45 replies to this topic

[mitchshrader]

I'm in an odd position, and perhaps others are similarly. I am *not* any sort of expert at fixing hijacks and exploits. Spyware, trojans, and virii have become very elegant of late, with zero-day exploits on the rise. It takes a strong foundation and constant attention to remain current; and sincere and dedicated effort to be qualified as expert.

I don't care enough to devote that sort of attention to parsing logs. HOWEVER, I do wish to assist as my interests and abilities permit. What I am best at, is configuring computers to be minimally vulnerable. This is a combination of good habits, software prevention methods (updating, firewalls, IP blocks, host files, others) .. and hardware installs/configuring.

It does overlap with hijack removals, in one sense, as far as those who've done all the 'best practices' I highly recommend are MUCH less vulnerable. It doesn't replace the need to clean up; but will greatly reduce the occurrance of infection.

Now, my ego and realism combined say that it'd be foolish for me to claim expertise I don't have, and as well, unsatisfactory to fail to offer informed advice to those who are interested in avoiding the frustrating need for cleaning malware in future.

This leads to a question. Can there be some sort of recognition given to those who aren't log parsers? How best to recognize a focus on prevention, in various forms, while not claiming *cleaning* expertise not present? I don't know if this forum is the ideal venue for such efforts. I do know it's the one I post in most frequently.

Does anyone else feel a bit over their head trying to rapidly analyze logs and yet feel qualified to offer prevention/configuration/setup advice? These are the folks I'd want to be grouped with, and learn from. Comments?

[cnm]

Maybe you belong in the Developer group?

[ITeachComputer]

Does anyone else feel a bit over their head trying to rapidly analyze logs and yet feel qualified to offer prevention/configuration/setup advice?

Well, I am well quailified to give basic to intermediate advice on computer basics and many software applications.
http://www.smartbasi...sicsBioPam.html <--BIO

That is what I do and I have been doing that since 1987. But, because many of my clients are either "elderly" and/or "brand new" to computers, I find myself doing regular computer maintainance, spyware removal, Virus protection installs.....yada,yada, right along with teaching all the basic to intermediate things that a person does not know and needs to know to keep their computer running smooth as possible and safe on line, all while I am teaching them software LOL.

I received so many calls this last week or so for "nothing but Spyware problems, that I could hardley keep up. So, I definetly need the HijackThis information too. And, yes, I do feel a bit over my head, but that is because there are so many new strings to learn and what they mean. But I will get it..........

But, I would be glad to join you in an area like this if there is one.....and help out.

I am confident that you have much more knowledge than I do in many areas, just from your other Post I read. But I am sure that I could be an asset somewhere with all my knowledge.

I'll go over and take a peek at this forum on the "old site" to see what type of posts you did over there. I am not sure I ever looked at that area.

Not sure if this is the type of info you are looking for...but I thought I'd throw in my $1.00 worth ))

[kazzoo]

I feel much the same way Mitch. I have a A+ Cert but working these logs are a struggle for me. Dont ever think I am going to get expert at them.

I have been hanging out here for about a year to gain working knowledge of malware and the tools to remove it. I use this information to help my friends/customers/relatives and a little at the public forums. Yes, like you ,I am more comfortable in the hardware/os configurations, installations, cabling, firewall and networking issues and am not a expert in identifying malware.

I am more of a computer plumber. Call me in to remove the clog and the slow drain...

I do not doubt you can recognize many of the entries of HJT and the symptoms of a compromised computer. You know enough to run appropriate tools and can recognize when something isnt right. Like me you also are wise enough to let those who can do malware detection better than you do it.

I took on the Helper Trainee title here because its the only way I can hold myself out as professional and be able to jump in posts where my skills are appropriate.

I use the Helper tag to let visitors here know I am not going to ask them to do a harmful things and the advice is going to be thoughtful and well reasoned. I am a professional, just not a malware, and exploit one. (least not yet)

Perhaps Mitch the answer is not so much having a separate forum as there is one here. Pc Troubleshooting..full of hijacklogs. Software forums..Full of hijacklogs, and just about anywhere else there is probly a user posting one of them. But thats another issue.

Yes, it would be interesting to be able to be indentified as a "trusted" to the posters and not just somebody who just surfed in from the net and got a post count. It is about credentials, and not about title collecting. Perhaps " Trusted Hardware/OS Advisor" as a group? Would serve to give notice to the poster what your trusted status is and that you are part of the volunter staff. Would not take away from the Experts, Trusted Advisors, Helpers, Helper trainees, Mods, Devs who are doing the Lions' share of what makes SWI what it is.

Edited by kazzoo, 15 May 2004 - 11:53 PM.

[cnm]

Well, if Mike likes the idea of a new Group, he'll come up with the best name for it.

My tries are:

PC Consultant
Hardware/Software Advisor
Sage

Software forums..Full of hijacklogs

No way! We move them.

[kazzoo]

I stand corrected,

a case of poetic license and poor editing on my part.

But you know what I meant.

Thanks!

[cnm]

Point of pride that we keep things organized at SWI.

What would you name a new Group?

[Mike]

Fine with me. What about "Computer Guru" or "Computer Expert" or something?

Or "Wiseass" in Mitch's case?

[mr bones]

Wiseass is fine by me

Seriously; PC expert just about covers all angles from hardware, networking to Windows itself

We seem to be missing all those cool smilies.

[Budfred]

How about PC TroubleShooter since we have a PC Troubleshooting forum??

[timberlandko]

Kinda out-of-my-place, here ... was mostly just a "Registered Lurker" before the forum move, but I like the "PC TroubleShooter" category too, and would enjoy participating in that aspect, even though I've decided to apply as a Helper Trainee and learn more of that aspect. I figure its all part of helping folks defend themselves and better enjoy their online and overall computer experience.

[cnm]

PC TroubleShooter sounds good to me.

We could add a description to The various helper groups here, Who is helping you?
along the lines of

PC TroubleShooter: Hardware and software experts who can provide first-rate advice for problems that don't involve spyware.

I guess not this

PC TroubleShooter: Hardware and software experts who have no clue about reading HijackThis logs.

[ITeachComputer]

ROFLOL, CNM............I just re-read your post and clicked the link you had in there as well, which I did not do before.....musta' missed it......

Had a good laugh at "I guess NOT THIS"


Yes, PC Trouble shooter sounds good to me too..

Although I do not work with Hardware or on much Hardware/software issues, and could not measure up to Mitch and Kazoo, in the hardware/programming area, I do have a ton of "How To Knowlege" for the new to intermediate computer user.

I would be able to, help with what I know how to do in my sleep, and leave the things I don't know to others.

As mentioned in another post I made, I do mostly "COMPUTER BASICS" and "COMPUTER INTERMEDIATE" for those who either have "NEVER had a computer before, or have had it for awhile and have no idea what to do with it, or how to do it IE: defrag,scan disk,figuring out what to open a file and with what application, save and save as, making folders on HD and shortcuts. Well, you know....

I would still want to stay in the boot camp Hijack log area and learn all I can though, so maybe I can do both

Edited by ITeachComputer, 16 May 2004 - 11:32 AM.

[cnm]

Yes, if we create the new group we should give it access to Boot Camp I think.

[mitchshrader]

Thanks to all for comments. I decline to apply for a patent on *wiseass*. Looks like there *are* folks who fit the category of 'not-Noob' and yet aren't log parsing gurus.

Now about label.. whatever is stuck on will last. Careful Thought if you please.

PC Doc, PC Guru, PC Skilled, PC Tech, all ideas. Why don't I like 'troubleshooter' ?

Cause with 'Pee Cee' on the front its 6 syllables. awkward. thats my whole issue.

I'm a lazy fellow.

I'd hope that some tasks that are dealt with sporadically, with irregular priority, in the cleaning threads, could be given a clear focus in another group/forum. I don't know who may choose this niche, but prevention methods, diagnostics, networking and general comp training are all separate issues.

I do think that using ONLY the HT log analysis skill to determine 'Status' takes attention from the prevention aspect, but there is significant overlap of expertise. Those two are close.

Diagnostics of unknown issues is more associated with hardware and general computer knowledge, which drifts over into simple networking.

And then you've got Linux and Mac's, ahem, which hardly are touched by spyware at all. So. A spectrum of interests.

If you asked ME what to call 'Helpers' that was indicative of status, known ability, and didn't imply spyware knowledge past a necessary minimum, I'd say 'CompTech' which won't offend Both The Mac Users, is vague enough to have subcategories and 'Seniors' and Trainee's.. and even has room for networking.

but please, not 'P C Troubleshooter' .. gack. scuse me.

[Coyote]

Techie?

[mr bones]

I'd say 'CompTech' which won't offend Both The Mac Users, .........

:o You mean there are two of us??

Apple must be on a roll.

[wawadave]

hello
i would fit into this category quite well once you come up with a name for it
none spyware pc tech,s group would work well here.
jmho

[rosso_acido]

I too find logs challenging enough to attempt parsing quite a few - and not doing hopelessly bad, by the looks of it - but I feel a lot more at ease with troubleshooting software and/or hardware, cleaning (obvious) virus infections and spyware etc. and helping with general computer maintenance on a more practical level. I do believe I can be of a lot more help in this field.

I've been doing this for quite some time now, for most my relatives, friends and neighbours. I love machines of all kinds and have been dealing with them one way or another ever since I was a kid.

So if there are plans to create such a group, I'd be honoured to be counted in.

R.

[mitchshrader]

Everybody is going to have issues they know very well. No one is going to know them all. I've been learning comps less than 5 years total. What I know is pretty solid, BUT.. very limited. (specify ignorance of modems, 98, 95 fersure, ICS, ISA cards, blah blah.. tonza stuff)

My main reason for wanting to be in a group is to share and improve the knowledge base accumulated, while it has useful relevance.

Topics that seem (to me) worth teaching are 'virtues of computer learning'. Patience. Precision. Logic. Clarity of communication.

There are folks I greatly respect for their seemingly infinite awareness of Every spyware issue, (hi, TK!) but I know logically they find something new to learn often, and THEY have gurus too.

AS A GROUP, we could all be more effective, practicing teamwork, than any single individual no matter how adept.

sure would be nice.

Edited by mitchshrader, 16 May 2004 - 02:56 PM.

[Trilobite]

‘Pc Expert’ or ‘Computer Guru’ would fit me much better than say ‘helper’.

Of course so does ‘Wiseass’

[Budfred]

How would we determine who is a PC Expert?? If you narrow it down to a few areas, I am a PC Expert too. If you put me in front of a broken network and say fix it, you better have a comfortable place to sit 'cause it is going to take a while.....

[mitchshrader]

Agreed, i know two or three brands of routers, and none em start with Cisco. But lets look at the need. We will NOT be providing paid tech support to businesses.

This affects our standard of 'Expert'. And for all of me, I'd rather just have a generic 'CompTech' rating to start, with a very flexible entrance policy. Expert can wait, until it becomes obvious who IS one. I don't expect to EVER be an expert.

Some parts of the field are near obsolete, I didn't get it then and won't be learning it now. Other parts are very specialized, irrelevant as far as the average n00b is concerned. (Domains, gigabit lan, cryptography, bluetooth, etc.) A less informed tech who is fast with a search engine and has excellent people skills might be more 'expert' to a n00b than a steeped in *nix network guru.

How about just 'CompTech' for now? Table the expert issue till we know more.

[Archon_Wing]

I'd say 'CompTech'  which won't offend Both The Mac Users, .........

:o You mean there are two of us??

Apple must be on a roll.

I thought only PC's screwed up.

Ok, back on topic, how about just Computer mantienence specialist? Or Tech support or possibly "Computer preacher "

[mitchshrader]

In an effort to try to figure out what constitutes 'expert' (in this context).. I'd like to get input into what sort of questions we might expect to answer. How Do I 'X,Y,Z' .. or I have 'X, Y, Z' problem, what should I do to correct it?

Some matching of known skill sets to questions submitted could occur if such were known to the group. If you're entirely familiar with particular hardware or software, better you be the one to field a specific question on them.

how to organize the info about such skillsets I know not.

Any clues, to either the first part (predicting issues requiring specific experience) or the second, assembling a summary of relevant techs-pertise?

[mitchshrader]

I guess i have an opinion. *If* someone sells a service, (I do, sometimes) and uses the free support offered by this site in a way which could be construed as advertising that service, (I don't) it SEEMS to me that there's a high risk of cross purposes and a potential for competition between volunteer techs.

Now, I don't say its wrong to do a bit of shameless self advertising.

But who decides the guidelines? I dunno if any exist.

And EXACTLY where does the line get drawn? Again, I dunno.

This is where my opinion comes in. So far, in doubt of how to treat this issue, i've decided its safer to dodge it.

Any wiser and more informed folks please jump in, cause I have exactly no desire to leave this unresolved.

We all need to eat. How much, precisely, SHOULD we mention (or not) our commercial services in our posts as volunteers? What's fair to the users, and to each other, and to the purpose of this site? (The which we don't pay for, nor get paid by)? Is there an acceptable answer OTHER THAN 'don't do it'?

I don't claim to know at all. I do claim the issue needs to be brought to Admin attention and some sort of clear and simple policy voiced.

[Maddoktor2]

I'd say 'CompTech'  which won't offend Both The Mac Users, .........

:o You mean there are two of us??

Apple must be on a roll.

Scary...

[Gwyrox732]

A comp support group would be cool if it happened, although everyone would be screaming "i want in" as they just want a cooler-sounding title than "helper trainee" or "helper" (incedentally, I want in ). Also, as CompTech or whatever is, by nature, a more general group than really anything else here ('cept maybe Administrator) it would be difficult to come up witha practical entrance exam or anything (unless you were required states maybe one area of expertise for the exam to be formulated around). And Mitch, as for the self-promotion I would say you can link to it in our sig, suggest it if it's relevant, but don't make it out to be a necesary end-all-be-all type of thing. Lastly, MD2, love your definition of Win95.

[kazzoo]

Mitch, if I may call you that, in your case you are a known entity at the SWI forums.

Even in my short association here, I know that you are a systems builder, consultant and employed to some degree as such. I know of this because I asked you about it once for an assignment I had in Technical reporting awhile back. From my observations, much of the staff and management hold you in some esteem already. You do Channel Op in the official Chat room and that shows some visible public measure of that trust.

Therefore, in your case whatever degree Mike/admin staff trusts your judgment in giving advice and representing the Forums will determine how you might be set apart and recognized.

For my own experiences with you, I have seen your postings on hardware, browsers choices and because of you, I discovered Newegg as a source. A little thing? No, in real dollar terms you save me each time I use it. Also validated for me some of the practices of sensible system configuration and led me to sources for others. As valuable to me as removing a piece of spyware would be. I would trust you as an advisor. Nevertheless, that is a subjective opinion. The issue becomes how is a casual person who surfs in to know you can be trusted. Yes, it is about credibility and the stamp of approval.

Now to my opinion what one would have to know to be part of any recognized CompTech group: Certification, schooling, making an income from, employed in the field of, Computer Information Technology. The person should be able to prove this. This will keep the group credible. An objective measure. You do this now to some degree with having tests to move volunteers to the next designation in the spyware expert track. Exceptions would be by Mike or Admin staff on a case-by-case basis.

You would not want to lose the self-taught person who wants to volunteer. If that person has networked, built, administrated, maintained numerous multi os booting computers/servers, with his own private t1, serving up web pages including email, FTP, SQL with intrusion devices, firewalls, routers, remote sites administration, wireless with his own home grown antenna's and programs in obscure languages for a relaxation. The person the ISP calls when they have a problem they cannot answer, but does not have "paper". Extreme example yes, but Real life experiences count as well.

Nevertheless, defining a group is by definition exclusionary. It is not a track type of group with classrooms and training people to go on to the next level. The expertise has to be gained elsewhere and brought to it.

I do have one concern though; SWI is about spyware and its removal/eradication. Does anybody think would the addition of another group change focus from what SWI does the best? Should SWI just stick to the spyware or is there room for other types of help?

[cnm]

Here's my take on this. I do not of course speak for Mike, but this is my understanding of our policy.

Advertising of anything commercial (including services) in the forums is SPAM. Advertising should be done through Noggie.

A group to support and guide about OS, software, non-spyware problems would be fine, but this is Spywareinfo.com and fighting spyware is the main thing we do.

There are truly excellent hardware forums where I have referred people, such as the one that mjc moderates: PCGuide. That's where I learned about NewEgg among other things. The level of hardware knowledge there positively intimidates me. I don't believe that is our lline of work.

[wreck]

Just my 2 cents worth, but although SWI has always had its main emphasis on Spyware removal and is outstanding -- it has also offered help for general computer problems with both hardware and software issues. This has kind of been a secondary service offered by volunteers that happen to know about a particular problem. I personally would hate to see that discontinued.

[cnm]

So would I, wreck. I agree entirely.

I just don't see setting up a major hardware group here. I do like the idea of a group whose label indicates general computer knowhow, but qualifying people as hardware experts etc. seems to me out of our line.

[mitchshrader]

i agree its a fine line to walk.

as happens, a significant fraction of the users with questions are Not certain the blue screen, comp lag, 100% cpu useage, random reboot, etc.. has anything to do with spyware.

Sometimes it does.

Equally, some folks who suspect spyware have hardware or configuration issues as well as (or even instead of) the spyware.

Given that spyware is a 'moving target' and the effort required to stay current is significant, not all interested tech-savvy folks have the time .. but they Are able to do diagnostics, configuration, and general troubleshooting.

Agreed there are hardware/comp support forums, already existing. There are also program specific support forums for some anti-spyware software. SWI, to my knowledge, *emphasises* the need for user support over supporting *only* a particular program.

There is help with virii (not spyware) and trojans (not spyware) and occasional help with configuration of programs which have specific forums elsewhere. USER support, spyware focused, has been my understanding of the goal of SWI. not exclusionary of other issues, but just keeping spyware removal as the central purpose.

My point is, and i will reiterate, *For SWI users* who receive NOW sporadic attention to diagnostics, configuration, networking, etc, issues, from offhand, unrated members, on a guess-by-guess basis, it would be a service to have some
diagnostic and configuration, (and possibly prevention) group that addressed these issues formally.

KrispyKreme isn't Starbucks. But they Do sell fresh coffee. They DON'T send you down the street to the other guy.

Edited by mitchshrader, 17 May 2004 - 07:42 AM.

[Mike]

I talked to Mitch about this yesterday. How does this sound?

I create a new category called "Computer Tech Support (non spyware)" or something similar and move the "Software" and "PC Troubleshooting" forums under it. Create a new membergroup called "Computer guru" or "Computer Wiz" or whatever and make them the "Experts" as far as the new area is concerned.

[cnm]

Sounds good.

The only problem I see is that we tell them to post their logs in PC Troubleshooting if they just want a checkup, and the guru's don't feel they can advise much on logs.

How about a new forum just for checkups?
"Just need a checkup" or "Is my log clean?" under "Spyware, thiefware, browser hijackers, and other advertising parasites" maybe.

Or we could do as other forums have done, and have just one forum for HijackThis logs. (Don't like that idea myself, "Malware Removals" is a great name and separating the probably clean from the probably unclean makes sense).

[ITeachComputer]

Boy, that sounds good to me.....there are a lot of levels of tech support, so the levels should be be easy to figure out.

Mitch had mentioned making a list of things we work with in our area. So below is my list of "just some of the basics" that I teach:) Certainly not all, but some.

How to purchase to last & to fit your needs/Computer packages vs independants
Leaving it on or turning it off
Installing/uninstalling
downloading/uploading
Surfing safety-recommending Spyware Progs & settings in MSIE for safer surfing
Basics to intermediate in most software applications
Save/save as
copy paste
scan disk/defrag
working with photos
Working with Ebay and other Auction help
Cleaning out the start-up/systray menu/why and resource hogs discussion
Power settings/screen saver issues
ISP discussions ie:dial-up vs cable modem (I'm sadley lacking DSL knowledge)

The above is certainly not the extent of my knowledge, but in the above, I am pretty much an expert. There are other areas in which I would concider myself "very knowlegable" and would give some advice in, depending on what it was, but don't teach or support it.

My"motto", "When in doubt, leave it to the "experts" And, I do! I have no problem at all telling someone, "I don't know this well enough to do this" , I recommend ...whom ever!

There, my $1.00 worth <g>

[cnm]

In addition to my suggestion above, it might be good to change the name of PC Troubleshooting to something like "PC help and advice".

[Gwyrox732]

Sounds good to me. Of course my opinion doesn't count as much as ITeachComputers's, as mine's only worth 2c as opposed to $1.00.

[redlox]

Thanks to all for comments.  I decline to apply for a patent on *wiseass*. Looks like there *are* folks who fit the category of 'not-Noob' and yet aren't log parsing gurus.

Now about label.. whatever is stuck on will last. Careful Thought if you please.

PC Doc, PC Guru, PC Skilled, PC Tech, all ideas. Why don't I like 'troubleshooter' ?

Cause with 'Pee Cee' on the front its 6 syllables. awkward. thats my whole issue.

I'm a lazy fellow.

I'd hope that some tasks that are dealt with sporadically, with irregular priority, in the cleaning threads, could be given a clear focus in another group/forum. I don't know who may choose this niche, but prevention methods, diagnostics, networking and general comp training are all separate issues.

I do think that using ONLY the HT log analysis skill to determine 'Status' takes attention from the prevention aspect, but there is significant overlap of expertise. Those two are close.

Diagnostics of unknown issues is more associated with hardware and general computer knowledge, which drifts over into simple networking.

And then you've got Linux and Mac's,  ahem, which hardly are touched by spyware at all. So. A spectrum of interests.

If you asked ME what to call 'Helpers' that was indicative of status, known ability, and didn't imply spyware knowledge past a necessary minimum, I'd say 'CompTech'  which won't offend Both The Mac Users, is vague enough to have subcategories and 'Seniors' and Trainee's.. and even has room for networking.

but please, not 'P C Troubleshooter' .. gack. scuse me. 

I do the same thing you do in terms of new users, seniors etc. Most calls have to do with malware and virii messing up their PC's. They buy a new PC with NAV preinstalled..get a virii in 10 minutes of use. After they're called the mfg. tech support which leads them thru 2 hrs. of reinstall sys. and of course the jukware same thing happens again. They call me. I find that NAV was NEVER activated and WIN updates not done. It would be nice if the manufacturers enclosed a large warning stating that the user must activate the virus program and do win update immediately. Insofar as name....how about PC Exterminator?

[Nick]

How about a new forum just for checkups?
"Just need a checkup" or "Is my log clean?" under "Spyware, thiefware, browser hijackers, and other advertising parasites" maybe.

I think there should be something done to seperate the HJT logs and the non HJT items in the current PC Troubleshooting forum. On the old board, the HJT logs took over the PC Troubleshooting forum, and I saw the few non HJT posts get lost in the abundance of the topics with logs.

[Budfred]

I think the Mods keep moving HJT fixes out of the PC Troubleshooting forum, but people don't read the instructions and keep posting them there... Probably something like "PC Troubleshooting NO HJT LOGS!! " would be slightly more effective...

[cnm]

Mike tells them to post their log there if they just want a checkup. The forum legend on the old board:

Spyware and Hijackware Removal Support
This forum is for help getting rid of spyware, browser hijackers, porn dialers, thiefware, and all other unwanted advertising parasites.

If you have none of the above and just want someone to check your log for anything suspicious, post that in the PC Troubleshooting forum please.

On the new board it says:

Malware Removal
This forum is for help getting rid of spyware, browser hijackers, porn dialers, thiefware, and all other unwanted advertising parasites.

If you have none of the above and just want someone to check your log for anything suspicious, post that in the PC Troubleshooting forum please.

Click on SWI Forums and scroll down to see it.

[Budfred]

OOPS, then I guess that wording wouldn't work very well....

[Nick]

Maybe a subforum in P c Troubleshooting for HJT checkups?

Edited by Nick, 21 May 2004 - 10:11 PM.

[cnm]

That could be done. But a lot of the folks in this thread don't want to look at logs, that's why I suggested a "Just a checkup" forum for logs next to Malware Removal, on the same level in the forum tree.

[Gwyrox732]

Heck if it's just check-ups we can browse through the log and if we see anything we can send 'em on over to Malware Removal, otherwise just offer the congradulatory "you're all set, the log is clean". Because I'm sure most of the people that'd be in the group would have a least basic knowledge of logs, ya know?