Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware training


  • Please log in to reply
9 replies to this topic

#1 mtvessel

mtvessel

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cymru
  • Local time:11:27 PM

Posted 22 August 2009 - 08:56 AM

I know I've only been a member a relatively short time, and I know there are
no available slots open for training. But can anyone tell me what is the minimum
level of tech/PC knowledge that one should have before requesting training?

Thanks mtvessel
The man who smiles when things go wrong has thought of someone to blame it on. - Robert Bloch

One man can make a difference. - Chief Brody

BC AdBot (Login to Remove)

 


#2 PropagandaPanda

PropagandaPanda


  • Malware Response Team
  • 10,433 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:27 PM

Posted 22 August 2009 - 09:43 AM

Hello mtvessel.

There is no requirement to enter the program, though it definately helps to have general computer knowledge.

With Regards,
The Panda

#3 ComputerNutjob

ComputerNutjob

  • Banned
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:27 PM

Posted 23 August 2009 - 02:20 AM

What does he mean by "request training"? Because I have an extensive knowledge of malware. Not so much the code itself but what it does and how to get rid of it.

#4 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:06:27 PM

Posted 23 August 2009 - 09:44 AM

What does he mean by "request training"?


http://www.bleepingcomputer.com/forums/t/86678/malware-removal-training-program/
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#5 mtvessel

mtvessel
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cymru
  • Local time:11:27 PM

Posted 24 August 2009 - 05:36 AM

Thank you Propagandapanda, i'd like to give it a try, i'll keep my eye open for
a slot. :thumbsup:
The man who smiles when things go wrong has thought of someone to blame it on. - Robert Bloch

One man can make a difference. - Chief Brody

#6 ComputerNutjob

ComputerNutjob

  • Banned
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:27 PM

Posted 24 August 2009 - 06:26 PM

I don't exactly want to be a HijackThis Team Member, I'd just rather be a BC Advisor and help people in AII. HJT logs look like complete jibberish to me. RootRepeal is also kind of hard for me, but I can decipher most of it ( Anything that begins with UAC or geyekr or vsfoce or others, and ends with .sys you should select *wipe file*, etc.) the rest of it is relatively easy, and if nothing can be done, then you reformat and reinstall if you have a windows CD. The basic routine as follows: Malwarebytes, ATF Cleaner and SAS, RootRepeal(if unable to be done then Sophos), Malwarebytes again, and if nothing can be done, it is either restarted as an HJT topic or its recommended to reformat and reinstall. I read AII a lot.

Edited by ComputerNutjob, 24 August 2009 - 06:27 PM.


#7 garmanma

garmanma

    Computer Masochist


  • Members
  • 27,809 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cleveland, Ohio
  • Local time:06:27 PM

Posted 24 August 2009 - 09:54 PM

Anything that begins with UAC or geyekr or vsfoce or others, and ends with .sys you should select *wipe file*, etc.)

That's not quite it
Mark
Posted Image
why won't my laptop work?

Having grandkids is God's way of giving you a 2nd chance because you were too busy working your butt off the 1st time around
Do not send me PMs with problems that should be posted in the forums. Keep it in the forums, so everyone benefits
Become a BleepingComputer fan: Facebook and Twitter

#8 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,317 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:01:27 AM

Posted 25 August 2009 - 01:20 AM

( Anything that begins with UAC or geyekr or vsfoce or others, and ends with .sys you should select *wipe file*, etc.)

Just an addition to garmana's post, the rules have changed recently in AII regarding rootkits. Read this topic for more information.

HJT logs look like complete jibberish to me

They looked that way when I started as well :thumbsup: But, believe me, if you give it a try you will have the opportunity to learn lots of things!

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft


#9 Blade

Blade

    Strong in the Bleepforce


  • Site Admin
  • 12,704 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:US
  • Local time:06:27 PM

Posted 25 August 2009 - 11:35 AM

I don't exactly want to be a HijackThis Team Member, I'd just rather be a BC Advisor and help people in AII. HJT logs look like complete jibberish to me. RootRepeal is also kind of hard for me, but I can decipher most of it ( Anything that begins with UAC or geyekr or vsfoce or others, and ends with .sys you should select *wipe file*, etc.) the rest of it is relatively easy, and if nothing can be done, then you reformat and reinstall if you have a windows CD. The basic routine as follows: Malwarebytes, ATF Cleaner and SAS, RootRepeal(if unable to be done then Sophos), Malwarebytes again, and if nothing can be done, it is either restarted as an HJT topic or its recommended to reformat and reinstall. I read AII a lot.


I'm sure the staff will agree with me on the following points. Before I start though, I want to say that you are not the only one who this is directed towards, so please don't feel like I'm singling you out. And please don't take this as me yelling at you, I'm simply going to give it to you straight and unfiltered. This is not intended to be a flame.

1. There is no "routine" when it comes to dealing with malware removal. Every case, every machine, every situation is unique; what works perfectly in one situation might render a machine unbootable in another. The reason you see what appears to be "routine" in AII is simply because AII is used as a "triage" area for infections. The primary objective of AII is twofold.
  • Gather information about the OP's situation.
  • Apply some basic tools in an attempt to kill off minor infections. This is done to relieve stress on the already overworked HJT Team.
2.)It is both incorrect and dangerous to assume that simply reading AII threads and watching other helpers can teach you all you need to know about malware removal. An understanding is required to be truly effective. You must know how to interpret symptoms, read logs, predict outcomes, and, most important of all, adapt to any situation that may develop. These skills are not something you can develop simply by copying the actions of others.

3.)This is NOT a video game. There is no reset button, no cheat code. You are giving instructions to people who often have no idea what's going on. If you tell them to do something, they will do it, because they trust that the helpers at BC know what they're doing and have their best interest at heart. Every time you screw up, every time a machine must be formatted because of something you did, you are costing the OP time and possibly money that they might not have had to use otherwise. In some cases you might end up costing them a whole lot more than that. As a helper, be it in the HJT forum or in AII, you must always remember that you are dealing with real, living, people. I think that this is something that the Internet often causes people to forget.

I'm not claiming to know everything about malware removal; I'm still in training after all. But I do know enough, and have worked with it enough, to see and understand the harsh reality of what I, as a helper, am up against. I think it's important that everyone who aspires to be a helper of any sort here at BC understand this as well.

~Blade

Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+


#10 ComputerNutjob

ComputerNutjob

  • Banned
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:27 PM

Posted 25 August 2009 - 09:22 PM

I know, I was only saying that that was the most common way that most BC Advisors try to solve a problem in the beginning, and I do know all of that, I was only saying that I knew what the most common course of action was, and that I read AII a lot. Don't have to make me look like an idiot :thumbsup: . Anyways, thanks Elise, I did not notice that until now.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users