reinicidencia There are so many cases of viruses transmitted by USB sticks that I decided to post some powerful tips to help you avoid contaminating your PC with the pesky virus from USB keys.
reality of things: ** 1. USB flash drives are 100% unsafe, it appears that I am not saying by this that we should no longer use USB sticks, but I mean its very structure makes them unsafe, I mean the feature or Autorun Autorun - although at one point was useful or in some cases still is - is to blame for most infections of PCs via USB drives. ** 2. As once said: Autorun is the ability of several operating systems that perform an action when you insert removable media such as CD, DVD or USB memory. As you can see, some developers of these virus exploits the autorun feature to run their fearsome creations. ** 3. The use of USB has triggered enormous promiscuity, as we use for almost everything, connecting the poor to any computer to upload or download information.
- Knowing this, I am sure you will never stop infecting your USB drive because you might at some point connect to a machine infected and the infected machine will infect your memory.
- GUIDE But with this 100% proven, I conclude that no matter if you infect your USB memory a million times, YOU HAVE NO REASON USB MEMORY NECESSARILY INFECT YOUR COMPUTER. How?? You'll see.
The information security chain, the weakest link us: USERS, because most malware requires some interaction from us, either by opening a suspicious web page, opening "photos "via msn, opening an email from a stranger, looking for cracks of programs on pages that may contain exploits for your browser, from chain e (exposing addresses of contacts), down programs pirate patches down deregulation of software testing, and launch viruses USB MEMORY FROM OUR often without realizing it.
- So let's ensure your privacy and integrity from the highest point: THE INTERNET:
- 1. If you use Internet Explorer, use version 7 and keep it updated. (Personally I do not use). 2. Use an alternative browser such as Mozilla Firefox or Opera. (I use Firefox)
3. Keep your antivirus optional aftermarket. 4. Do not accept "photos" via MSN, there are virus sends itself via IM messages into believing that someone from our contacts we are sending photos to walk, etc. .. Question first to contact if you are sending something. The following pictures show typical cases of infected machines the virus sends the message via MSN pretending your contact is by sending photos:
* The following image shows the file "photo" received and opened in Winzip and looks like this:
- click on photo to enlarge But now let's see, we expand the view to see the name of the alleged picture and see that the name of the supposed photo. com. click on photo to Enlarge
photo files have extensions: jpeg, jpg, bmp, png, gif, tiff, but never should never end in. Com,. Exe,. Cmd. Bat,. Scr . pif. So this is a virus that tries to make us believe that is a picture, but seeing your full name, we discovered. ** 5. Never open unsolicited or unknown, or download email attachments from strangers. The following pictures show
* 6. Do not visit porn sites, cracks or serial programs.
* 7. If possible try not to look for cracks or patches to demos of programs and run them alone.If you follow these steps you have a little over 50% of security on your machine.
Now the remaining 50% is very important, LOCAL SECURITY:1. Disable Autorun on all drives. For some it is a bit annoying, but if you put in balance: A few seconds apart to access the device to disable the automatic execution against our team to expose who knows what kind of bugs, I think we all prefer not to expose our security. To disable autorun, download this script.
NOTE: The script to disable Autorun requests Enter "1" (One) to Enable Autorun (which I do not recommend but I put it to those who will gamble at your own risk), or enter "0" (Zero) to Disable Autorun (100% recommended by Tonky)
(
Download Disable Autorun)
** 2. If you often carry programs, facilities and / or runtime, save it in a ZIP or RAR file with password, and each time you want to use the decompressed on the machine where you're going to run or install the executable. This is because there are viruses that infect executable files and some infected files inside ZIP or RAR files, so put password to help protect your files. Virus
as fearsome as HALMAN and Sality, which infect executable files and programs and which can hardly be restored and in most cases it is preferable FORMAT, REPLACE and get back in programs and / or executables from a trusted source or a Prior to the Infección.Esta Backup is the wrong way and save Insecure Executable or Programs.
And this is the correct and safe way to transport run and schedule in your USB memory
Download Disable Autorun)
** 2. If you often carry programs, facilities and / or runtime, save it in a ZIP or RAR file with password, and each time you want to use the decompressed on the machine where you're going to run or install the executable. This is because there are viruses that infect executable files and some infected files inside ZIP or RAR files, so put password to help protect your files. Virus
as fearsome as HALMAN and Sality, which infect executable files and programs and which can hardly be restored and in most cases it is preferable FORMAT, REPLACE and get back in programs and / or executables from a trusted source or a Prior to the Infección.Esta Backup is the wrong way and save Insecure Executable or Programs.
And this is the correct and safe way to transport run and schedule in your USB memory
NOTE: Ideally, the files have even Word documents, Excel, etc, also in ZIP or RAR files password to prevent macro viruses. It is unlikely, but it also happens.
3. Many users run the virus from your USB drives into their computers without realizing it, this is due to file autorun.Si you are someone who usually or often explore the files on your USB flash drive by double clicking on My Computer and then the icons of the drives (Units) of the pictures framed in red, I am more than sure that more than ONE ONCE you've had trouble with these viruses on your USB memory máquina.Esto is that this form of display, run the Autorun.inf file. And if you have the bad luck that your USB keys have these files, you'll know why it is that you re-infect each momento.La incorrectly and Insecure Explore the files in a memory (TOO COMMON AND GUILTY OF 70% infection) is well .
and colossal funny thing is the following situation: - Suppose you were infected with the virus amvo, and this virus as I once said: It infects all units of the computer, placing the Autorun.inf file and the virus executable to the root each unit, osea:
* In C: (System Unit) creates the autorun.inf and executable virus. * In D: (Data Unit) creates the autorun.inf and executable virus.
* In E: Unit (More Details) creates the autorun.inf and executable virus.
* In F: (Unit More Details) creates the autorun.inf and executable virus.
* ETC, and so on all Units.
So many have come to format the drive C: (System Unit) and did not clean the Autorun.inf files from other units, then Clicking on My Computer and following the wrong way to explore the Units: reinfections OF SAME VIRUS !!!!!!!. Reaching
believe that the virus USB drives are immortal, they have a grudge against him that has gotten into the hardware, etc, etc.
This is the correct and safe way to explore and USB memory drives.
O is equivalent to press the keys "Windows + E". Then click on the icon of the Left Panel units as in the following images. 
4. See the file extensions or differentiate the non-runtime executable. An extension is a set of characters attached to a file name, usually separated by a point.
In the family of Microsoft operating systems (all Windows) is used to recognize their format, or to determine the application that opens the file.
Examples of extensions: file.txt = ASCII text file "plain text" (opens with notepad) ARCHIVO.RTF = formatted text file (opens with Wordpad or Word)
file.doc = Text file with Microsoft Word format (opens with Word)
file.doc = WORD document file. (Opens with Word)
APLICACIÓN.XLS = Spreadsheet File. (Opens with Excel)
APLICACIÓN.BAT = Batch Processing File (Executable)
application.exe Executable Program =
Then the funny thing is that in Windows installations, the default option: Show the file extensions are disabled and most PC's have a view like this. 
NOTE: To view the file extensions you can run the following script, which requests the entry of a number: "0" (zero) to see the extensions and "1" (a) for not seeing extensions.
Download View extensions 
is very likely that you are wondering now what IS ME AND WHAT TO SEE EXTENSIONS OF THE ARCHIVES?
A: How often has it happened that often found files such as "pamela.jpg", "diapositiva.pps" in our USB sticks, or in our emails, not knowing who we've missed these files, and believing that good were image files (extension "jpeg" is for image files) or a slide we have given double-click, well after the damage came because they were in fact viruses. Then you ask: how can we tell if a jpeg, doc, jpg, etc is really a file type that claim to be, not a virus?.
Well, the answer is: great Most viruses use executable extensions such as. exe,. com,. vbs,. bat, cmd, pif, scr, etc, (so runtime) but when you send it or copy (from an infected machine to a memory USB yours) do not appear with full extension, but get names like "pamela.jpeg.exe", "diapositiva.pps.vbs."
So the problem is that Windows hides usually always the first extension to the files, making it that "pamela.jpeg.exe" is shown as "pamela.jpeg" and that "diapositiva.pps.vbs" shows as diapositiva.pps "and even" documento.exe "shows as "document." Since you've probably account for the terrible damage it can cause, especially but have no idea about all this. So it hence the reason why many times we've run virus thought they were documents, images, etc.
So I recommend to see the file extensions that we have to know what we follow. NOTE: An executable is a program that executes any instructions programmed by someone, and viruses are also being scheduled runtime. All viruses are running with executable extensions: exe, com, bat, cmd, pif, scr, vbs, to be run by user interaction.
BUT NOT ALL THE EXECUTIVES ARE VIRUS! I tell you to get alert if you receive or have a double extension or file that looks like a photo or a slide with double extension or look like a photo or word or excel file but the extension ends in. COM,. EXE,. SCR. PIF. BAT,. BAT.
The following image shows the folders on the drive C. When not See On the Extensions option. Look closely at the "folder" called Darby:
And now after Enable View Extensions see how you can view files and folders
If you notice? A virus that looked like a folder! Then see the extensions will help to distinguish executables which are not.
** 5. View Hidden and System files: By default in a Windows installation option to see hidden and system files is disabled, so you will not see hidden files just like that.
Consider the following image that shows the Unit C of a default installation. 
Now to see hidden files you can use the following script to view or not view hidden files.
The script asks you to enter "1" (one) to see hidden files or "0" (zero) for NO View Hidden Files.
Download View Hidden Files
After Enable the option to view hidden files, look how it looks now
Unit C
We analyze the image * The Recycler folder always exists in any Windows installation, is actually the Recycle Bin, so if you delete, it will reappear again and again. That's why many believe he has the virus on your PC Recycler. What actually happens is that some viruses hide within this Recycler folder. Displaying attributes, has attributes of H (Hidden) and S (System).
* System Volume Information Folder also with Hidden and System Attributes. It is an essential system folder contains the System Restore points and useful information for the indexing and file backups. There are ways to disable it, but it is not subject of this post for now. * Other files in the blue box are also vital system files and some have write protection from being modified or deleted. 
describe the most important: * NTDETECT.COM -> is used to start the Operating System for detecting basic hardware that will require the OS. Then call the NTLDR file. Be very careful with this file if you delete, you computer will not boot. There are viruses that are made similar names to confuse: n1detect.com, ntdeIect.com, nIdetect.com, etc. **
NTLDR -> boot loader is the operating system or bootloader, you need to file and BOOT.INI.Tambien NTLDR file is VITAL if you delete this you will also have problems. **
BOOT.INI -> Stores the parameters to be passed to the Operating System Kernel. Also protected. ** PAGEFILE.SYS -> Page File system memory. 
more than once is helpful to visualize the hidden and system files because sometimes the virus self-attributions features file system and hidden so they do not see them as normal. Consider the following image, which is typical of virus infection of USB.
As you can see the 3 suspicious files are hidden attribute (H), Read Only (R), System (S). And it's not the OS, therefore dangerous.
NOTE: Not all hidden and system files are Virus, I think the definition is clear.
In the case of USB Flash Drives: DO NOT BE HIDDEN FILES AND / OR SYSTEM, SO IT IS ALWAYS RECOMMENDED TO DELETE ALL HIDDEN FILES AND FOLDERS USB sticks.
Gentlemen, these are simple tips essential for the greatest performance of your computer and you are aware of the virus by the tool Usb greetings and I hope will be of great help.
Source:
http://blogtonky.blogspot.com/2008/11/virus-usb-guia-rapida.html
0 comments:
Post a Comment