Neha
Neha
Branch Unspecified
25 Jul 2008

All about viruses

Hi!
Am starting a thread on viruses, the most common thing that effect our PCs/laptops almost daily.

Lets discuss some common viruses and how to tackle them where our antivirus fails.
Ashraf HZ

Ashraf HZ

Communications
26 Jul 2008
Good idea, Neha.

One of the best ways to protect yourself from viruses is from proactive defense. Among college students, virus propagation is greatest through USB flash drives. When they plug them back into their own computer or laptop, the virus goes straight into action.

To stop that, use programs such as TweakUI to disable the autorun function. Next, always scan the drive before opening it. However, sometimes scanning isn't always practical because your USB may contain a gigabyte or more of data. What you can do is right-click and click on "Explore" instead of "Open". Then, make sure "Show Hidden Files" option is selected. Viri and their autorun files usually reside at the "root" of the USB, so you can immediately spot them and delete them.

There are some instances that the "Explore" function is hijacked by the autorun file as well as the "Open" function. You'll know this if it is bold in text. In that case, access the drive through a file exploring program.

What I can suggest is that you put all your files in a folder (or a few folders) in the USB. That way, you can easily see any program that installs itself on the root of the USB drive. Also, even if you cannot stop virus files installing themselves on the USB, you can stop their "autorun" files being placed as well. You can create "fake" autorun files that cannot be over written by virus ones 😉 A program that can do that is this (Flash Disinfector « eXPeri3nc3’s Corner). That program can also fix some errors caused by virus.

Thats it for now!
Neha

Neha

Branch Unspecified
26 Jul 2008
Thanks Ash!

Its good to start with USBs as they are the common but risky mode of transferring data these days.

First of all, cancel the autoplay option(appears when you plug in your USB) asking you to "open folders to view files", "take no action" etc. This decreases the chances of virus spreading.

Now, some of the common viruses that are spreading through USBs:
  • Ravmon.exe
  • New Folder.exe
  • Orkut is banned
Removing Virus

The following steps may help you remove some of common viruses:

1. Open the command prompt.
Start>Run>cmd

2. In the command prompt, type the drive letter(eg. G: ) and press enter. This will display a list of the files in the pen drive. Check whether the following files are there or not
  • Autorun.inf
  • Ravmon.exe
  • New Folder.exe
  • svchost.exe
  • Heap41a
  • or any other exe file which may be suspicious.
If any of the above files are there, then probably the USB drive is infected.

3. In command prompt type attrib -r -a -s -h *.* and press enter. This will remove the Read Only, Archive, System and hidden file attribute from all the files. Now just delete the files using the command del filename. example del Ravmon.exe. Delete all the files that are suspicious.
sauravgoswami

sauravgoswami

Electronic
26 Jul 2008
well i m encountering a trojan which opens new folder by the name of the folder i have just accessed,treid antivirus,but got temporary relief
Neha

Neha

Branch Unspecified
27 Jul 2008
Does the new folder opened have the same contents as your folder??

Would it be right to say that when you open the folder, its opened in a new window and not the same one?
KSHIRABDHI

KSHIRABDHI

Branch Unspecified
28 Jul 2008
hi everybody
i am new here in CE
plez tell me something abt trojan
yudi

yudi

Branch Unspecified
28 Jul 2008
--kshirabdhi
about trojans
Trojan horse (computing) - Wikipedia, the free encyclopedia

for other information about virus please check the link below....

Computer viruses: description, prevention, and recovery




>>
esakiraja

esakiraja

Branch Unspecified
28 Jul 2008
how does the virus affect the zero sector of the hard disk..??? Is there any way to recover to data from the hard disk even after the zero sector is destroyed???
sauravgoswami

sauravgoswami

Electronic
28 Jul 2008
well,its opens nothing i mean it remains as it is,id clicked many times then either it opens new window or hangs the comp

Neha
Does the new folder opened have the same contents as your folder??

Would it be right to say that when you open the folder, its opened in a new window and not the same one?
gohm

gohm

Branch Unspecified
28 Jul 2008
You can also install and run programs like hijackthis! which will not in itself remove the offense but will create a log that will identify the offending item if you are IT savvy or there are many forums you can post your log on for help. I myself like my anti-virus program along with spybot s&d for removal/protection. The best way to avoid viruses... washing your hands frequently... ha!
avinash546

avinash546

Branch Unspecified
18 Aug 2008
the most irritating virus is found was hacktool.rootkit

and i had to format my whole of hard disk to get rid of it???

so any suggetions how to remove the virus...

i have tried hijack this tool, with sinmply no results
anuragh27crony

anuragh27crony

Branch Unspecified
19 Aug 2008
Mostly USB drives spread Viruses and an Unknown particles called Spyware..... these are need to be taken care of because most of the antivirus softwares fails to mitigate them...like the most frequently is...

1. when ever you double click any of drives it doesn't open....because there's an hidden file Autorun.inf ...which runs automatically when we double click any dirve and it does what ever work is specified in that file......so leading to stealing the user private data on that system.....

These can be easily detected using anti-spyware softwares....like Spyware Terminator (free S/W and works excellent)....

so a good system means updated Antivirus and anti-Spyware software....

PS: Correct me if iam wrong
master

master

Branch Unspecified
23 Aug 2008
Nice work Neha !
I am totally convinced with you .Thanks for such thread.........

Tacoma Esplanade Condominiums|Tacoma Esplanade Condos.
vijayrock

vijayrock

Branch Unspecified
23 Aug 2008
Viruses usally create a registry entry or targets the windows directory especially system32 files.Registry is very easily accessible to many applications.
Firewall might help a bit.measures are taken to remove the viruses aftermath the attack.But Something has to be done to stop the virus from entering the system.
anki_0305

anki_0305

Branch Unspecified
23 Aug 2008
if some system files are infected by the virus , should these files be deleted?
and incase these files are deleted, won't the system will malfunction?
shadeslayer

shadeslayer

Branch Unspecified
24 Aug 2008
if any system files are infected then you should not delete that files unless and until it is necessary otherwise you delete that files then you OS will crash and then you can repair it using your bootable disk
master

master

Branch Unspecified
07 Sep 2008
Virus causes computer crash at, "Verifying memory pool data." Hi, my computer recently crashed (Melissa virus?) and now I can not get it past... verifying pool data.. I can't type any thing. What should I do??
Neha

Neha

Branch Unspecified
11 Sep 2008
The following link covers the detail on Melissa.

Check out: Details about the computer virus called melissa
Neha

Neha

Branch Unspecified
12 Sep 2008
boot.vbs

boot.vbs has been as identified as a program that z undesirable to be running on your computer.

Detection: A message like "Cannot find script file C:\windows\system32\boot.vbs" appears at the start up of windows.

Removal
The virus can be manually remvoed.
Follow the link:
https://www.technize.com/2008/05/23/how-to-remove-bootvbs-virus/
Raviteja.g

Raviteja.g

Branch Unspecified
12 Sep 2008
can you help me to know about trozans
prabhat kumar

prabhat kumar

Branch Unspecified
14 Sep 2008
thanks for all discussion.my pc also infected with virus autorun.exe,antivirus is not working for that
Neha

Neha

Branch Unspecified
20 Sep 2008
autorun.exe is a process which automatically runs a program from a CD-ROM when the CD is inserted in the disk drive. The process autorun is not a virus.
shivakumar098

shivakumar098

Branch Unspecified
20 Sep 2008
than ku.............
viswa_techee

viswa_techee

Branch Unspecified
30 Sep 2008
One of the best ways to protect yourself from viruses is from proactive defense. Among college students, virus propagation is greatest through USB flash drives. When they plug them back into their own computer or laptop, the virus goes straight into action.

To stop that, use programs such as TweakUI to disable the autorun function. Next, always scan the drive before opening it. However, sometimes scanning isn't always practical because your USB may contain a gigabyte or more of data. What you can do is right-click and click on "Explore" instead of "Open". Then, make sure "Show Hidden Files" option is selected. Viri and their autorun files usually reside at the "root" of the USB, so you can immediately spot them and delete them.

There are some instances that the "Explore" function is hijacked by the autorun file as well as the "Open" function. You'll know this if it is bold in text. In that case, access the drive through a file exploring program.

What I can suggest is that you put all your files in a folder (or a few folders) in the USB. That way, you can easily see any program that installs itself on the root of the USB drive. Also, even if you cannot stop virus files installing themselves on the USB, you can stop their "autorun" files being placed as well. You can create "fake" autorun files that cannot be over written by virus ones 😉 A program that can do that is this (Flash Disinfector « eXPeri3nc3’s Corner). That program can also fix some errors caused by virus.

Thats it for now![/quote]
slashfear

slashfear

Branch Unspecified
06 May 2009
Neha
autorun.exe is a process which automatically runs a program from a CD-ROM when the CD is inserted in the disk drive. The process autorun is not a virus.
Hey Neha,

First of all nice thread, and just wanna correct you buddy, what you said about autorun is right but there is a virus as autorun.exe the way to identify this virus is as follows:
-> It will have a folder icon (instead of an exe icon)
-> It's name starts capital A like "Autorun.exe"

This virus usually spreads through USB (and yes like any other virus it was originated from internet 😁)

It from "Salty AI worm" family . The functionality of this virus is it just spreads to all your drives and just replicates itself like all the worm virus then overload your memory and slow down your system performance level.

-Arvind (slashfear)

Share this content on your social channels -

Only logged in users can reply.