think we should all have a little insight into this issue .. Since privacy and computer security today is simply moot. And is that right now could set a Trojan virus and propagate it and NO, much less know it will detect and eliminate! So simple is the world of hacking today ..
If you're wondering right now, perhaps I can be infected with some virus or trojan having my super nod32 recorded and updated? Having my avast? By passing the kaspersky ..
The answer is .. SI ..
At the moment it might be a zombie ! And so you could be serving as a messenger of some spammer .. Yes, you are sending spam emails without realizing it!
never has happened to many of your msn contacts you plan to send those messages: "LOOK WHO YOU Remove from your MSN", "SOMEONE HAS DELETED", "TRY OUR NEW ......"
The sad reality is that most of the vecez are these people who sent this! But viruses and Trojans that propagate self! Lose =) I myself thus contaminated =) Well now
for educational use, I'll show you some of the routes where they usually stay the majority of these viruses and Trojans vecez!
The Home: Folder is located in the programs menu (Start-> Programs-> Startup)
For modern spyware, trojans, and other intruders, this place would be too obvious to interfere in the system, but no shortage of annoying splash window recently installed a program that puts us in that place reminding us to register, or who would buy a shirt of the company with the logo of a window ..
----------------------------------------------- ---------------
MSCONFIG
This powerful tool is found in almost any Windows operating system, and accessing it going a:
(Start Menu-> Run -> msconfig)
Well, that says START is a list of programs and executables that are loaded at startup, which allows a simple check mark to remove without deletion (by doubts, no?)
In WinXP flap is another interesting call services, enabling us to tick or uncheck the services that the system starts, remember that many programs require not only an executable, but also a service that starts with own operating system and is active all the time while the program is not used (read: Antivirus, promiscuous mode drivers for network cards, etc).
This powerful tool is found in almost any Windows operating system, and accessing it going a:
(Start Menu-> Run -> msconfig)
Well, that says START is a list of programs and executables that are loaded at startup, which allows a simple check mark to remove without deletion (by doubts, no?)
In WinXP flap is another interesting call services, enabling us to tick or uncheck the services that the system starts, remember that many programs require not only an executable, but also a service that starts with own operating system and is active all the time while the program is not used (read: Antivirus, promiscuous mode drivers for network cards, etc).
--------------------------------------------- ----------------- REGISTRATION
Of course, many executables are also displayed there in the Windows registry, but touch them with care. To access it written:
START -> Run, type regedit word
and presto, there it is to be tinkering.
Well, the key that interests us is
[HKEY _LOCAL_ MACHINE \\ SOFTWARE \\ Microsoft \\ Windows \\ Curr CurrentVersion \\ Run ]
There are things that running when you start win, let's take that will not do. Many times when a virus attack we can be here in among other things.
Of course, many executables are also displayed there in the Windows registry, but touch them with care. To access it written:
START -> Run, type regedit word
and presto, there it is to be tinkering.
Well, the key that interests us is
[HKEY _LOCAL_ MACHINE \\ SOFTWARE \\ Microsoft \\ Windows \\ Curr CurrentVersion \\ Run ]
There are things that running when you start win, let's take that will not do. Many times when a virus attack we can be here in among other things.
----------------------------------------------- ---------------
WIN. INI
Clearly we can find in the same MSCONFIG or editing the file directly WIN. INI the ability to add things to start putting (or removing in this case) a line in this file contained in the folder c: \\ Windows (usually) say for example c: \\ executable. Exe
Clearly we can find in the same MSCONFIG or editing the file directly WIN. INI the ability to add things to start putting (or removing in this case) a line in this file contained in the folder c: \\ Windows (usually) say for example c: \\ executable. Exe
-------------------------------------------- ------------------
SYSTEM. INI
The last method we'll see is to add an executable as a parameter of explorer, under BOOT file system. Ini as follows:
SHELL = explorer. exe executable. Exe
The last method we'll see is to add an executable as a parameter of explorer, under BOOT file system. Ini as follows:
SHELL = explorer. exe executable. Exe
------------------------------------------- -------------------
ADVANCED REGISTRATION
Another place where they can accommodate the executables is in registry key:
[HKEY _LOCAL_ MACHINE \\ SOFTWARE \\ Classes \\ exefile \\ shell \\ open \\ command ] changing the value "% 1"% * by executable. Exe . Unknown place, but interesting as it indicates that each time you run an EXE in the system will be running the executable. Exe .
Remember that this analysis we can deduce the possible places where the operating system stores strictly speaking what runs when you start our session.
A very useful tool when it comes to catch and remove malware manually mind is: HijackThis this tool should not be confused with an anti-virus or anti-malware, since it does not delete anything! Just shows you a detailed log of what would be the home of the virus and / or trojan that is hosted on your computer! HijackThis
is perhaps more powerful than any antivirus in safe hands!
nuesro advise always keep it in the repertoire and when in doubt, pass (does not last more than 15segundos) and save the LOG of our system so we can publish in any forum on aid to receive better care, more detailed and specific!
Another place where they can accommodate the executables is in registry key:
[HKEY _LOCAL_ MACHINE \\ SOFTWARE \\ Classes \\ exefile \\ shell \\ open \\ command ] changing the value "% 1"% * by executable. Exe . Unknown place, but interesting as it indicates that each time you run an EXE in the system will be running the executable. Exe .
Remember that this analysis we can deduce the possible places where the operating system stores strictly speaking what runs when you start our session.
A very useful tool when it comes to catch and remove malware manually mind is: HijackThis this tool should not be confused with an anti-virus or anti-malware, since it does not delete anything! Just shows you a detailed log of what would be the home of the virus and / or trojan that is hosted on your computer! HijackThis
is perhaps more powerful than any antivirus in safe hands!
nuesro advise always keep it in the repertoire and when in doubt, pass (does not last more than 15segundos) and save the LOG of our system so we can publish in any forum on aid to receive better care, more detailed and specific!
0 comments:
Post a Comment