Saturday, December 26, 2009

!Protect Yourself from Threats! A step to USB Security!

Depending On Anti-viruses especially without an Internet Connection or Premium License is Foolishness!.
Today, not like old days, Infection of Viruses has a lot of Dimensions. An attack may  lead to effects like
-Disabled Features( Like TaskManger, Registry, Installers..etc)
-Remote Administration Control( Your System gets controlled by Some one in Some part of World!!)
-Unnecessary Add-ons , Change of System Configs etc

"Instantaneous" updates of an Antivirus may prevent an Attack, but why to depend on a software which can make the condition of your System more worse than an attack!???...Lets try to defend ourselves.
Lets find out how to find & identify &resolve & prevent Virus Attacks (May not be everything But Atleast some..)

Old school 7 Text book techniques & principles are the powerfull source of Protection. Everyone is familiar with DOS prompt Window. Load DOS prompt by typing "cmd" without quotes.A window like below comes.



DOS works using commands, various DOS commands and their usage Syntax can be found and learned from here:
http://www.easydos.com/dosindex.html
http://www.computerhope.com/overview.htm

Here we deal with only some commands like CD, ATTRIB, DEL, DIR etc

Open the DOS romt typing cmd   in Run Command( type 'Command Prompt' in Vista).
Viruses which comes from USB Drives can easily be detected by this method. However CD's cant be applied.
Plug the USB drive/Card & wait 1 min for Installation of Device.

Find the drive letter (like C,D,E..) from My Computer. and in cmd Window You can see a prompt String ending with > character. Type 'DriveLetter: ' ie eg G: or F: etc. The prompt string changes to G:> or F:>
ie We have reached the Destination Drive.

Use DIR command at this prompt to see the available( excluding Hidden Ones) Directories and Files with their details.



Now lets find someone hiding behind. the command ATTRIB can change the attribute of files or folders.
So lets use this command to Unhide all files in background.
In the prompt type
attrib -s -h -r -a *.*
This command will unhide all the files hidden. check with dir again  to find the new ones. Check for files with extensions .exe .bat .cmd .pif etc.,which were added now to the list.Also note the famous "Autorun.Inf".
You can delete these files indvidually by using del command at prompt in format delete file.ext .


Now you are free from major and fastest infections.  Please look for this common infectious files:

regsvr.exe
NewFolder.exe
scvhost.exe
c.exe
RE  -FOLDER
C    - FOLDER
autorun.inf
windrv.exe

Take doubt on every file to which u r not familiar, especially with above said extensions.

  
Posted by Mr.K at 5:07 AM
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)