Removing viruses can be fun

[loveandpower]

Yeah I know I am wierd heh...

Anybody else get a new type of virus (obviously before you find out how much hell it can be) and you are like "challenge accepted!"

Maybe it's just a quirk of mine but removing them (I remove mine manually before I use a scanner if I can help it) seems kind of fun. Before it is said, yes I know some of them can get pretty ugly and nearly impossible to remove.

:huh:

I would even go as far as to say I have learned a thing or two from removing them.

 

[azasadny]

I work for a major auto manufacturer, in the "endpoint security operations" group, which means I prevent, detect and remove viruses for a living and it's fun!!

 

[loveandpower]

Do I "detect" some sarcasm? xD

 

[azasadny]

Me, sarcastic? Never!!!

 

[popeye]

Yea, all fun and games until you blue screen, can't boot, have to wipe drive. Personally, I avoid getting them but you have fun!

 

[loveandpower]

Yea, all fun and games until you blue screen, can't boot, have to wipe drive. Personally, I avoid getting them but you have fun!

Oh I doodle with them on a secondary machine I would never intentionally do that on one I actually cared about of course. I never thought about it but I wonder if it's possible to get a virtual virus.

 

[popeye]

Yea, all fun and games until you blue screen, can't boot, have to wipe drive. Personally, I avoid getting them but you have fun!

Oh I doodle with them on a secondary machine I would never intentionally do that on one I actually cared about of course. I never thought about it but I wonder if it's possible to get a virtual virus.

That's good to know. If you mean a virus on a virtual machine, sure it is possible especially if you are connecting to the internet with it and using a browser and/or downloading files.

 

[Borg 386]

Nothing more fun then being given a laptop & being told "It's got some kind of virus", then finding when you boot there's nothing but a black screen with a blinking cursor....now THAT was a fun one to figure out. I fixed it, but I want the 8 hrs of my life it took back...

No recovery disk, recovery partition couldn't be accessed (at first), the OP was insistent that I do not wipe out their photos & music files.

And then you have the ones where you stick in the MS Defender Offline because getting it to boot is impossible & 4 hours later it's STILL finding viruses...& the scan is only 50% completed. My friend had, if I remember correctly, 2400 & something infected files. It was the one he let his kids use. Go figure....

 

[loveandpower]

Nothing more fun then being given a laptop & being told "It's got some kind of virus", then finding when you boot there's nothing but a black screen with a blinking cursor....now THAT was a fun one to figure out. I fixed it, but I want the 8 hrs of my life it took back...

No recovery disk, recovery partition couldn't be accessed (at first), the OP was insistent that I do not wipe out their photos & music files.

And then you have the ones where you stick in the MS Defender Offline because getting it to boot is impossible & 4 hours later it's STILL finding viruses...& the scan is only 50% completed. My friend had, if I remember correctly, 2400 & something infected files. It was the one he let his kids use. Go figure....

I have heard of relative ones such as that! Never fixed one with that particular situation though.

Hey if people want the long dragged out way tell them straight up obviously it will be more labor costs

I know exactly how you feel though there was this fbi moneypak virus somebody had once but it was a fairly good modified version of it. I learned a lot about that particular virus from working on that one! I had a good eight hours as well into removing that one.

Before I started working on computers my dad had a virus on a NT machine he told me about once where you couldn't find not a single file or folder on the machine. It's like the virus had hidden every single little item. You couldn't even get to the run command or a command prompt or anything in both safe mode or regular windows. I can only imagine the fun that was!

 

[Borg 386]

As you mentioned, there is a positive thing about working with a tough virus. You learn the ins & out's of it. You research about problems being presented, you see multiple solutions & Google as many facts/solutions about it as possible. And you find out the intricacies of it & what makes it tick.

So I try to think of it as a real life case study. And I have learned a lot about certain malware. Especially about rootkits.

 

[Windows 8]

Fortunately I have not run into anything TOO nasty. Usually, AdwCleaner takes care of most of the stuff I end up needing to clean out.

 

[loveandpower]

As you mentioned, there is a positive thing about working with a tough virus. You learn the ins & out's of it. You research about problems being presented, you see multiple solutions & Google as many facts/solutions about it as possible. And you find out the intricacies of it & what makes it tick.

So I try to think of it as a real life case study. And I have learned a lot about certain malware. Especially about rootkits.

Absolutely correct! It amazes me sometimes how many actual defensive update are done to anti virus. And it amazes me how many variety of a single virus there is and how many new ones are made every day. Obviously not one single anti virus is going to be solid proof so it's always a good thing for a techy person to fiddle around with infected machines to figure out what to look for and most common problems and areas of infections.

I talked to a McaFee representative once he made out like you may get a new 100 defensive operations added in a day but in reality there may be a 1,000 viruses that were reported. It makes you realize just how much work people in those positions have to put in. And it makes you appreciate what they do.

 

[Borg 386]

It is quite impossible for any AV to catch anything 100% of the time due to the sheer volume of new viruses being released into the wild at any given moment.

When a new strain is released, the AV's may not detect it at first. The first step is it has to be recognized. After recognition, samples have to be submitted to the AV companies for analysis. Meanwhile the virus is spreading throughout the net. The AV companies now have to analyze the virus, find out how it works & how to nullify it. This can take anywhere from several hours to several days depending on the complexity of the virus.

After this, the solution needs to be uploaded to AV scanners. This can take some time too since not all people update their AV's on a regular basis. Meanwhile, the virus continues to makes it's rounds.

Hence, the reason nothing gets everything 100% of the time. Vigilance needs to be maintained as well as common sense.

 

[azasadny]

My frustration is that we manage about 200k endpoints (clients and servers). We are expected to stop everything but we cannot allow any "false positives", so that is very difficult. I submit files for "blacklisting" and "whitelisting" every day and we do our best to keep up. We have also implemented heurestics and behavior and reputation-based protection, as well as the traditional signature-based protection.