Windows tweak to prevent massive virus infection/spreading

Flash viruses pain in the a** ? here is some hint how tweak a windows feature that facilitates virus infections

Its a simple fact that now nowadays computer malicious software comes from the internet (who doesn’t know that ?), and moves between computers via network and mass storage devices, mostly and most recently the easiest way to move files: Flash Memory sticks.

I’ve suffered from this problem in a way no one can imagine, viruses/tojans/spywares/worms were undetectable or if detected irremovable or irreversible (virus files if removed its effect still there) by the most powerful and always updated definitions Anti-viruses (some times i installed 3 Antivurs engines on the same machine to fix the problem), that i had to write small dos scripts with my humble knowledge to fight it manually with registry keys too, or having to install a fresh copy of windows on that machine 3 times in one week, same virus, same way of infection, same shit.

The solution was very easy,  but i was lazy to have a look at it, it requires the following:

1. informative smart employees who won’t double click a hidden .bat/.exe /.com file specially if its name is rubbish, or not clicking on a folder named after an .exe file, specially if that folder ends with .exe (when display file extensions enabled)

2.  Disable Autoplay and Autorun: this is simple achive by:\>

  • start->run->gpedit.msc
  • Local Computer Policy->Computer configuration->Administrative Templates->Turn Off Auto-play.
  • it’s set ‘Not Configured’ by default, enable it, and select all drives.
  • disable autorun

3. Disable Autorun: we have to create a registry key:

  • create a .txt file, paste the following text in it

REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@=”@SYS:DoesNotExist”

  • File->Save as->(select file type to be All Files)-> key.reg
  • double click the file and click yes to import the key to the registry.
  • this operation is harmless and it works, it seems it disables the existence of the file Autorun.inf, seems to be by returning “file not found” when ever this file name is requested, wo allaho ta3ala a3lam.

Pros:

  • You’ve saved your self a lot of ars pain and data loss.

Cons:

  • No any Autorun CD will work by clicking the CD/DVD Drive icon, you have to open it and click the setup.exe what so ever.

Hope it helps,

Thanks for Google for making this possible.

Posted on February 10, 2010, in Computers, Geekz, Work. Bookmark the permalink. 3 Comments.

  1. Switch to Linux – it’s the only sure way to be secure.

  2. Just desire to mention your document is striking.The clarity inside your submit is merely striking and i can get for granted you’re an professional on this topic.Nicely with your permission allow me to grab your rss feed to keep up to date with future publish.Thanks a million and please keep up the wonderful job. Excuse my bad English. English isn’t really my native language.

  3. i don’t think it’s a good idea to consider Linux in an office that is using Microsoft Products since 1985.

    am sure considering it personally🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: