txt.si/blog

My playtime with viruses

Content on this page is probably outdated and represents my personal knowledge, feelings and understading of things at that time .

So, as I’m a gnu/linux user, I don’t encounter many viruses in my everyday. But every once in a while I get a computer from a relative, or friend to “play” with it ( eg. clean it,… ). And usually I run the antivirus software, do some other tricks and I’m over with it.
But this time, I got an interesting laptop in my hands. It was a pretty old laptop, with Windows XP installed. So I begin my rutine, but:
- All AntiVirus software I tried, crashed miserably upon start ( I tried, NOD32, avg, clamwin, Avira..)
- Task manager is disabled
- Safe Boot BSODs
- There’s no Run in the Start menu
- All the relative administration utilities are locked down ( they crash, or the user doesen’t have appropriate permissions.
- the DVD/CD-rom is broken

So, I went on a search for external DVD-rom, but not even one local store had it. So that was a no-go for format. Then I poked around a bit, installed some antivirus software, found out that I can’t even access Flash disks, etc…

Then, I tried a scan over the network ( with NOD32 ) and failed miserably.
But to my surprise, Avira’s C scan worked, so I guess only full Avira was stopped/killed by the virus. I scanned it, removed the virus-es ( 73 or so ), done some other tricks to restore task manager & cleaned the registry etc…

Now, when the relative is happy browsing with his cleaned laptop ( and a bit more secured ) I’m left with pure amazement over the virus. It locked down the user, disabled antivirus software ( and sites ), and done it’s stuff. I’m really amazed how the user didn’t notice lack of av software for so long. Usually, with my previous virus experiances, it was obvious that the computer is infected ( popups, weird programs installed, .. ) but this one, was unnoticable by a common user.

Scary.