FAQ for Microsoft Security Essentials, Scanning, Detecting and Removing

[~BD~]

FAQ for Microsoft Security Essentials, Scanning, Detecting and Removing
Threats, here:-

http://answers.microsoft.com/en-us/p...9-01aba839ba1f

In the first part, there is this statement:-

"Speaking from experience, it's doubtful that MSE or any other
anti-virus/antispyware application would install (or install properly)
on an already-infected computer."

Do readers here agree with this?

TIA

[Dustin]

~BD~ <~BD~@nomail.afraid.org> wrote in
news:j487ki$b9i$1@dont-email.me:

> In the first part, there is this statement:-
>
> "Speaking from experience, it's doubtful that MSE or any other
> anti-virus/antispyware application would install (or install
> properly) on an already-infected computer."

Although I don't have the full text; depending on the situation, yes I'd
have to agree based on field experience.

Don't take that as an agree on all cases, ok? It's just some malware is a
bit more difficult then others.

--
I am a sinner
Hold my prayers upto the sun
I am a sinner
Heaven's closed for what I've done.

[David H. Lipman]

From: "~BD~" <~BD~@nomail.afraid.org>

> FAQ for Microsoft Security Essentials, Scanning, Detecting and Removing Threats, here:-
>
> http://answers.microsoft.com/en-us/p...9-01aba839ba1f
>
> In the first part, there is this statement:-
>
> "Speaking from experience, it's doubtful that MSE or any other anti-virus/antispyware
> application would install (or install properly) on an already-infected computer."
>
> Do readers here agree with this?
>

It is true for *all* anti malware software as well as the blocking of use of utilities
such as the OS TaskManager, Process Explorer, TCPView, AutoRuns, HiJack This!, etc.

Malware may use different forms of "self preservation" techniques. This will include
blocking the installation of anti malware software and blocking the execution of utilities
that may be used in the identification and removal of malware through manual processes.
Additionally malware may block the execution of any EXE file subsequent to the malware
being loaded into memory. This is why you will see recommendations to copy a utility or
executable such as 'MBAM.EXE' to 'boaterdave.com' to thwart such self preservation
techniques.



--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp

[~BD~]

Dustin wrote:
> ~BD~<~BD~@nomail.afraid.org> wrote in
> news:j487ki$b9i$1@dont-email.me:
>
>> In the first part, there is this statement:-
>>
>> "Speaking from experience, it's doubtful that MSE or any other
>> anti-virus/antispyware application would install (or install
>> properly) on an already-infected computer."
>
> Although I don't have the full text;

I gave you the link!

> depending on the situation, yes I'd
> have to agree based on field experience.

OK - thanks. :-)

> Don't take that as an agree on all cases, ok? It's just some malware is a
> bit more difficult then others.

I have no doubt that the malware writers now have great skill in their
ability to thwart the efforts of the anti-malware companies.

[~BD~]

David H. Lipman wrote:
> From: "~BD~"<~BD~@nomail.afraid.org>
>
>> FAQ for Microsoft Security Essentials, Scanning, Detecting and Removing Threats, here:-
>>
>> http://answers.microsoft.com/en-us/p...9-01aba839ba1f
>>
>> In the first part, there is this statement:-
>>
>> "Speaking from experience, it's doubtful that MSE or any other anti-virus/antispyware
>> application would install (or install properly) on an already-infected computer."
>>
>> Do readers here agree with this?
>>
>
> It is true for *all* anti malware software as well as the blocking of use of utilities
> such as the OS TaskManager, Process Explorer, TCPView, AutoRuns, HiJack This!, etc.
>
> Malware may use different forms of "self preservation" techniques. This will include
> blocking the installation of anti malware software and blocking the execution of utilities
> that may be used in the identification and removal of malware through manual processes.
> Additionally malware may block the execution of any EXE file subsequent to the malware
> being loaded into memory. This is why you will see recommendations to copy a utility or
> executable such as 'MBAM.EXE' to 'boaterdave.com' to thwart such self preservation
> techniques.


Many thanks for your comments, Mr Lipman.

It's all a bit of a minefield for an 'ordinary' computer user!

[Dustin]

~BD~ <~BD~@nomail.afraid.org> wrote in
news:j48kii$7ka$1@dont-email.me:

> I have no doubt that the malware writers now have great skill in
> their ability to thwart the efforts of the anti-malware companies.

It's not about skill anymore. It's about the $$$ now.


--
I am a sinner
Hold my prayers upto the sun
I am a sinner
Heaven's closed for what I've done.

[David H. Lipman]

From: "Dustin" <bughunter.dustin@gmail.com>

> ~BD~ <~BD~@nomail.afraid.org> wrote in
> news:j48kii$7ka$1@dont-email.me:
>
>> I have no doubt that the malware writers now have great skill in
>> their ability to thwart the efforts of the anti-malware companies.
>
> It's not about skill anymore. It's about the $$$ now.
>


+1

--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp

[FromTheRafters]

"~BD~" <~BD~@nomail.afraid.org> wrote in message
news:j487ki$b9i$1@dont-email.me...
> FAQ for Microsoft Security Essentials, Scanning, Detecting and Removing
> Threats, here:-
>
> http://answers.microsoft.com/en-us/p...9-01aba839ba1f
>
> In the first part, there is this statement:-
>
> "Speaking from experience, it's doubtful that MSE or any other
> anti-virus/antispyware application would install (or install properly) on an
> already-infected computer."
>
> Do readers here agree with this?

It depends on the infection.

[~BD~]

David H. Lipman wrote:
> From: "Dustin"<bughunter.dustin@gmail.com>
>
>> ~BD~<~BD~@nomail.afraid.org> wrote in
>> news:j48kii$7ka$1@dont-email.me:
>>
>>> I have no doubt that the malware writers now have great skill in
>>> their ability to thwart the efforts of the anti-malware companies.
>>
>> It's not about skill anymore. It's about the $$$ now.
>>
>
>
> +1
>

I recognise that because the bad guys are making $billions, they can
afford to pay *far more* to the gurus than can the anti-malware companies.

The good guys are likely to be the losers!

[FromTheRafters]

"~BD~" <~BD~@nomail.afraid.org> wrote in message
news:j4adm6$3lg$1@dont-email.me...
> David H. Lipman wrote:
>> From: "Dustin"<bughunter.dustin@gmail.com>
>>
>>> ~BD~<~BD~@nomail.afraid.org> wrote in
>>> news:j48kii$7ka$1@dont-email.me:
>>>
>>>> I have no doubt that the malware writers now have great skill in
>>>> their ability to thwart the efforts of the anti-malware companies.
>>>
>>> It's not about skill anymore. It's about the $$$ now.
>>>
>>
>>
>> +1
>>
>
> I recognise that because the bad guys are making $billions, they can afford to
> pay *far more* to the gurus than can the anti-malware companies.

Your point?

Gurus working for anti-malware companies are underpaid?

The bad guys have the advantage because commiting crime
pays better than fighting crime does?

Probably all true, but I don't know if the criminals share their
profits with the malware writers as much as they just buy the
products the authors offer and use them in a criminal enterprise.