All about viruses

Neha
Member • Jul 25, 2008

All about viruses

Hi!
Am starting a thread on viruses, the most common thing that effect our PCs/laptops almost daily.

Lets discuss some common viruses and how to tackle them where our antivirus fails.

Replies

Howdy guest!

Dear guest, you must be logged-in to participate on CrazyEngineers. We would love to have you as a member of our community. Consider creating an account or login.

Replies

Ashraf HZ

Member • Jul 25, 2008

Good idea, Neha.

One of the best ways to protect yourself from viruses is from proactive defense. Among college students, virus propagation is greatest through USB flash drives. When they plug them back into their own computer or laptop, the virus goes straight into action.

To stop that, use programs such as TweakUI to disable the autorun function. Next, always scan the drive before opening it. However, sometimes scanning isn't always practical because your USB may contain a gigabyte or more of data. What you can do is right-click and click on "Explore" instead of "Open". Then, make sure "Show Hidden Files" option is selected. Viri and their autorun files usually reside at the "root" of the USB, so you can immediately spot them and delete them.

There are some instances that the "Explore" function is hijacked by the autorun file as well as the "Open" function. You'll know this if it is bold in text. In that case, access the drive through a file exploring program.

What I can suggest is that you put all your files in a folder (or a few folders) in the USB. That way, you can easily see any program that installs itself on the root of the USB drive. Also, even if you cannot stop virus files installing themselves on the USB, you can stop their "autorun" files being placed as well. You can create "fake" autorun files that cannot be over written by virus ones 😉 A program that can do that is this (<a href="https://experi3nc3.wordpress.com/2007/05/10/flash-disinfector-by-subs/" target="_blank" rel="nofollow noopener noreferrer">Flash Disinfector – Flash Drive Autorun Malware Remover by sUBs | eXPeri3nc3's Corner</a>). That program can also fix some errors caused by virus.

Thats it for now!

Are you sure? This action cannot be undone.
Cancel
Neha

Member • Jul 25, 2008
Thanks Ash!

Its good to start with USBs as they are the common but risky mode of transferring data these days.

First of all, cancel the autoplay option(appears when you plug in your USB) asking you to "open folders to view files", "take no action" etc. This decreases the chances of virus spreading.

Now, some of the common viruses that are spreading through USBs:
- Ravmon.exe
- New Folder.exe
- Orkut is banned
Removing Virus

The following steps may help you remove some of common viruses:

1. Open the command prompt.
Start>Run>cmd

2. In the command prompt, type the drive letter(eg. G: ) and press enter. This will display a list of the files in the pen drive. Check whether the following files are there or not
- Autorun.inf
- Ravmon.exe
- New Folder.exe
- svchost.exe
- Heap41a
- or any other exe file which may be suspicious.
If any of the above files are there, then probably the USB drive is infected.

3. In command prompt type attrib -r -a -s -h *.* and press enter. This will remove the Read Only, Archive, System and hidden file attribute from all the files. Now just delete the files using the command del filename. example del Ravmon.exe. Delete all the files that are suspicious.
Are you sure? This action cannot be undone.
Cancel
sauravgoswami

Member • Jul 25, 2008

well i m encountering a trojan which opens new folder by the name of the folder i have just accessed,treid antivirus,but got temporary relief

Are you sure? This action cannot be undone.
Cancel
Neha

Member • Jul 27, 2008

Does the new folder opened have the same contents as your folder??

Would it be right to say that when you open the folder, its opened in a new window and not the same one?

Are you sure? This action cannot be undone.
Cancel
KSHIRABDHI

Member • Jul 27, 2008

hi everybody
i am new here in CE
plez tell me something abt trojan

Are you sure? This action cannot be undone.
Cancel
yudi

Member • Jul 28, 2008

--kshirabdhi
about trojans
<a href="https://en.wikipedia.org/wiki/Trojan_horse_%28computing%29" target="_blank" rel="nofollow noopener noreferrer">Trojan Horse %28Computing%29</a>

for other information about virus please check the link below....

#-Link-Snipped-#

>>

Are you sure? This action cannot be undone.
Cancel
esakiraja

Member • Jul 28, 2008

how does the virus affect the zero sector of the hard disk..??? Is there any way to recover to data from the hard disk even after the zero sector is destroyed???

Are you sure? This action cannot be undone.
Cancel
sauravgoswami

Member • Jul 28, 2008

well,its opens nothing i mean it remains as it is,id clicked many times then either it opens new window or hangs the comp

Neha
Does the new folder opened have the same contents as your folder??

Would it be right to say that when you open the folder, its opened in a new window and not the same one?

Are you sure? This action cannot be undone.
Cancel
gohm

Member • Jul 28, 2008

You can also install and run programs like hijackthis! which will not in itself remove the offense but will create a log that will identify the offending item if you are IT savvy or there are many forums you can post your log on for help. I myself like my anti-virus program along with spybot s&d for removal/protection. The best way to avoid viruses... washing your hands frequently... ha!

Are you sure? This action cannot be undone.
Cancel
avinash546

Member • Aug 18, 2008

the most irritating virus is found was hacktool.rootkit

and i had to format my whole of hard disk to get rid of it???

so any suggetions how to remove the virus...

i have tried hijack this tool, with sinmply no results

Are you sure? This action cannot be undone.
Cancel
anuragh27crony

Member • Aug 18, 2008

Mostly USB drives spread Viruses and an Unknown particles called Spyware..... these are need to be taken care of because most of the antivirus softwares fails to mitigate them...like the most frequently is...

1. when ever you double click any of drives it doesn't open....because there's an hidden file Autorun.inf ...which runs automatically when we double click any dirve and it does what ever work is specified in that file......so leading to stealing the user private data on that system.....

These can be easily detected using anti-spyware softwares....like Spyware Terminator (free S/W and works excellent)....

so a good system means updated Antivirus and anti-Spyware software....

PS: Correct me if iam wrong

Are you sure? This action cannot be undone.
Cancel
master

Member • Aug 22, 2008

Nice work Neha !
I am totally convinced with you .Thanks for such thread.........

#-Link-Snipped-#

Are you sure? This action cannot be undone.
Cancel
vijayrock

Member • Aug 22, 2008

Viruses usally create a registry entry or targets the windows directory especially system32 files.Registry is very easily accessible to many applications.
Firewall might help a bit.measures are taken to remove the viruses aftermath the attack.But Something has to be done to stop the virus from entering the system.

Are you sure? This action cannot be undone.
Cancel
anki_0305

Member • Aug 23, 2008

if some system files are infected by the virus , should these files be deleted?
and incase these files are deleted, won't the system will malfunction?

Are you sure? This action cannot be undone.
Cancel
shadeslayer

Member • Aug 23, 2008

if any system files are infected then you should not delete that files unless and until it is necessary otherwise you delete that files then you OS will crash and then you can repair it using your bootable disk

Are you sure? This action cannot be undone.
Cancel
master

Member • Sep 7, 2008

Virus causes computer crash at, "Verifying memory pool data." Hi, my computer recently crashed (Melissa virus?) and now I can not get it past... verifying pool data.. I can't type any thing. What should I do??#-Link-Snipped-##-Link-Snipped-#

Are you sure? This action cannot be undone.
Cancel
Neha

Member • Sep 11, 2008

The following link covers the detail on Melissa.

Check out: #-Link-Snipped-#

Are you sure? This action cannot be undone.
Cancel
Neha

Member • Sep 11, 2008

boot.vbs

boot.vbs has been as identified as a program that z undesirable to be running on your computer.

Detection: A message like "Cannot find script file C:\windows\system32\boot.vbs" appears at the start up of windows.

Removal
The virus can be manually remvoed.
Follow the link:
#-Link-Snipped-#

Are you sure? This action cannot be undone.
Cancel
Raviteja.g

Member • Sep 12, 2008

can you help me to know about trozans

Are you sure? This action cannot be undone.
Cancel
prabhat kumar

Member • Sep 14, 2008

thanks for all discussion.my pc also infected with virus autorun.exe,antivirus is not working for that

Are you sure? This action cannot be undone.
Cancel
Neha

Member • Sep 20, 2008

autorun.exe is a process which automatically runs a program from a CD-ROM when the CD is inserted in the disk drive. The process autorun is not a virus.

Are you sure? This action cannot be undone.
Cancel
shivakumar098

Member • Sep 20, 2008

than ku.............

Are you sure? This action cannot be undone.
Cancel
viswa_techee

Member • Sep 29, 2008

One of the best ways to protect yourself from viruses is from proactive defense. Among college students, virus propagation is greatest through USB flash drives. When they plug them back into their own computer or laptop, the virus goes straight into action.

To stop that, use programs such as TweakUI to disable the autorun function. Next, always scan the drive before opening it. However, sometimes scanning isn't always practical because your USB may contain a gigabyte or more of data. What you can do is right-click and click on "Explore" instead of "Open". Then, make sure "Show Hidden Files" option is selected. Viri and their autorun files usually reside at the "root" of the USB, so you can immediately spot them and delete them.

There are some instances that the "Explore" function is hijacked by the autorun file as well as the "Open" function. You'll know this if it is bold in text. In that case, access the drive through a file exploring program.

What I can suggest is that you put all your files in a folder (or a few folders) in the USB. That way, you can easily see any program that installs itself on the root of the USB drive. Also, even if you cannot stop virus files installing themselves on the USB, you can stop their "autorun" files being placed as well. You can create "fake" autorun files that cannot be over written by virus ones 😉 A program that can do that is this (<a href="https://experi3nc3.wordpress.com/2007/05/10/flash-disinfector-by-subs/" target="_blank" rel="nofollow noopener noreferrer">Flash Disinfector – Flash Drive Autorun Malware Remover by sUBs | eXPeri3nc3's Corner</a>). That program can also fix some errors caused by virus.

Thats it for now![/quote]

Are you sure? This action cannot be undone.
Cancel
slashfear

Member • May 6, 2009

Neha
autorun.exe is a process which automatically runs a program from a CD-ROM when the CD is inserted in the disk drive. The process autorun is not a virus.
Hey Neha,

First of all nice thread, and just wanna correct you buddy, what you said about autorun is right but there is a virus as autorun.exe the way to identify this virus is as follows:
-> It will have a folder icon (instead of an exe icon)
-> It's name starts capital A like "Autorun.exe"

This virus usually spreads through USB (and yes like any other virus it was originated from internet 😁)

It from "Salty AI worm" family . The functionality of this virus is it just spreads to all your drives and just replicates itself like all the worm virus then overload your memory and slow down your system performance level.

-Arvind (slashfear)

Are you sure? This action cannot be undone.
Cancel
Anil Jain

Member • Sep 29, 2009

Please refer : #-Link-Snipped-#

Are you sure? This action cannot be undone.
Cancel