New
#111
tom982 is at G2G cottonball .. doing quite well, as I see.
So could someone tell me what this training is please? Does it for example require one to be involved in the IT business previously because I have spent the last 40+ years in nursing in both clinical and managerial positions.
Does it require an IQ of 200 or more because I just feel that most of the members in here are too cluey for words!
Does it necessarily require one to know how to be able to write software for example??
I am just curious.
As Jacee said, I'm over at G2G. Nope, there aren't any final exams that I'm aware of; instead, we are assessed throughout the training process.
Thanks Jacee!
Hi John,
A few forums run malware removal training programs where they teach anyone who is willing to identify and remove malware. There is a list of schools on the UNITE (Unified Network of Instructors and Trained Eliminators) website:
UNITE - Unified Network of Instructors and Trained Eliminators
The training process varies from school to school, but it essentially involves very experienced malware removal analysts and experts kindly volunteering to pass on their skills to another generation. I can talk you through the process at G2G which seems to be fairly standard now but things may vary at other schools. Here's a list of the UNITE teachers:
UNITE - Unified Network of Instructors and Trained Eliminators
You might recognise #2 on that list! ScHwErV is retired now so technically Jacee should be #1.
Anyone with a little bit of background knowledge of computers can apply to enrol in the malware removal school. The application process is a few simple questions just to confirm you know a thing or two, they are far from brain squeezing - if I remember correctly, the question on my application page was "Briefly describe what the registry is", you get the picture.
Once enrolled, you are given access to what G2G calls the UnderClass library. The training is split into four tiers - UnderClass, UpperClass, Live Logs, Check My Fix (CMF), but I'll come to that in a bit. The UnderClass library doesn't contain anything particularly juicy but it has some good background on older spyware infections and specific removal tools. The fun starts with the UnderClass Practice Logs (PLs). In UnderClass, there are 6 PLs to complete each with various challenges to teach you the skills you need to become an analyst. Here's a brief overview of what the UnderClass PLs taught:
PL1: Familiarising yourself with the forum rules.
PL2: Canned Speeches (post templates) - how to make them and store them.
PL3: A few HijackThis (HJT) log lines to analyse. Please note that HJT is no longer used however the log format (with registry items labelled O1-O38) is still very widely used.
PL4: More HJT log lines
PL5: More HJT and a few other diagnostic tools
PL6: A whole OTL log to work through
OTL is the tool of choice of G2G as the developer, OldTimer, is based at G2G. Other forums may use different tools, like BleepingComputer (BC) has more of a focus on DDS (sUBs) and Combofix (sUBs).
After you have finished UnderClass, you are promoted to UpperClass where you get access to so, so much information. They give you access to the proper tools as well, like the full Combofix tutorial.
In UpperClass, you have another set of 6 PLs to complete but these are a lot more difficult (it took me almost 12 months to complete this!). These put more of a focus on specific infections, rootkits and the like. They also introduce the usage of Combofix.
During UpperClass, you also have to complete 8 registry exercises which train you everything you need to know about the registry - I think they've missed out a few fun things though!
When you complete UpperClass you then move onto the Live Logs where an instructor badly infects either a test rig or a virtual machine with a lovely concoction of malware. You treat this as a live thread and talk the instructor through the removal process - they are told to play dumb
After the LLs comes Check My Fix (this is where I am at the moment). Here you can take on live threads, but under the supervision of an instructor who has to approve your posts prior to you posting them. I'm not sure how many threads you have to do before you graduate, they seem to err on the side of quality not quantity, but judging by past students, it seems to be less than 10; I'm on 3.
Then you're freeeeee :)
If you've got any more questions please feel free to fire away and I'll do my best to explain for you.
Tom
Very well explained, tom982.
I was going to tell ICit2lol, in plain terms, that the schools are a place where you apply, and if accepted, you are taken to a spaceship.
Once there, your brain is modified to an "altered" state, and you are turned into an Android, rigorously trained to search for, and kill infections.
Then, you are dropped off the spaceship, and you seek forums that are Android friendly.
Your mission is to kill, kill, and kill viruses, rootkits, and such.
However, forum Administrators do not know you are an Android, because you act like a human.
All kidding aside, the schools are not an easy ride.
Thanks Tom sounds a bit out of my league I am afraid and I don't like spaceships - I get spacesick you see
But I will take a look and see at those sites you referenced.
John
Cheers Gary. I tried my best to define the acronyms (UNITE, PL, LL, CMF etc.) on their first use so I could use them again without people getting confused but it looks like I missed the key one
lol, spacesick is a new one! No worries, it's quite a large commitment - larger than I first anticipated actually.
Spacesick yep mate it is all that turbulence caused by big things flying by and the constant adjusting the craft to get out of the way of other spacecraft that are flying around up there - UFO's if you are not used to acronyms that means Undiscovered Flaming Obelisks
ive heard of combofix but never tried. almost scared to now. lol
is it just for malware removal and registry cleaning or does it do other things too? I have apps that do those things well... so why would a person need combofix?
where is the best (aka safest) place to download it? I have to take a peek at least. lol
Last edited by macgig; 21 May 2013 at 07:41.