Scribd Logo
Upload

Welcome to Scribd!

  • Hunting Viruses (ျမန္မာလုိ စာအုပ္)

    Uploaded by

    ဆိုင္မြန္စာၾကည့္ဆိုဒ္
    1K views20 pages
    The document appears to be a collection of Burmese language text providing information on identifying and removing computer viruses. Some key points discussed include: - Scanning for viruses in safe mode or using antivirus software offline. - Identifying virus processes and hidden files using the task manager, registry editor, and folder options. - Disabling autorun functions to prevent viruses from automatically running from removable drives. - Using command line tools like attrib and rmdir to hide or delete the autorun.inf file. - Creating batch files to automate the creation and removal of autorun.inf files on different drives.

    Original Description:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document appears to be a collection of Burmese language text providing information on identifying and removing computer viruses. Some key points discussed include: - Scanning for viruses in safe mode or using antivirus software offline. - Identifying virus processes and hidden files using the task manager, registry editor, and folder options. - Disabling autorun functions to prevent viruses from automatically running from removable drives. - Using command line tools like attrib and rmdir to hide or delete the autorun.inf file. - Creating batch files to automate the creation and removal of autorun.inf files on different drives.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    1K views20 pages

    Hunting Viruses (ျမန္မာလုိ စာအုပ္)

    Uploaded by

    ဆိုင္မြန္စာၾကည့္ဆိုဒ္
    The document appears to be a collection of Burmese language text providing information on identifying and removing computer viruses. Some key points discussed include: - Scanning for viruses in safe mode or using antivirus software offline. - Identifying virus processes and hidden files using the task manager, registry editor, and folder options. - Disabling autorun functions to prevent viruses from automatically running from removable drives. - Using command line tools like attrib and rmdir to hide or delete the autorun.inf file. - Creating batch files to automate the creation and removal of autorun.inf files on different drives.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 20

    01010101010101010101010101 01010010101010101010101010 10101010101010101010101010 10101010101010101010101010 10101010101010101010101010 10101010101010101010101010 10101010101010101010101010 10101010101010101010101010 10101010010101010101010101 01010101010101010101010101 01010101010101010101010101 01010011010101010101010101 01010101010101010101010101 01010101010101010101010101 01010101010101010101010101

    Hunting Viruses
    antivirus manually

    ) :P Happy learning

    :P

    Saving data & scanning virus


    boot :D antivirus safe mode windows options update post antivirus F8 safe scan . Linux

    mode, safe mode with command prompt, safe mode with networking

    antivirus safe mode safe mode cmd networking ff safe mode security essential Update m avira network f Update antivirus boot f S f m (

    f m

    m drivers m ) safe mode safe mode

    mm D S

    safe mode with

    networking safe mode Microsoft Updat ) removal f www.okviruscleaner.com safe mode

    offline update ( offline update

    Tracing Viruses
    Folder options, Registry msconfig RUN > msconfig m ( ) task manager registry Hidden f f ) folder options f ) ( windows media player registry msconfig os file startup list ( ) editor, ( Task manager msconfig

    folder options

    task manager task manager

    registry Group policy > Remove Task manager apply,ok Run gpedit.msc

    group policy registry User

    configuration > Administration templates > System > Ctrl+Alt+Del options Disabled

    task manager

    registry editor group policy D folder options

    User configuration > Administration templates > System > task manager

    Prevent access to registry editing tools

    User configuration > Administration templates virus process

    > Windows Components > Windows explorer > Remove the folder options menu item from the tools menu T m end process

    process

    process registry registry editor

    process

    Run > regedit

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ru n HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

    sidebar delete f system32 C:\ Windows\ System32\mgy.exe mgy.exe registry ( ) right click

    RUN> control folders note.txt note.txt hidden exe love love

    folder options

    show hidden files, folders and drives hide extensions for known file types extensions note exe love h Hide proctected os os options windows xp delete system file, read-only file E

    hide protected operating system files

    files .

    autorun.inf folder

    windows 7 attribute

    attrib s h r C:\Windows\System32\mgy.exe

    cmd C:\Windows\System32\mgy.exe process shutdown :D ) taskmanager registry editor f kill manager, folder options, control panel, run virus taskmanager RUN> regedit HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System HKCU HKEY_CURRENT_USER m registry editor folder options safe mode registry task anti process linux boot cd

    DisableTaskMgr

    delete

    restart logoff

    m restart

    registry

    setting logoff

    restart reg delete

    explorer.exe process

    end process

    HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\

    System /v DisableTaskMgr /t reg_dword /d 1 /f cmd notepad m

    reg

    delete

    HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\

    System /v DisableTaskMgr /t reg_dword /d 1 /f .bat batch file m registry

    Enable registry reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\ System /v DisableRegistryTools /f Enable folder options reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\ Explorer /v NoFolderOptions /f Enable cmd reg delete HKCU\Software\Policies\Microsoft\Windows\System /v DisableCMD /f Enable RUN reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies \ Explorer /v NoRun /f Enable Control Panel reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\ Explorer /v NoControlPanel /f

    HKEY_CURRENT_USER(HKCU) windows xp ntldr cd m boot mini xp ( xp ntldr, bootmgr ntldr : ) i386 m partition ( ntldr : ) ntldr is missing windows 7 registry computer group policy HKLM

    HKCU

    HKEY_LOCAL_MACHINE(HKLM) group policy user group policy

    windows cd ) Start mini windows xp h h cd

    boot windows ntldr bootmgr

    boot h linux

    linux

    dual

    Defending Viruses
    anti-virus memory stick exe autorun.inf double click xp Double click autorun.inf autorun Computer Configuration> Administrative Templates > Windows 7 autorun 7 autorun ) double click ( autorun autorun

    autorun.inf

    Components > AutoPlay Policies > Turn Off Autoplay all drives apply,ok

    enabled

    extension navigation pane

    hidden file,

    notepad [autorun] open=mgy.exe shellexecute=mgy.exe shell\Explore\command=mgy.exe shell\Open\command=mgy.exe shell=Explore mgy.exe f m f attrib s h r autorun.inf autorun.inf usb h usb disk security m cmd autorun.inf mgy.exe

    autorun.inf autorun.inf

    autorun windows 7 f

    autorun

    autorun

    autorun autorun usb disk ) autorun.inf autorun.inf autorun.inf cmd autorun.inf exe exe usb disk security

    security

    autorun

    autorun.inf

    mkdir \\.\E:\autorun.inf\con\aux\nul attrib +s +h +r \\.\E:\autorun.inf\con\aux\nul cmd drive column F: autorun.inf E: : f f F:, G: \\.\E:\autorun.inf\con\aux\nul

    rmdir \\.E:\autorun.inf /s /q attrib s h r Hidden, system, learning cmd commands :D autorun.inf autorun.inf D: m cmd m mm D: D: m D: autorun.inf Icon exe autorun.inf smadav drive lock

    f :D

    batch

    @echo off rem start of code :start cls title USB defender program by backb0neb00t3r(MHU) echo To create autorun.inf on your drive, type 1 echo. echo To remove autoun.inf on your drive, type any key echo. set /p pass= echo Your choice# if %pass% equ 1 ( goto create ) else (

    goto remove ) :create cls set /p create= echo To create autorun.inf folder, Type your drive letter ( eg. D:, E: ) # mkdir \\.\%create%\autorun.inf\con\aux\nul created by backb0neb00t3r(MHU) attrib +s +h +r %letter%\autorun.inf pause cls set /p decision= echo if you want to restart program, type start and if exit, type any key# if %decision% equ start ( goto start ) else ( msg * Bye Bye, Have a nice day! exit ) :remove cls set /p remove= echo To remove autorun.inf folder, Type your drive letter ( eg. D:, E: ) # rmdir \\.\%remove%\autorun.inf /s /q pause cls

    set /p decision1= echo if you want to restart program, type start and if exit, type any key# if %decision1% equ start ( goto start ) else ( msg * Bye Bye, Have a nice day! exit ) rem end of code

    Written by backb0neb00t3r(MHU)

    Greetz to all MHUs

    You might also like