More on this

Discussion in 'A+ Certification' started by Bill Eitner, Jul 4, 2008.

  1. Bill Eitner

    Bill Eitner Guest

    See the bottom for new text.
    Here's a good reference point from which to start:
    There's a huge difference between having the dough
    for a yacht and keeping one file for testing anti-
    virus programs. Tell me where to go to download
    the little music program and I'll do it. On-demand
    scan it with Bit Defender--that's all I'm asking.
    I'm familiar with HiJack This, but asking people to
    recognize it by "HJT" is asking a lot. It's not
    that well known. A few more keystrokes won't kill
    you or make you look less cool.

    - Hide quoted text -
    - Show quoted text -
    A custom Bart PE disk can make you look
    like a God. I've become fairly well known
    at the school I attend (I'm 44 and am attending
    a trade school in order to change careers).
    Other students know where to find me (the
    computer/electronics/telecom/wireless
    networking lab where I prepped for the A+).
    Most every week I end up straightening out
    at least one or two computers. It's good
    ` experience and I never turn down a chance
    to try and fix a computer. Most are software
    issues like virus infections. In fact the
    huge majority are such. Hardware problems
    are rare even though many of the owners
    think that's what's wrong. For example,
    last week I dealt with a Dell laptop where
    the display would randomly shut off. At
    first it appeared to be a hardware issue
    (the display backlight), but in the end
    it was malware. I installed Bit Defender
    from a hard drive in an enclosure (another
    of my favorite little toys), updated it and
    ran it. It found 20+ malware programs.
    After a half-day (4 hours) of cleaning it
    up the little laptop was working fairly well.

    - Hide quoted text -
    - Show quoted text -
    stiff you.

    And even then maybe you forgive them.
    The trick for a virus author is to be clever.
    Being one of the first to see a new variant
    is not impossible.

    FYI, a good but mostly unknown program that
    can be used as a second line of on-demand
    defense is A-squared free. It can be configured
    to where there is basically no trace of it on a
    box for the most part (manually disable all options
    and services):
    http://www.emsisoft.com/en/software/free/
    That means it can truly co-exist with other
    security software without causing any issues.
    It's another program I use contextually that
    seems to be an above-average detector.

    - Hide quoted text -
    - Show quoted text -
    Personally, I think you're at a level where Bit Defender
    with all options unchecked and nothing else would be
    appropriate. You knew what you were doing when you
    danced with the little music program. You don't need
    a program that looks over your shoulder (checks every
    file you open and every action you take). If you choose
    to run both, be aware of the services that may conflict.
    Disable the Bit Defender services until you need/want to
    use the program. They are: bdss, vsserv, livesrv and xcomm.
    Further, I suggest trying the Bit Defender / A-Squared
    combo. To that you can also add Spybot. Every two weeks
    I manually update and run all three along with a backup of
    everything critical. Because I have a clue, they never find
    anything--but I always do it all just the same.

    Begin the new text here.

    I've just run into a situation that brought me to the conclusion that
    Bit Defender isn't particularly special.

    So, the quoted paragraph above makes me look like an idiot.
    I have to accept that. See below:

    Even though I religiously scan all downloaded executables manually
    and know the difference between safe and risky business online,
    recently I ended up with an annoying variant of the Trojan Vundo.
    As far as I can tell, this variant goes by: Vundo.euo which, trust me,
    isn't widely known. My recommended combo of Bit Defender Free V10 and
    A2 Free didn't see it coming. And, after the fact, Bit Defender didn't
    recognize all of the infected files. It found one--but that wasn't
    enough to stop it. A2 Free didn't see any of it--even at the height
    of the infection.

    Here's the deal with this variant: On an XP box it prevents Explorer
    from running. That means you have no taskbar--no start menu--just the
    background. Newbies won't know how to deal with that at all.
    Guys in the know will know to give a three-finger-salute (alt-ctrl-del)
    to bring up task manger and then manually start another instance (be it
    crippled) of explorer. From there the box is usable but slow.

    There is more to explain, but I'll cut to the chase.

    In my 12 years of experience this was one of the worst infections I've
    ever had to clear--and it was on my own box! In the end, HJT (Hi-Jack
    This) was the key. It exposed a key file that when deleted took out
    the bulk of the infection. From there it was just a mop-up operation
    (delete orphaned files and registry entries).

    So, there you have it.

    Feel free to respond and post your own stories.
     
    Bill Eitner, Jul 4, 2008
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.