Monday, August 11, 2008

HOW TO SET THE FOLDER OPTION


this is how ur system drive(may be c://) will appear i.e. system files will apear blurred.
N.B. Don't delete any system files (NTDETECT.COM, MSDOS.SYS, PAGEFILE.SYS, MSDOS.SYS, NTDLR, IO.SYS, BOOT.INI, AUTOEXEC.BAT). Except these there should not any file in the category system file. if any found it may be a virus, but flash drives does contain any file like this,so delete the file as u see.(don't double click on it anyway).

u shouldn't double click/right click on any drive (local drives also). To open a drive u should go from the address bar or explore mode as shown below.


Posted by at No comments:

Friday, August 8, 2008

analysis of the viruses

i do'nt know about the generic classifications of the viruses , as a user i have analysed the activities of the viruses ..
viruses spread through
  1. webpages containing scripts.
  2. removable drives(CD-R,CD-RW,Floppy Drives,Flash Drives)
  3. downloaded softwares from unknown sites

Webpages contain javascripts,vbscripts which change the computer settings and run the virus programmes. But every time we come across a script page the browser(IE,opera,mozilla..) warns us. This scripts can be permanently made off in the browser settings.

Removable drives come with a autoplay/autorun option, that helps the virus writers. if u put a text file autorun.inf it will run the programme written on the file. when the user double clicks the drive(also possible in local drives ..C://) it runs specified programme(here it is virus). There are some scrpits which runs virus on right click on drive. The viruses once started

  • Link themselves with the system files
  • Sheduled to start every time a user log in.
  • They a leave copies in system folders
  • Change the system registry
  • Change the folder option(Disable show hiden file,system file,file Extension name)(Nonrecoverable)
  • Lock the Ctrl+Alt+Dlt option (Not in all viruses)
  • Lock the taskmanager (Not in all)
  • Lock the RegistryEdit (Not in all)
  • Lock the Command Prompt (Not in all)

Softwares from some unknown sites contain hidden viruses. when the user double clicks on it uncopmress and then run the programmes including the virus. it does its work right but hiddenly it makes way for the virus.

Prevention

  • Allow scripts from trusted sites
  • Do'nt double click or rightclick on any drive (local/removable)
  • disable windows scripthost(wscript.exe)(just replace with any .exe file with same name otherwise it will be reinstalled automatically)
  • show hidden files,system files, file extension in folder option..

Posted by at No comments:
Subscribe to: Posts (Atom)