Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

why, or why do I not, need Ad-Aware + MSE?

Posted on 2011-03-03
18
Medium Priority
?
843 Views
Last Modified: 2013-11-22
I've got Ad-Aware and do a scan occassionally. All it finds and removes are tracking cookies. Are these the same ones that can be deleted in:
start > control panel > internet options ?
(causing me to have to re-enter passwords and user names to various sites?

Does MSE do the same things that this new version of Adaware does?
Giving you the power to use the Internet when, where and how you want
Real-time protection against virus, spyware, trojans,
rootkits, hijackers, keyloggers, and more!

I have Windows Vista.

revised:
well, I just did an Adaware scan for the first time in many months. It only found 8 objectionable items when it normally finds over 20-25. Does this mean that my MSE is removing these tracking cookies?

0
Comment
Question by:nickg5
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
  • 5
  • +3
18 Comments
 
LVL 35

Accepted Solution

by:
torimar earned 680 total points
ID: 35032857
1.) Personally, I stopped thinking about Ad-Aware or any other software of that kind when I became acquainted with the free edition of Superantispyware: http://www.superantispyware.com/
I use it for scanning once every 2-3 weeks. By definition, spyware/adware is no malware: it "spies" on you, but does not harm your PC or operating system. So you don't need resident protection.

2.) Presently, the MS Malware Protection Engine which also powers MSE is exploitable: http://www.microsoft.com/technet/security/advisory/2491888.mspx
To my knowledge, no security hotfix has been published so far.

Ergo, of the equation "Ad-Aware + MSE" I'd say you don't really need the first part, and you should be careful with the second one.
0
 
LVL 25

Author Comment

by:nickg5
ID: 35032884
I was using AVG and multiple people recommended MSE, so I switched.
I've used that for maybe 2 weeks, and see no problems.
A full scan does take a long time, though.
0
 
LVL 38

Expert Comment

by:younghv
ID: 35032954
Whoa!
I don't read that advisory anywhere near an 'exploit'.
The DAT file updates are all you need - and it only applied if someone had already created an account they can access.

Read through the details again and please point out to me what I am missing.
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
LVL 5

Assisted Solution

by:sweeps
sweeps earned 320 total points
ID: 35032972
The best program for AV that I have used for the last 6 months is Avast antivirus free edition.  It runs active and will block items from websites as you go to the sites and pops a warning telling you what it blocks.  It is a nice piece of software.  Most of our IT department uses it and are very happy with it.  It does block malware and spyware.

http://www.avast.com/free-antivirus-download

as torimar said superantispyware is a nice anti spyware/malware software also.  
0
 
LVL 84

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 240 total points
ID: 35033101
I agree with @sweeps, Avast is the best for me.  I have MSE on one computer and AVG Free on another and they work alright.  Also, Avast will work with SpyBot which I've been using longer than I can remember.
0
 
LVL 35

Expert Comment

by:torimar
ID: 35033219
>> "I don't read that advisory anywhere near an 'exploit'."

Quote: "An attacker who successfully exploited the vulnerability could gain the same user rights as the LocalSystem account. The vulnerability could not be exploited by anonymous users."

This talks about exploitation twice. On top of that, the vulnerability received the highest Exploitability Index Assessment.


>> "... and it only applied if someone had already created an account they can access"

Not necessarily created; rather hacked or social engineered. Yes, that is the whole point about elevation/escalation of privileges: http://en.wikipedia.org/wiki/Privilege_escalation#Background
You start off with a hacked normal user account, which is often more exposed and less secured, and then expand your privileges to SYSTEM or administrator by means of exploiting known vulnerabilities.
0
 
LVL 38

Expert Comment

by:younghv
ID: 35033268
Try reading the part that includes the date of the alert (23rd Feb) and that it would be fixed within 48 hours.
0
 
LVL 35

Expert Comment

by:torimar
ID: 35033318
Yes, I forgot to admit that you were right about this:
The vulnerability was indeed removed in Version 1.1.6603.0 of the MPE and will have been addressed about a week ago for those who apply regular updates.

It was, however, still an unaddressed issue when the asker of this question switched to MSE because multiple people recommended it to him.
0
 
LVL 23

Assisted Solution

by:phototropic
phototropic earned 340 total points
ID: 35034490
AdAware was first developed in 1999, and for a long time it was part of a triumvirate (along with Spybot and ZoneAlarm) that I would use to clean and protect users' computers.

As USB modems began to be replaced with ethernet routers, the need for ZoneAlarm began to diminish.  

By 2007, newer, faster and more effective apps had appeared. Of these, the most notable were Malwarebytes' AntiMalware (Mbam) and SuperAntiSpyware (SAS) - both terrible names which make the programs sound like rogue scamware!!!  
(I actually had some fun trying to get ee experts to suggest a better name for SAS here: http://www.experts-exchange.com/Software/Internet_Email/Anti-Virus/Q_22871434.html )

Both Spybot and Adaware are still around, but I have not used either in years, simply because they are not as efficient or effective as other software.

Microsoft Security Essentials, on the other hand, is an excellent  free antivirus software product created by Microsoft and released just over a year ago.  It has received consistently good reviews and is both free and very light on resources.

To answer your question, you do need some sort of real-time av scanner, and MSE will do nicely.  If you require a free adware/spyware scanner which you update and run manually, you would be much better off, IMHO, replacing Adaware with SAS:

http://www.superantispyware.com/download.html

or with Mbam:

http://www.malwarebytes.org/mbam.php
0
 
LVL 25

Author Comment

by:nickg5
ID: 35036453
will take a look at all suggestions.

Someone recommended, above, Avast.
On another thread, someone said that MSE used less "resources" (power, speed, etc) than either AVG or Avast.
0
 
LVL 38

Expert Comment

by:younghv
ID: 35036485
If I remember correctly, term I used is that it is less "processor" and "RAM" intensive.

You can also 'throttle' just what % of your processor that MSE uses, but you are always better off scheduling such activity in the "off-hours" when it won't interfere with your normal activity.
0
 
LVL 25

Author Comment

by:nickg5
ID: 35117424
sweeps:
from your comment above, does MSE block malware and spyware?

If not, I'd need MSE plus something else?

and Avast is a virus protector and also blocks malware and spyware?
0
 
LVL 38

Assisted Solution

by:younghv
younghv earned 420 total points
ID: 35117547
nickg -
Somewhere I have a standard post about "Defense in Depth" - an old Military term that definitely applies to fighting malware.

MSE provides a variety of protections, but (IMO) you must back that up with a good solid anti-spyware applications (Malwarebytes Pro), plus a hardware firewall.

Proper Cookie handling in your browser can help some, as will modifying/protecting your HOSTS file.

This was from 2008 - but still works:
**********
I have never been a fan of any software FW product. Use the native XP/Vista FW on your computers and add a small Linksys FW/Router (hardware) at your incoming internet connection.

Use a pre-built "HOSTS" protection (http://www.mvps.org/winhelp2002/hosts.htm) and sign up for their auto-mailer to notify you of updates.

Cookies - "First Party" set to 'Prompt' (Allow Session) and "Third Party" set to 'Block'.
0
 
LVL 35

Expert Comment

by:torimar
ID: 35117844
"and Avast is a virus protector and also blocks malware and spyware?"

Isn't a virus malware? An AV system that doesn't block malware wouldn't be an AV system. Avast does of course include spyware and malware protection. Here's what it does, you can check for yourself and see the difference between versions:
http://www.avast.com/en-gb/free-antivirus-download

I've been using the free version of avast for years.
0
 
LVL 38

Assisted Solution

by:younghv
younghv earned 420 total points
ID: 35117880
@torimar - agreed!

I call all the bad stuff 'malware' - even though I've had more than a few people take me to task for it. *shrug*
:)

Some basic points I was trying to make are included here:
http://www.experts-exchange.com/A_1958.html (MALWARE - "An Ounce of Prevention...")
0
 
LVL 25

Author Comment

by:nickg5
ID: 35117985
torimar:
so you are using Avast exclusively and not MSE + "something else"?
0
 
LVL 35

Assisted Solution

by:torimar
torimar earned 680 total points
ID: 35118036
I use Avast pretty much exclusively, and - as I said above in my first post - I use Superantispyware from time to time, but not as a resident scanner. Should there be a reason to suspect an infection (which is very very rarely the case, because I seem to have good habits and because I tend to use only non-Microsoft products), then I use the free version of Malwarebyte's for a complete second-opinion scan.

If there were anything to improve about this setup, I'd consider using Threatfire additionally: http://www.threatfire.com/
It's a free behavioural scanner that was designed to work well together with conventional AV software.
But then, the recent new version of Avast (avast 6) is said to have greatly improved on behavioural analysis, so TF may not even be necessary.
0
 
LVL 25

Author Closing Comment

by:nickg5
ID: 35118082
-
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PREFACE The purpose of this guide is to explain how to manually move a SEP client to a different client group by performing steps on the client-side. These steps may prove particularly useful because they allow the client to move after it has alrea…
OVERVIEW This guide provides information on the process performed when the Symantec Endpoint Protection (SEP) client checks in with the Symantec Endpoint Protection Manager (SEPM). AUDIENCE Information Technology personnel responsible for suppo…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question