarm) that I would use to clean and protect users' computers.

As USB modems began to be replaced with ethernet routers, the need for ZoneAlarm began to diminish.  

By 2007, newer, faster and more effective apps had appeared. Of these, the most notable were Malwarebytes' AntiMalware (Mbam) and SuperAntiSpyware (SAS) - both terrible names which make the programs sound like rogue scamware!!!  
(I actually had some fun trying to get ee experts to suggest a better name for SAS here: http://www.experts-exchange.com/Software/Internet_Email/Anti-Virus/Q_22871434.html )

Both Spybot and Adaware are still around, but I have not used either in years, simply because they are not as efficient or effective as other software.

Microsoft Security Essentials, on the other hand, is an excellent  free antivirus software product created by Microsoft and released just over a year ago.  It has received consistently good reviews and is both free and very light on resources.

To answer your question, you do need some sort of real-time av scanner, and MSE will do nicely.  If you require a free adware/spyware scanner which you update and run manually, you would be much better off, IMHO, replacing Adaware with SAS:

http://www.superantispyware.com/download.html

or with Mbam:

http://www.malwarebytes.org/mbam.php
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 25

Author Comment

by:nickg5
ID: 35036453
will take a look at all suggestions.

Someone recommended, above, Avast.
On another thread, someone said that MSE used less "resources" (power, speed, etc) than either AVG or Avast.
0
 
LVL 38

Expert Comment

by:younghv
ID: 35036485
If I remember correctly, term I used is that it is less "processor" and "RAM" intensive.

You can also 'throttle' just what % of your processor that MSE uses, but you are always better off scheduling such activity in the "off-hours" when it won't interfere with your normal activity.
0
 
LVL 25

Author Comment

by:nickg5
ID: 35117424
sweeps:
from your comment above, does MSE block malware and spyware?

If not, I'd need MSE plus something else?

and Avast is a virus protector and also blocks malware and spyware?
0
 
LVL 38

Assisted Solution

by:younghv
younghv earned 105 total points
ID: 35117547
nickg -
Somewhere I have a standard post about "Defense in Depth" - an old Military term that definitely applies to fighting malware.

MSE provides a variety of protections, but (IMO) you must back that up with a good solid anti-spyware applications (Malwarebytes Pro), plus a hardware firewall.

Proper Cookie handling in your browser can help some, as will modifying/protecting your HOSTS file.

This was from 2008 - but still works:
**********
I have never been a fan of any software FW product. Use the native XP/Vista FW on your computers and add a small Linksys FW/Router (hardware) at your incoming internet connection.

Use a pre-built "HOSTS" protection (http://www.mvps.org/winhelp2002/hosts.htm) and sign up for their auto-mailer to notify you of updates.

Cookies - "First Party" set to 'Prompt' (Allow Session) and "Third Party" set to 'Block'.
0
 
LVL 35

Expert Comment

by:torimar
ID: 35117844
"and Avast is a virus protector and also blocks malware and spyware?"

Isn't a virus malware? An AV system that doesn't block malware wouldn't be an AV system. Avast does of course include spyware and malware protection. Here's what it does, you can check for yourself and see the difference between versions:
http://www.avast.com/en-gb/free-antivirus-download

I've been using the free version of avast for years.
0
 
LVL 38

Assisted Solution

by:younghv
younghv earned 105 total points
ID: 35117880
@torimar - agreed!

I call all the bad stuff 'malware' - even though I've had more than a few people take me to task for it. *shrug*
:)

Some basic points I was trying to make are included here:
http://www.experts-exchange.com/A_1958.html (MALWARE - "An Ounce of Prevention...")
0
 
LVL 25

Author Comment

by:nickg5
ID: 35117985
torimar:
so you are using Avast exclusively and not MSE + "something else"?
0
 
LVL 35

Assisted Solution

by:torimar
torimar earned 170 total points
ID: 35118036
I use Avast pretty much exclusively, and - as I said above in my first post - I use Superantispyware from time to time, but not as a resident scanner. Should there be a reason to suspect an infection (which is very very rarely the case, because I seem to have good habits and because I tend to use only non-Microsoft products), then I use the free version of Malwarebyte's for a complete second-opinion scan.

If there were anything to improve about this setup, I'd consider using Threatfire additionally: http://www.threatfire.com/
It's a free behavioural scanner that was designed to work well together with conventional AV software.
But then, the recent new version of Avast (avast 6) is said to have greatly improved on behavioural analysis, so TF may not even be necessary.
0
 
LVL 25

Author Closing Comment

by:nickg5
ID: 35118082
-
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
End Point Protection 11 70
Identifying virus/malware after an attack 8 98
antispam / virus gateway 5 47
How to remove Odin ransomware ? 11 157
PREFACE The purpose of this guide is to explain how to manually move a SEP client to a different client group by performing steps on the client-side. These steps may prove particularly useful because they allow the client to move after it has alrea…
PREFACE The purpose of this guide is to provide information to successfully add specific IIS 7.0 role services for the Symantec Endpoint Protection Manager (SEPM) to function properly when installed on Windows 2008. AUDIENCE Information Technol…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video discusses moving either the default database or any database to a new volume.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now