Viral Intro
March 10, 2010
I work in IT, computer repair. I’ve worked in the computer repair business for a long time. I have and saved countless computers from their owners and malicious software. 2007 was an interesting year because that’s when Spyware/Adware/Trojans/Worms/Backdoors/Root-kits really started to become a huge problem.
It’s a very grey area how to classify viruses, so suffice it to say we’ll call them malicious software, or malware for short.
In this blog I will post my workings and insight to anyone who stumbles upon this site. I’m open to answer questions as well, but keep in mind I am a professional. I am very hesitant on exposing my virus removal process as this is what puts food on my coffee table whilst I watch anime.
I find malware interesting; there is a strange motivation behind it all. Before 1998 it was mostly experimental and just people seeing if they can do it. Since then, it has become a large market thus it drives profits. Now that you have money entering and creating a new market, you need a product and service. But you also have to create a need.
It’s obscure to think that the large security companies rely on backdoor grey and black hat crackers (Hackers who exploit tech.) in moms’ basement for a multimillion dollar company. That’s not job security, I’m sure these companies secure their place in the world. I mean why not, it’s expanding your business. You create the problem, and later release your counter for it.
That’s right I’m accusing security companies of being the problem not the solution, but prove me wrong! It was legal for a time, but is it lawful? I would like to see the FBI do a thorough analysis on where the money goes and look at the spending for every 5 dollars for the last 5 years. If found guilty, don’t punish the companies by a fine, make them advertise in black and white on every ad they do that they create viruses. Let’s see the reputation of this company grow after that. That will be better justice then any fine you could ever give them. After 2 years of that, let the FBI do another analysis, if they are not guilty this time, let them be go. I’m not the only one making this claim; it’s suspicious that a security company can thrive out of nonsensical issues developed by engineers. However, it’s not obscure that companies thrive on ignorance of the people.
Unlikely that will ever happen, but it would be a satisfying justice for everyone who does computer repair.
Now, the reason I created this blog is not to scream radical theories about where I think they are coming from, though I will from what I see and do. To inform the viewer.
Recently the main computers affected are XP computers and not Vista. XP has become a lot more secure with the latest updates. This causes the malware to be easier to remove, but still there is a problem keeping them off. Viruses on XP typically disable any program that’s not set to automatically launch at a fresh startup. So you cannot run any program, or look at a lot of information about the computer. Oddly enough, if you are able to bypass this malware defense, you can usually end task the problem program directly. Not something you could do in 2008 or earlier. If you’re unlucky, you have a Root-Kit, in which few things can help.
Root-Kits take over the core system files and imbed themselves into the system. Thus the virus becomes part of the system and the computer depends on the virus in order to work. They are considered the most dangerous form of malicious software. However, they won’t have as big impact if they say, took your banking records and emptied your accounts.
Malware will have defenses to keep the normal user and professional from removing it. I have seen malware disable a keyboard and mouse input. Disable any program from opening. Disable safe mode. Corrupt backup files. Corrupt anti-viral programs are a typical one you see and the first indication of an infection.
The worst case I found is when “Norton” from Symantec was compromised, giving false updates via the HOST file to somewhere Thailand. These updates would turn the anti-virus system into the virus! It was removing any picture, system file and document. Just placed a bad virus detection module and off it went to destroy the computer. Falsely identifying pictures, documents, music and system files for a virus!
More to come!
-Ken
Originally written December 4th 2009
