If you are a windows user, your system must have been subjected to a virus attack at least once. I have faced virus problems number of times recently and what is amazing is the number of viruses that are not detected by the anti-virus software.
When your system is infected by a virus, you will notice some usual behaviors like slowing of the machine, disappearance of the show hidden folders option, etc.
From my experiences with viruses, the most useful tool for me to remove viruses has been the autoruns.exe tool from sysinternals.com. It is a very very easy to use tool. Here is how it works.
Quite often, when a virus or a malware attack on a machine , it will register itself as an autorun entry in the registery. There can be one or more such entries. An autorun entry is an entry which is executed when your system boots up. So when a virus has an autorun entry, every time you boot up yours system, the virus is also running.
What autoruns.exe tool does is, it shows you all autorun entries in the windows registry.
As you can see in the image, it has various options to view these entries. So how to you locate a virus among these large number of entries ?.
Well, after all its a very simple trick. If you look carefully, there is the name of the publisher for almost all good autorun entries like once from Microsoft , google etc.
So just go down looking for entries which do not have a publisher, and if you find one, just google for those. It is a lot faster way of locating these nasty viruses, than to post mails to a forum and waiting for replies.
Posts
0 comments:
Post a Comment