Mike, u wrote: Hi Jackie; I am going to take this topic back to one from earlier today. There was a discussion about whether or not to run Microsoft Security Essentials & Super Anti Spyware in Real Time mode at the same time. In your professional opinion, if you were running both of these programs how would you run the 2? Meaning, would you run 1 in Real Time & not the other or, run both in Real Time?
Mike, much depends on what the 2 programs do. Let me give a bit of background, & then perhaps, by way of that, address your question. In the not so very distant past, spyware & viruses were pretty much distinct entities, & the programs designed to protect the computer from each did quite different things. Antivirus programs tended to look for what's called "file signatures", e.g., certain strings in files that were suggestive of a virus, while antispyware programs tended to monitor things like registry changes, where the browser was being taken to, etc. That's fairly oversimplified, but the crux was that 1 antivirus & 1 antispyware program could generally run together in realtime w/o conflict. Malware has, unfortunately, become much more sophisticated. Viruses drop trojans which create a backdoor into your computer & allow all kinds of information to be passed to some1, e.g., spyware. Thus, the distinction between viruses & spyware--& other types of malware, for that matter--have blurred considerably over the past few years. The result is that antivirus programs have evolved to become antivirus/antispyware programs, trying to become, as it were, all protection for all malware, all things to all people, etc. The answer to your question is that it really depends on what the programs do. If the antivirus program confines itself to looking for file signatures, etc., while the antispyware program monitors registry changes & browser redirects, then it's probably safe. If, on the other hand, the 2 programs monitor for similar things, then conflict can & does result. The problem further arises when both try to quarantine something at the same time, obviously, & it is for this reason that malware experts suggest running only 1 realtime security suite type program, e.g., antivirus/antispyware program, at any given time. What I personally do is to run my antivirus/antispyware program (Avast) in realtime. Then I scan w/Superantispyware or MalwareBytes weekly or so, just to get rid of tracking cookies & other annoying nasties that may have popped up. BTW, 1 thing that can really help keep the bugs in check is to simply delete your temporary internet files often--lots & lots of crap-ola gets in there. So what I personally would do would be to run Microsoft Security Essentials in realtime, & let SAS be an on-demand scanner. I know some listers have run both w/o difficulty, but I can't help wondering what would happen if both try to quarantine the same threat--neither 1 might win & your protection may well be compromised. I remember getting this as a first exercise of my malware removal training, & this is pretty much how I answered it then, too, & passed, so hopefully it'll suffice. I hope I've made myself sufficiently clear, & invite further queries if I haven't. Blessings for a wonderful holiday season. On 12/27/10, Mike & Barbara In Arcadia <[email protected]> wrote: > Hi Jackie; > > I am going to take this topic back to one from earlier today. There was a > discussion about whether or not to run Microsoft Security Essentials & Super > Anti Spyware in Real Time mode at the same time. In your professional > opinion, if you were running both of these programs how would you run the 2? > Meaning, would you run 1 in Real Time & not the other or, run both in Real > Time? Personally I am not a heavy user of the Internet except for emailing > and would like to hear a professional opinion on what the pros & cons might > be. I am not trying to discredit any of the ideas/opinions of others that > contributed to this topic earlier but, as a amateur computer user and having > learned most of what I've learned via trial & error, & lists' like this, I > would like to hear from someone who deals with this type of issue on a > professional basis. All advice/information will be greatly appreciated. > Thanks much. Take care. > Mike > > ----- Original Message ----- > From: Jackie McBride > To: [email protected] > Sent: Monday, December 27, 2010 7:56 PM > Subject: Re: [Blind-Computing] removing a virus > > > Andre, if I were working in the environment your nephew is working in, > I'd do it that way as well. But u & I both know that most residential > & soho customers do not walk around w/recent images of their OS or > even backups of their data on a thumb or even an external drive. & > it's not possible for us to have clean installation discs of all > windows versions, never mind trying to use Magic Jellybean or some > such to retrieve the key, cuz half the folks lost their restore discs. > & then there's data to back up, etc. Then there's always the rare but > interesting forensics issues of some1 trying to sabotage a company & > has a virus set to reformat the particular hard drive to try to > destroy evidence or bring down a network when certain actions are > performed. The best thing to do in cases like this is just to dismount > the drive. The way u suggest is easiest but not always practical. > > On 12/27/10, Betsy Whitney, Dolphin Press <[email protected]> wrote: > > Hi Andre, > > I suspect that Jackie may work for multiple clients who have their > > individual networks and configurations. My brother-in-law does the > > same kind of work that I think Jackie does, and he also cleans up > > these things the way she does. He says it is because each of the > > networks is different and he finds it faster. He also said that > > everyone has their preferred way of doing things, and if he were > > working on his own network, he might very well do it your way if he > > didn't have an alternative. > > > > Recently Andre Williams wrote: > >>Interesting. My nephew works for our city's power company and he says > they > >>don't bother with any of those procedures as they take too long. He says > >> his > >>tools consist of a bag full of operating system images and a thumb drive > >>with hundreds of serial keys including a password override for > terminated > >>employees that "can't" remember their passwords. He said he carries a > very > >>durable but very slow 10-hour battery life laptop when he's out on the > >>streets, but when it comes to monitoring computers at work he uses a > laptop > >>that breaks into 2 parts and becomes a type of mobile unit. > >>Andre > >> > >>----- Original Message ----- > >>From: "Jackie McBride" <[email protected]> > >>To: <[email protected]> > >>Sent: Monday, December 27, 2010 7:02 PM > >>Subject: Re: [Blind-Computing] removing a virus > >> > >> > >>Andre, I *routinely* fix these problems because that is what I do for > >>a living. As I said, I don't connect my computer that I use to repair > >>others' machines to a network & therefore the integrity of that > >>network is not in question. I'm trained both in computer forensics as > >>well as in malware removal. While I agree that there are times when > >>reformatting the operating system is necessary, it often is not. It > >>depends on the type of malware infection, how good the tools one has > >>for doing such removal, the operator's proficiency w/those tools, & a > >>variety of other factors. > >> > >>On 12/27/10, Andre Williams <[email protected]> wrote: > >> > While it might appear all is fine it might not be. You are the best > >> > judge > >> > of > >> > the integrity of your network. I would be concerned about "routinely" > >> > having > >> > to fix these problems. I'll act on the advice of security experts and > do > >> > my > >> > best to insure any virus whether seemingly harmless to very > destructive > >> > is > >> > not an unknown factor in any of the often strange quirks in Windows > >> > world. > >> > After an infection a reformat or image recovery gives me this peace > of > >> > mind. > >> > Andre > >> > ----- Original Message ----- > >> > From: "Jackie McBride" <[email protected]> > >> > To: <[email protected]> > >> > Sent: Monday, December 27, 2010 6:16 PM > >> > Subject: Re: [Blind-Computing] removing a virus > >> > > >> > > >> > I routinely fix these sorts of problems by taking the drive out of > the > >> > computer, hooking it up to an external device, & then putting it on > >> > another computer & running malware scans. I very very seldom have to > >> > reformat an OS. > >> > > >> > Sometimes I do it in Linux, sometimes in Windows. Generally I > >> > disconnect the machine from the network. It's also a "fix it" drive > >> > w/nothing important in the event it becomes infected, but I've never > >> > had that happen, either. > >> > > >> > On 12/27/10, Andre Williams <[email protected]> wrote: > >> >> Yep, I'm right there with you 100%! > >> >> Andre > >> >> ----- Original Message ----- > >> >> From: "Don Marang" <[email protected]> > >> >> To: <[email protected]> > >> >> Sent: Monday, December 27, 2010 4:28 PM > >> >> Subject: Re: [Blind-Computing] removing a virus > >> >> > >> >> > >> >> I agree with Andre completely! Reformatting the hard disk and > >> >> reinstalling > >> >> the Operating System or recovering from a known good disk image is > the > >> >> only > >> >> way to be sure the malware is removed. Anything short of that will > >> >> likely > >> >> have a small remnant left over that will infect the whole computer > >> >> again > >> >> or > >> >> will damage necessary system files in the process. > >> >> > >> >> Most likely, your computer will run faster anyway, since Windows > really > >> >> needs to be reinstalled about once a year just to clean out the > clutter > >> >> and > >> >> the registry. > >> >> > >> >> Don Marang > >> >> > >> >> There is just so much stuff in the world that, to me, is devoid of > any > >> >> real > >> >> substance, value, and content that I just try to make sure that I am > >> >> working > >> >> on things that matter. > >> >> Dean Kamen > >> >> > >> >> > >> >> -------------------------------------------------- > >> >> From: "Andre Williams" <[email protected]> > >> >> Sent: Monday, December 27, 2010 6:34 PM > >> >> To: <[email protected]> > >> >> Subject: Re: [Blind-Computing] removing a virus > >> >> > >> >>> Tell him to reformat and reinstall the operating system. With > viruses > >> >>> now > >> >>> a > >> >>> days you can never be sure if they're cleaned off completely In the > >> >>> hours > >> >>> and possibly days he's going to spend trying to figure this out and > >> >>> trying > >> >>> to clean his computer he can save himself the time and trouble and > >> >>> reformat > >> >>> and reload windows in about 2 hours. This happened to me sometime > back > >> >>> and > >> >>> from the time I realized I had a virus placing 300 items on my > system > >> >>> tray > >> >>> until the time I reinstalled and image of my hard drive it must > have > >> >>> been > >> >>> an > >> >>> hour. Image for Windows to the rescue! He also poses a danger to > other > >> >>> computers on the network at his job. > >> >>> Andre > >> >>> ----- Original Message ----- > >> >>> From: "Lenny McHugh" <[email protected]> > >> >>> To: "blind computing" <[email protected]> > >> >>> Sent: Monday, December 27, 2010 3:23 PM > >> >>> Subject: [Blind-Computing] removing a virus > >> >>> > >> >>> > >> >>> I am trying to help a friend remove a virus from his work computer. > >> >>> Avg > >> >>> did > >> >>> identify it and reported that it could not be removed because it > was > >> >>> in > >> >>> memory. He did not write the name down but it is in win32. The > >> >>> computer > >> >>> can > >> >>> only be started in safe mode and if he lets it run it gives a > message > >> >>> that > >> >>> chkdsk should be run with the f switch. That also will not run when > >> >>> the > >> >>> machine is restarted. He turn system restore off and ran avg and it > >> >>> did > >> >>> not > >> >>> help. > >> >>> He is using xp professional. He also ran kapersky and it did not > help. > >> >>> Any > >> >>> quick suggestions? > >> >>> Thanks > >> >>> --- > >> >>> Please visit my home page, it is motivational, educational, > >> >>> inspirational > >> >>> with a touch of humor. There is also a very extensive resource list > >> >>> for > >> >>> the > >> >>> blind. > >> >>> http://www.LennyMcHugh.com > >> >>> For answers to frequently asked questions about this list visit: > >> >>> http://www.jaws-users.com/help/ > >> >>> > >> >>> > >> >>> For answers to frequently asked questions about this list visit: > >> >>> http://www.jaws-users.com/help/ > >> >>> > >> >> > >> >> For answers to frequently asked questions about this list visit: > >> >> http://www.jaws-users.com/help/ > >> >> > >> >> > >> >> For answers to frequently asked questions about this list visit: > >> >> http://www.jaws-users.com/help/ > >> >> > >> > > >> > > >> > -- > >> > Change the world--1 deed at a time > >> > Jackie McBride > >> > Scripting Classes: http://jawsscripting.lonsdalemedia.org > >> > homePage: www.abletec.serverheaven.net > >> > For technophobes: www.technophoeb.com > >> > > >> > For answers to frequently asked questions about this list visit: > >> > http://www.jaws-users.com/help/ > >> > > >> > > >> > For answers to frequently asked questions about this list visit: > >> > http://www.jaws-users.com/help/ > >> > > >> > >> > >>-- > >>Change the world--1 deed at a time > >>Jackie McBride > >>Scripting Classes: http://jawsscripting.lonsdalemedia.org > >>homePage: www.abletec.serverheaven.net > >>For technophobes: www.technophoeb.com > >> > >>For answers to frequently asked questions about this list visit: > >>http://www.jaws-users.com/help/ > >> > >> > >>For answers to frequently asked questions about this list visit: > >>http://www.jaws-users.com/help/ > > > > > > For answers to frequently asked questions about this list visit: > > http://www.jaws-users.com/help/ > > > > > -- > Change the world--1 deed at a time > Jackie McBride > Scripting Classes: http://jawsscripting.lonsdalemedia.org > homePage: www.abletec.serverheaven.net > For technophobes: www.technophoeb.com > > For answers to frequently asked questions about this list visit: > http://www.jaws-users.com/help/ > For answers to frequently asked questions about this list visit: > http://www.jaws-users.com/help/ > -- Change the world--1 deed at a time Jackie McBride Scripting Classes: http://jawsscripting.lonsdalemedia.org homePage: www.abletec.serverheaven.net For technophobes: www.technophoeb.com For answers to frequently asked questions about this list visit: http://www.jaws-users.com/help/
