Glad u found my explanations helpful, Matthew. On 12/28/10, matthew <[email protected]> wrote: > > Thank you for > that helpful information Jackie. I planned on doing what you said when > others mentioned something similar. Your detailed explanation helped a lot. > > On 12/27/2010 11:19 PM, Jackie McBride wrote: >> Mike, u wrote: >> Hi Jackie; >> >> I am going to take this topic back to one from earlier today. There was a >> discussion about whether or not to run Microsoft Security Essentials& >> Super >> Anti Spyware in Real Time mode at the same time. In your professional >> opinion, if you were running both of these programs how would you run the >> 2? >> Meaning, would you run 1 in Real Time& not the other or, run both in Real >> Time? >> >> Mike, much depends on what the 2 programs do. Let me give a bit of >> background,& then perhaps, by way of that, address your question. >> >> In the not so very distant past, spyware& viruses were pretty much >> distinct entities,& the programs designed to protect the computer >> from each did quite different things. Antivirus programs tended to >> look for what's called "file signatures", e.g., certain strings in >> files that were suggestive of a virus, while antispyware programs >> tended to monitor things like registry changes, where the browser was >> being taken to, etc. That's fairly oversimplified, but the crux was >> that 1 antivirus& 1 antispyware program could generally run together >> in realtime w/o conflict. >> >> Malware has, unfortunately, become much more sophisticated. Viruses >> drop trojans which create a backdoor into your computer& allow all >> kinds of information to be passed to some1, e.g., spyware. Thus, the >> distinction between viruses& spyware--& other types of malware, for >> that matter--have blurred considerably over the past few years. The >> result is that antivirus programs have evolved to become >> antivirus/antispyware programs, trying to become, as it were, all >> protection for all malware, all things to all people, etc. >> >> The answer to your question is that it really depends on what the >> programs do. If the antivirus program confines itself to looking for >> file signatures, etc., while the antispyware program monitors registry >> changes& browser redirects, then it's probably safe. If, on the other >> hand, the 2 programs monitor for similar things, then conflict can& >> does result. The problem further arises when both try to quarantine >> something at the same time, obviously,& it is for this reason that >> malware experts suggest running only 1 realtime security suite type >> program, e.g., antivirus/antispyware program, at any given time. What >> I personally do is to run my antivirus/antispyware program (Avast) in >> realtime. Then I scan w/Superantispyware or MalwareBytes weekly or so, >> just to get rid of tracking cookies& other annoying nasties that may >> have popped up. BTW, 1 thing that can really help keep the bugs in >> check is to simply delete your temporary internet files often--lots& >> lots of crap-ola gets in there. >> >> So what I personally would do would be to run Microsoft Security >> Essentials in realtime,& let SAS be an on-demand scanner. I know some >> listers have run both w/o difficulty, but I can't help wondering what >> would happen if both try to quarantine the same threat--neither 1 >> might win& your protection may well be compromised. I remember >> getting this as a first exercise of my malware removal training,& >> this is pretty much how I answered it then, too,& passed, so >> hopefully it'll suffice. >> >> I hope I've made myself sufficiently clear,& invite further queries >> if I haven't. >> >> Blessings for a wonderful holiday season. >> >> On 12/27/10, Mike& Barbara In Arcadia<[email protected]> wrote: >>> Hi Jackie; >>> >>> I am going to take this topic back to one from earlier today. There was >>> a >>> discussion about whether or not to run Microsoft Security Essentials& >>> Super >>> Anti Spyware in Real Time mode at the same time. In your professional >>> opinion, if you were running both of these programs how would you run the >>> 2? >>> Meaning, would you run 1 in Real Time& not the other or, run both in >>> Real >>> Time? Personally I am not a heavy user of the Internet except for >>> emailing >>> and would like to hear a professional opinion on what the pros& cons >>> might >>> be. I am not trying to discredit any of the ideas/opinions of others >>> that >>> contributed to this topic earlier but, as a amateur computer user and >>> having >>> learned most of what I've learned via trial& error,& lists' like this, >>> I >>> would like to hear from someone who deals with this type of issue on a >>> professional basis. All advice/information will be greatly appreciated. >>> Thanks much. Take care. >>> Mike >>> >>> ----- Original Message ----- >>> From: Jackie McBride >>> To: [email protected] >>> Sent: Monday, December 27, 2010 7:56 PM >>> Subject: Re: [Blind-Computing] removing a virus >>> >>> >>> Andre, if I were working in the environment your nephew is working in, >>> I'd do it that way as well. But u& I both know that most residential >>> & soho customers do not walk around w/recent images of their OS or >>> even backups of their data on a thumb or even an external drive.& >>> it's not possible for us to have clean installation discs of all >>> windows versions, never mind trying to use Magic Jellybean or some >>> such to retrieve the key, cuz half the folks lost their restore discs. >>> & then there's data to back up, etc. Then there's always the rare but >>> interesting forensics issues of some1 trying to sabotage a company& >>> has a virus set to reformat the particular hard drive to try to >>> destroy evidence or bring down a network when certain actions are >>> performed. The best thing to do in cases like this is just to dismount >>> the drive. The way u suggest is easiest but not always practical. >>> >>> On 12/27/10, Betsy Whitney, Dolphin Press<[email protected]> >>> wrote: >>> > Hi Andre, >>> > I suspect that Jackie may work for multiple clients who have their >>> > individual networks and configurations. My brother-in-law does the >>> > same kind of work that I think Jackie does, and he also cleans up >>> > these things the way she does. He says it is because each of the >>> > networks is different and he finds it faster. He also said that >>> > everyone has their preferred way of doing things, and if he were >>> > working on his own network, he might very well do it your way if he >>> > didn't have an alternative. >>> > >>> > Recently Andre Williams wrote: >>> >>Interesting. My nephew works for our city's power company and he >>> says >>> they >>> >>don't bother with any of those procedures as they take too long. He >>> says >>> >> his >>> >>tools consist of a bag full of operating system images and a thumb >>> drive >>> >>with hundreds of serial keys including a password override for >>> terminated >>> >>employees that "can't" remember their passwords. He said he carries >>> a >>> very >>> >>durable but very slow 10-hour battery life laptop when he's out on >>> the >>> >>streets, but when it comes to monitoring computers at work he uses a >>> laptop >>> >>that breaks into 2 parts and becomes a type of mobile unit. >>> >>Andre >>> >> >>> >>----- Original Message ----- >>> >>From: "Jackie McBride"<[email protected]> >>> >>To:<[email protected]> >>> >>Sent: Monday, December 27, 2010 7:02 PM >>> >>Subject: Re: [Blind-Computing] removing a virus >>> >> >>> >> >>> >>Andre, I *routinely* fix these problems because that is what I do >>> for >>> >>a living. As I said, I don't connect my computer that I use to >>> repair >>> >>others' machines to a network& therefore the integrity of that >>> >>network is not in question. I'm trained both in computer forensics >>> as >>> >>well as in malware removal. While I agree that there are times when >>> >>reformatting the operating system is necessary, it often is not. It >>> >>depends on the type of malware infection, how good the tools one has >>> >>for doing such removal, the operator's proficiency w/those tools,& >>> a >>> >>variety of other factors. >>> >> >>> >>On 12/27/10, Andre Williams<[email protected]> wrote: >>> >> > While it might appear all is fine it might not be. You are the >>> best >>> >> > judge >>> >> > of >>> >> > the integrity of your network. I would be concerned about >>> "routinely" >>> >> > having >>> >> > to fix these problems. I'll act on the advice of security >>> experts and >>> do >>> >> > my >>> >> > best to insure any virus whether seemingly harmless to very >>> destructive >>> >> > is >>> >> > not an unknown factor in any of the often strange quirks in >>> Windows >>> >> > world. >>> >> > After an infection a reformat or image recovery gives me this >>> peace >>> of >>> >> > mind. >>> >> > Andre >>> >> > ----- Original Message ----- >>> >> > From: "Jackie McBride"<[email protected]> >>> >> > To:<[email protected]> >>> >> > Sent: Monday, December 27, 2010 6:16 PM >>> >> > Subject: Re: [Blind-Computing] removing a virus >>> >> > >>> >> > >>> >> > I routinely fix these sorts of problems by taking the drive out >>> of >>> the >>> >> > computer, hooking it up to an external device,& then putting >>> it on >>> >> > another computer& running malware scans. I very very seldom >>> have to >>> >> > reformat an OS. >>> >> > >>> >> > Sometimes I do it in Linux, sometimes in Windows. Generally I >>> >> > disconnect the machine from the network. It's also a "fix it" >>> drive >>> >> > w/nothing important in the event it becomes infected, but I've >>> never >>> >> > had that happen, either. >>> >> > >>> >> > On 12/27/10, Andre Williams<[email protected]> >>> wrote: >>> >> >> Yep, I'm right there with you 100%! >>> >> >> Andre >>> >> >> ----- Original Message ----- >>> >> >> From: "Don Marang"<[email protected]> >>> >> >> To:<[email protected]> >>> >> >> Sent: Monday, December 27, 2010 4:28 PM >>> >> >> Subject: Re: [Blind-Computing] removing a virus >>> >> >> >>> >> >> >>> >> >> I agree with Andre completely! Reformatting the hard disk and >>> >> >> reinstalling >>> >> >> the Operating System or recovering from a known good disk >>> image is >>> the >>> >> >> only >>> >> >> way to be sure the malware is removed. Anything short of that >>> will >>> >> >> likely >>> >> >> have a small remnant left over that will infect the whole >>> computer >>> >> >> again >>> >> >> or >>> >> >> will damage necessary system files in the process. >>> >> >> >>> >> >> Most likely, your computer will run faster anyway, since >>> Windows >>> really >>> >> >> needs to be reinstalled about once a year just to clean out >>> the >>> clutter >>> >> >> and >>> >> >> the registry. >>> >> >> >>> >> >> Don Marang >>> >> >> >>> >> >> There is just so much stuff in the world that, to me, is >>> devoid of >>> any >>> >> >> real >>> >> >> substance, value, and content that I just try to make sure >>> that I am >>> >> >> working >>> >> >> on things that matter. >>> >> >> Dean Kamen >>> >> >> >>> >> >> >>> >> >> -------------------------------------------------- >>> >> >> From: "Andre Williams"<[email protected]> >>> >> >> Sent: Monday, December 27, 2010 6:34 PM >>> >> >> To:<[email protected]> >>> >> >> Subject: Re: [Blind-Computing] removing a virus >>> >> >> >>> >> >>> Tell him to reformat and reinstall the operating system. With >>> viruses >>> >> >>> now >>> >> >>> a >>> >> >>> days you can never be sure if they're cleaned off completely >>> In the >>> >> >>> hours >>> >> >>> and possibly days he's going to spend trying to figure this >>> out and >>> >> >>> trying >>> >> >>> to clean his computer he can save himself the time and >>> trouble and >>> >> >>> reformat >>> >> >>> and reload windows in about 2 hours. This happened to me >>> sometime >>> back >>> >> >>> and >>> >> >>> from the time I realized I had a virus placing 300 items on >>> my >>> system >>> >> >>> tray >>> >> >>> until the time I reinstalled and image of my hard drive it >>> must >>> have >>> >> >>> been >>> >> >>> an >>> >> >>> hour. Image for Windows to the rescue! He also poses a danger >>> to >>> other >>> >> >>> computers on the network at his job. >>> >> >>> Andre >>> >> >>> ----- Original Message ----- >>> >> >>> From: "Lenny McHugh"<[email protected]> >>> >> >>> To: "blind computing"<[email protected]> >>> >> >>> Sent: Monday, December 27, 2010 3:23 PM >>> >> >>> Subject: [Blind-Computing] removing a virus >>> >> >>> >>> >> >>> >>> >> >>> I am trying to help a friend remove a virus from his work >>> computer. >>> >> >>> Avg >>> >> >>> did >>> >> >>> identify it and reported that it could not be removed because >>> it >>> was >>> >> >>> in >>> >> >>> memory. He did not write the name down but it is in win32. >>> The >>> >> >>> computer >>> >> >>> can >>> >> >>> only be started in safe mode and if he lets it run it gives a >>> message >>> >> >>> that >>> >> >>> chkdsk should be run with the f switch. That also will not >>> run when >>> >> >>> the >>> >> >>> machine is restarted. He turn system restore off and ran avg >>> and it >>> >> >>> did >>> >> >>> not >>> >> >>> help. >>> >> >>> He is using xp professional. He also ran kapersky and it did >>> not >>> help. >>> >> >>> Any >>> >> >>> quick suggestions? >>> >> >>> Thanks >>> >> >>> --- >>> >> >>> Please visit my home page, it is motivational, educational, >>> >> >>> inspirational >>> >> >>> with a touch of humor. There is also a very extensive >>> resource list >>> >> >>> for >>> >> >>> the >>> >> >>> blind. >>> >> >>> http://www.LennyMcHugh.com >>> >> >>> For answers to frequently asked questions about this list >>> visit: >>> >> >>> http://www.jaws-users.com/help/ >>> >> >>> >>> >> >>> >>> >> >>> For answers to frequently asked questions about this list >>> visit: >>> >> >>> http://www.jaws-users.com/help/ >>> >> >>> >>> >> >> >>> >> >> For answers to frequently asked questions about this list >>> visit: >>> >> >> http://www.jaws-users.com/help/ >>> >> >> >>> >> >> >>> >> >> For answers to frequently asked questions about this list >>> visit: >>> >> >> http://www.jaws-users.com/help/ >>> >> >> >>> >> > >>> >> > >>> >> > -- >>> >> > Change the world--1 deed at a time >>> >> > Jackie McBride >>> >> > Scripting Classes: http://jawsscripting.lonsdalemedia.org >>> >> > homePage: www.abletec.serverheaven.net >>> >> > For technophobes: www.technophoeb.com >>> >> > >>> >> > For answers to frequently asked questions about this list >>> visit: >>> >> > http://www.jaws-users.com/help/ >>> >> > >>> >> > >>> >> > For answers to frequently asked questions about this list >>> visit: >>> >> > http://www.jaws-users.com/help/ >>> >> > >>> >> >>> >> >>> >>-- >>> >>Change the world--1 deed at a time >>> >>Jackie McBride >>> >>Scripting Classes: http://jawsscripting.lonsdalemedia.org >>> >>homePage: www.abletec.serverheaven.net >>> >>For technophobes: www.technophoeb.com >>> >> >>> >>For answers to frequently asked questions about this list visit: >>> >>http://www.jaws-users.com/help/ >>> >> >>> >> >>> >>For answers to frequently asked questions about this list visit: >>> >>http://www.jaws-users.com/help/ >>> > >>> > >>> > For answers to frequently asked questions about this list visit: >>> > http://www.jaws-users.com/help/ >>> > >>> >>> >>> -- >>> Change the world--1 deed at a time >>> Jackie McBride >>> Scripting Classes: http://jawsscripting.lonsdalemedia.org >>> homePage: www.abletec.serverheaven.net >>> For technophobes: www.technophoeb.com >>> >>> For answers to frequently asked questions about this list visit: >>> http://www.jaws-users.com/help/ >>> For answers to frequently asked questions about this list visit: >>> http://www.jaws-users.com/help/ >>> >> > > For answers to frequently asked questions about this list visit: > http://www.jaws-users.com/help/ > Send any questions regarding list management to: > [email protected] >
-- Change the world--1 deed at a time Jackie McBride Scripting Classes: http://jawsscripting.lonsdalemedia.org homePage: www.abletec.serverheaven.net For technophobes: www.technophoeb.com For answers to frequently asked questions about this list visit: http://www.jaws-users.com/help/ Send any questions regarding list management to: [email protected]
