CrazyEngineers
  • Neha
    Neha

    MemberJul 25, 2008

    All about viruses

    Hi!
    Am starting a thread on viruses, the most common thing that effect our PCs/laptops almost daily.

    Lets discuss some common viruses and how to tackle them where our antivirus fails.
    Replies
Howdy guest!
Dear guest, you must be logged-in to participate on CrazyEngineers. We would love to have you as a member of our community. Consider creating an account or login.
Replies
  • Ashraf HZ

    MemberJul 25, 2008

    Good idea, Neha.

    One of the best ways to protect yourself from viruses is from proactive defense. Among college students, virus propagation is greatest through USB flash drives. When they plug them back into their own computer or laptop, the virus goes straight into action.

    To stop that, use programs such as TweakUI to disable the autorun function. Next, always scan the drive before opening it. However, sometimes scanning isn't always practical because your USB may contain a gigabyte or more of data. What you can do is right-click and click on "Explore" instead of "Open". Then, make sure "Show Hidden Files" option is selected. Viri and their autorun files usually reside at the "root" of the USB, so you can immediately spot them and delete them.

    There are some instances that the "Explore" function is hijacked by the autorun file as well as the "Open" function. You'll know this if it is bold in text. In that case, access the drive through a file exploring program.

    What I can suggest is that you put all your files in a folder (or a few folders) in the USB. That way, you can easily see any program that installs itself on the root of the USB drive. Also, even if you cannot stop virus files installing themselves on the USB, you can stop their "autorun" files being placed as well. You can create "fake" autorun files that cannot be over written by virus ones 😉 A program that can do that is this (<a href="https://experi3nc3.wordpress.com/2007/05/10/flash-disinfector-by-subs/" target="_blank" rel="nofollow noopener noreferrer">Flash Disinfector – Flash Drive Autorun Malware Remover by sUBs | eXPeri3nc3's Corner</a>). That program can also fix some errors caused by virus.

    Thats it for now!
    Are you sure? This action cannot be undone.
    Cancel
  • Neha

    MemberJul 25, 2008

    Thanks Ash!

    Its good to start with USBs as they are the common but risky mode of transferring data these days.

    First of all, cancel the autoplay option(appears when you plug in your USB) asking you to "open folders to view files", "take no action" etc. This decreases the chances of virus spreading.

    Now, some of the common viruses that are spreading through USBs:
    • Ravmon.exe
    • New Folder.exe
    • Orkut is banned
    Removing Virus

    The following steps may help you remove some of common viruses:

    1. Open the command prompt.
    Start>Run>cmd

    2. In the command prompt, type the drive letter(eg. G: ) and press enter. This will display a list of the files in the pen drive. Check whether the following files are there or not
    • Autorun.inf
    • Ravmon.exe
    • New Folder.exe
    • svchost.exe
    • Heap41a
    • or any other exe file which may be suspicious.
    If any of the above files are there, then probably the USB drive is infected.

    3. In command prompt type attrib -r -a -s -h *.* and press enter. This will remove the Read Only, Archive, System and hidden file attribute from all the files. Now just delete the files using the command del filename. example del Ravmon.exe. Delete all the files that are suspicious.
    Are you sure? This action cannot be undone.
    Cancel
  • sauravgoswami

    MemberJul 25, 2008

    well i m encountering a trojan which opens new folder by the name of the folder i have just accessed,treid antivirus,but got temporary relief
    Are you sure? This action cannot be undone.
    Cancel
  • Neha

    MemberJul 27, 2008

    Does the new folder opened have the same contents as your folder??

    Would it be right to say that when you open the folder, its opened in a new window and not the same one?
    Are you sure? This action cannot be undone.
    Cancel
  • KSHIRABDHI

    MemberJul 27, 2008

    hi everybody
    i am new here in CE
    plez tell me something abt trojan
    Are you sure? This action cannot be undone.
    Cancel
  • yudi

    MemberJul 28, 2008

    --kshirabdhi
    about trojans
    <a href="https://en.wikipedia.org/wiki/Trojan_horse_%28computing%29" target="_blank" rel="nofollow noopener noreferrer">Trojan Horse %28Computing%29</a>

    for other information about virus please check the link below....

    #-Link-Snipped-#




    >>
    Are you sure? This action cannot be undone.
    Cancel
  • esakiraja

    MemberJul 28, 2008

    how does the virus affect the zero sector of the hard disk..??? Is there any way to recover to data from the hard disk even after the zero sector is destroyed???
    Are you sure? This action cannot be undone.
    Cancel
  • sauravgoswami

    MemberJul 28, 2008

    well,its opens nothing i mean it remains as it is,id clicked many times then either it opens new window or hangs the comp

    Neha
    Does the new folder opened have the same contents as your folder??

    Would it be right to say that when you open the folder, its opened in a new window and not the same one?
    Are you sure? This action cannot be undone.
    Cancel
  • gohm

    MemberJul 28, 2008

    You can also install and run programs like hijackthis! which will not in itself remove the offense but will create a log that will identify the offending item if you are IT savvy or there are many forums you can post your log on for help. I myself like my anti-virus program along with spybot s&d for removal/protection. The best way to avoid viruses... washing your hands frequently... ha!
    Are you sure? This action cannot be undone.
    Cancel
  • avinash546

    MemberAug 18, 2008

    the most irritating virus is found was hacktool.rootkit

    and i had to format my whole of hard disk to get rid of it???

    so any suggetions how to remove the virus...

    i have tried hijack this tool, with sinmply no results
    Are you sure? This action cannot be undone.
    Cancel
  • anuragh27crony

    MemberAug 18, 2008

    Mostly USB drives spread Viruses and an Unknown particles called Spyware..... these are need to be taken care of because most of the antivirus softwares fails to mitigate them...like the most frequently is...

    1. when ever you double click any of drives it doesn't open....because there's an hidden file Autorun.inf ...which runs automatically when we double click any dirve and it does what ever work is specified in that file......so leading to stealing the user private data on that system.....

    These can be easily detected using anti-spyware softwares....like Spyware Terminator (free S/W and works excellent)....

    so a good system means updated Antivirus and anti-Spyware software....

    PS: Correct me if iam wrong
    Are you sure? This action cannot be undone.
    Cancel
  • master

    MemberAug 22, 2008

    Nice work Neha !
    I am totally convinced with you .Thanks for such thread.........

    #-Link-Snipped-#
    Are you sure? This action cannot be undone.
    Cancel
  • vijayrock

    MemberAug 22, 2008

    Viruses usally create a registry entry or targets the windows directory especially system32 files.Registry is very easily accessible to many applications.
    Firewall might help a bit.measures are taken to remove the viruses aftermath the attack.But Something has to be done to stop the virus from entering the system.
    Are you sure? This action cannot be undone.
    Cancel
  • anki_0305

    MemberAug 23, 2008

    if some system files are infected by the virus , should these files be deleted?
    and incase these files are deleted, won't the system will malfunction?
    Are you sure? This action cannot be undone.
    Cancel
  • shadeslayer

    MemberAug 23, 2008

    if any system files are infected then you should not delete that files unless and until it is necessary otherwise you delete that files then you OS will crash and then you can repair it using your bootable disk
    Are you sure? This action cannot be undone.
    Cancel
  • master

    MemberSep 7, 2008

    Virus causes computer crash at, "Verifying memory pool data." Hi, my computer recently crashed (Melissa virus?) and now I can not get it past... verifying pool data.. I can't type any thing. What should I do??#-Link-Snipped-##-Link-Snipped-#
    Are you sure? This action cannot be undone.
    Cancel
  • Neha

    MemberSep 11, 2008

    The following link covers the detail on Melissa.

    Check out: #-Link-Snipped-#
    Are you sure? This action cannot be undone.
    Cancel
  • Neha

    MemberSep 11, 2008

    boot.vbs

    boot.vbs has been as identified as a program that z undesirable to be running on your computer.

    Detection: A message like "Cannot find script file C:\windows\system32\boot.vbs" appears at the start up of windows.

    Removal
    The virus can be manually remvoed.
    Follow the link:
    #-Link-Snipped-#
    Are you sure? This action cannot be undone.
    Cancel
  • Raviteja.g

    MemberSep 12, 2008

    can you help me to know about trozans
    Are you sure? This action cannot be undone.
    Cancel
  • prabhat kumar

    MemberSep 14, 2008

    thanks for all discussion.my pc also infected with virus autorun.exe,antivirus is not working for that
    Are you sure? This action cannot be undone.
    Cancel
  • Neha

    MemberSep 20, 2008

    autorun.exe is a process which automatically runs a program from a CD-ROM when the CD is inserted in the disk drive. The process autorun is not a virus.
    Are you sure? This action cannot be undone.
    Cancel
  • shivakumar098

    MemberSep 20, 2008

    than ku.............
    Are you sure? This action cannot be undone.
    Cancel
  • viswa_techee

    MemberSep 29, 2008

    One of the best ways to protect yourself from viruses is from proactive defense. Among college students, virus propagation is greatest through USB flash drives. When they plug them back into their own computer or laptop, the virus goes straight into action.

    To stop that, use programs such as TweakUI to disable the autorun function. Next, always scan the drive before opening it. However, sometimes scanning isn't always practical because your USB may contain a gigabyte or more of data. What you can do is right-click and click on "Explore" instead of "Open". Then, make sure "Show Hidden Files" option is selected. Viri and their autorun files usually reside at the "root" of the USB, so you can immediately spot them and delete them.

    There are some instances that the "Explore" function is hijacked by the autorun file as well as the "Open" function. You'll know this if it is bold in text. In that case, access the drive through a file exploring program.

    What I can suggest is that you put all your files in a folder (or a few folders) in the USB. That way, you can easily see any program that installs itself on the root of the USB drive. Also, even if you cannot stop virus files installing themselves on the USB, you can stop their "autorun" files being placed as well. You can create "fake" autorun files that cannot be over written by virus ones 😉 A program that can do that is this (<a href="https://experi3nc3.wordpress.com/2007/05/10/flash-disinfector-by-subs/" target="_blank" rel="nofollow noopener noreferrer">Flash Disinfector – Flash Drive Autorun Malware Remover by sUBs | eXPeri3nc3's Corner</a>). That program can also fix some errors caused by virus.

    Thats it for now![/quote]
    Are you sure? This action cannot be undone.
    Cancel
  • slashfear

    MemberMay 6, 2009

    Neha
    autorun.exe is a process which automatically runs a program from a CD-ROM when the CD is inserted in the disk drive. The process autorun is not a virus.
    Hey Neha,

    First of all nice thread, and just wanna correct you buddy, what you said about autorun is right but there is a virus as autorun.exe the way to identify this virus is as follows:
    -> It will have a folder icon (instead of an exe icon)
    -> It's name starts capital A like "Autorun.exe"

    This virus usually spreads through USB (and yes like any other virus it was originated from internet 😁)

    It from "Salty AI worm" family . The functionality of this virus is it just spreads to all your drives and just replicates itself like all the worm virus then overload your memory and slow down your system performance level.

    -Arvind (slashfear)
    Are you sure? This action cannot be undone.
    Cancel
  • Anil Jain

    MemberSep 29, 2009

    Please refer : #-Link-Snipped-#
    Are you sure? This action cannot be undone.
    Cancel
Home Channels Search Login Register