Thursday, April 9, 2009

Flash drives Autorun viruses

I think removable media devices viruses, is one of the most annoying and time consuming computer problems ,or to be more specified Windows XP users problems, while Windows Vista and Windows 7 have the UAC (user access control) which require user to confirm the malicious virus actions before it happen, Windows XP lacking to a similar feature, so whats happen actually, simply thats what happen:
Windows XP by default configured to autorun any removable device (removable devies like CD-ROM, flash memorey, Mp3 players, digital cameras, etc...)
- The innocent user simply plug its infected device.
- Windows start to read from the autorun.inf file on the device.(Autorun.inf contain information
about the excutable file (the virus in our case) )












-The excutable file (the virus) run infecting your machine!

-The virus itself start to copy itself (and its autorun.inf) to all partitions, so each time you try to open any partition or device Windows autorun it back and infect your machine, or another machine this device moved to!

Sometimes user format its machine using Windows CD and installing a new clean fresh install, then he or she find his machine infected after it which make them wonder how is that happen?!
simply the virus copied itself to the other partitions, and when the user double click on any other partition Windows try to autorun it which means autorun the virus and infect the whole system back!
Silly feature isn't it !?
so what can we do to get rid of this feature and to avoid the virus infection?
We have to follow this steps carefully after installing Windows:

1- Finish installing Windows
2- After fnish installing Windows, We will install tweakUI tool from microsoft site:
http://download.microsoft.com/download/f/c/a/fca6767b-9ed9-45a6-b352-839afb2a2679/TweakUiPowertoySetup.exe
3-We will open tweakUI and go to My Computer>Autoplay>drives
and we will uncheck them all!
















4-We will Apply it then we will restart our machine,
Now try to plug a Flash drive and it will not autoplay and even if its contain a virus it will not affect your machine with ALLAH well :-).

لعرض عدد الهارد ديسك المتصل بالكمبيوتر:   #!/bin/bash foo=$(lsblk | grep -c ^sd*) final=$[$foo-1] printf '%b\n' "You have...