How to protect from viruses that spread through USB drives

As USB drives become cheaper day by day, their usage is growing. Most of the virus today spread through USB drives. This post is concentrates on how prevent viruses that spread in this way.

As I told previously, My posts concentrate only on windows security. In all versions of windows, when ever a removable device is plugged in you might seen an AUTOPLAY dialog popping up. This shows tasks that can e performed on that removable device. Whether you utilize this feature or not, this is mostly utilized by viruses to run automatically in your system.

Most common viruses have a configuration file by name autorun.inf which contains information what to do when you plug in a removable device. This is exploited by viruses which create/modify autorun.inf to that will make themselves to automatically run when an infected removable device is plugged in.

So first to prevent viruses running automatically remove this feature by disabling autorun.This can be removed manually by registry editing or else by using software. Secondly you should not double click drive icon in My computer, instead you should right click it and click on explore.

All viruses are usually hidden, because they make them selves as system files. Manually one can remove virus files by removing all hidden files in the removable disk which one did not copy into it.Hidden files can be shown by enabling “show hidden files and folders” and disabling “Hide protected operating system files” under view tab of FOLDER OPTIONS present in TOOLS menu of any explorer window.

usbdisk security


  Also there are antivirus softwares that are specialized to remove viruses that spread thru USB removable devices.One of them is USB DISK SECURITY. This is not a freeware. But you can find licenses by googling.

  I can give you a Download link to trial of this software which has functional limitations.The snapshot of this software is given here.


Technorati Tags: ,
Posted by 1 comment:

Preventing Viruses from affecting a computer

        It is inevitable requisite of every user of the computer to prevent viruses from attacking his/her computer.To help this cause,I am trying to help those people who have minimal knowledge of how do viruses attack computer’s operating system and also the people who are advanced users in my forth coming posts.

        I would try and publish preventive measures and also the solutions to most of the viruses in a understandable way even to an amateur user.Before doing this, I would like to explain some ways through which viruses attack computers.However my posts would be mainly concentrated on Windows Operating System.

       If you notice something that’s not usually there, it might be a virus. Or if you notice websites or applications popping up at random or at startup without your opening your browser, your computer could have some form of unknown malware in it that you need to remove with updated antivirus software. If there are such symptoms on your computer, and your antivirus software cannot fix it, then it might be a good idea to get in touch with your antivirus software’s customer or technical support, so they can study the problem, and possibly include the new malware or virus in their definitions list.

       Coming to the matter,Today I am posting what is a virus program and how it would attack an OS

Virus

A virus infects other files, by injecting the malicious code into the code of the legitimate file. Viruses can infect both data and program files.To get more about what a virus is visit [this link].

A virus attacks a computer in many ways.However here I am posting some of the ways through which virus can attack a computer.

It may attack through Internet or through any Removable devices(DVDs, CDs, Pen Drives, Memory Sticks)

In next post, I will post how to prevent virus which attacks a computer through Removable Devices.

Keep watching for my upcoming posts…

Posted by No comments:
Labels:

Windows SteadyState : Share your computer without any worry

Capture
       Windows SteadyState is a tool developed by Microsoft that gives administrators enhanced options for configuring shared computers, such as hard drive protection and advanced user management. It is primarily designed for use on computers shared by multiple people, such as internet cafes, schools, libraries etc. SteadyState is the successor to the Shared Computer Toolkit. SteadyState is available free of charge from Microsoft for computers running Windows XP and Vista. A 64-bit version is not currently available.
The features of the Windows steady state include

Windows Disk Protection

SteadyState includes the ability to revert a computer to a previously stored state every time it reboots, or when an administrator sets it to. When Windows Disk Protection (WDP) is turned on, writes to the boot volume (the volume containing the Windows directory) are stored in a cache file created by SteadyState. WDP offers three modes of protection- Discard, Persist, Commit.

User Settings

User accounts can be locked or forced to log off after certain intervals. A locked account uses a temporary copy of the user's profile during the user's session. When the user logs off, the temporary profile is deleted. This ensures that any changes the user made during his session are not permanent. The user's session can also be limited to a specified duration, or logged off if idle.

Software Restriction

SteadyState provides simple control of more than 80 restrictions covering both individual users as well as the system as a whole. Many of these settings are based on Windows' Group Policies, while others are implemented by SteadyState itself. Using SteadyState, an administrator can forbid a user from performing actions that may be undesirable for that environment. Some settings include the ability to turn off the control panel, disable registry editing tools, disable the command prompt, and stop the user from executing batch files or programs not in the windows or program folders.
Computer settings can also be applied. Since SteadyState would normally remove any Windows updates or security patches installed, SteadyState can be configured to check for and apply updates in a manner that they will not be removed upon rebooting. Administrators can also choose to make other system-wide changes, such as disabling the welcome screen, removing the shutdown dialog from the logon screen, and hiding the built-in Windows Administrator account.
The administrator can block access to specified programs on a per-user basis. SteadyState presents a list of programs found in the Program Files directory of Windows and on the common desktop. Programs from other locations can be added manually.

[Download link for SteadyState 2.5]
Posted by No comments:
Labels:
Subscribe to: Posts (Atom)