Virus infection by autoplay, how to prevent it

One of the main reasons of rapid spreading of viruses is due to the presence of Autoplay in Windows. Autoplay feature was originally introduced to enhance user experience. An easy way for a virus to enters a PC is through exploiting this option. You can see Autoplay in action when a driver CD of you Motherboard or a Printer start its installation process as soon as you inserts it. Here let us look at how Autorun can be added to a drive (CD, USB, HSS etc..) and make it Windows open a program automatically when you puts it in or double clicks it.

Adding Autoplay to any drive is as easy as creating a text file and typing some commands into it. Have a look at the Autorun.inf file (this makes Windows run programs automatically from CDs) of the Microsoft Office 2007 CD.

Autorun file can add options to the default right click menu.

The Right Click menu has been modified according to the entries in the autorun.inf file. The file need to be saved with the name Autorun.inf  The bad part is that autoplay can be added to any drive. And a virus can create an autorun file in a USB drive inserted into an infected system. It then makes the autorun file such that not only does the autoplay option open an infected file but the Open and Explore commands in the right click menu will also do the same.

This is the Screen shot of an Autorun.inf file created by the virus Infostealer.Wowcraft.D virus

An autorun file created by a Virus

It will automatically install itself with out you ever knowing, if autoplay is enabled. You might have figured out how easy a virus can infect a Windows based system.

Prevention :

As they say prvention is better than cure. Here are some steps you can take to prevent infection of viruses due to Autoplay.

1. Disable autoplay

2. Always Open a CD or Pen Drive (USB stick) by using the pull down menu of your address bar. You can also type the drive letter followed by a “ : ”  eg. D: in the address bar or Run box and press enter.

More about disabling autoplay will be posted in the next post.

How to view all drives, Disk Management under Windows

The Disk Management object under Microsoft Management console can be used to Change Drive letter association, find unrecognized partitions or Mount a logical drive into a folder as in Linux.

If you want to prevent access to a drive, read 2nd tip in “Points to note” given after this post or read how to Prevent access to select drives using Registry.

One of the key differences between Windows and Linux is the tree structure used in Linux for filesystem. In Linux everything is a hierarchical leaf or branch of the Root “” directory. It was only recently that Linux started loading (mounting) drives other than the system drive automatically. (If you want to know more,  here is an article which will explain the Linux file hierarchy). To implement the Linux style tree structure in windows is pretty easy and is explained here.”

Open Disk Management object by typing “diskmgmt.msc” in START » RUN box or in Command Prompt. Here you can see all the Primary (Blue) and Logical (Green) partitions available on your system.

Disk Management Console object - screen shot.

You will be able to see the Linux partitions too. Select a drive and Right Click on it. Here you can see an option “Change drive Letter and Paths“. Under this option you can remove a drives letter change it or mount a volume into a folder.

Mounted Drives

Screen shot of my H and G drives mounted in a folder “C:Drives”

Some points to note here are …

1. You cannot remove the drive letter association of your system drive.
2. If you do not assign a drive letter or mount the drive to a folder on another drive it will not be accessible by any means in Windows.
3. You can’t add more than one drive letter to a drive.
4. To mount a volume the folder must be on a different partition.

Consider reading The post on Microsoft Management Console if you want to know more.

Open and save Office 2007 files in Office XP and 2003

The easiest way to enable support for the new Office 2007 file formats in Office XP is to install the Migration pack provided by Microsoft free of cost. With the introduction of the XML standard in file format, the new files with extensions ending in x (docx, xslx, pptx) will not be compatible with the older Microsoft Office.

With Migration pack installed you can either save in all the New office supported formats as well as open all the new format files. Here is a screen shot of the Save As dialogue in Office XP with 2007 compatibility pack installed.

Office-word-save-as-2007

Main advantages f the new file format are that it is a standard XML format and also the compression ratio is better for the XML formats. You can open all the 2007 Office files using any archiving tool.

The Office 1007 compatibility pack is free of cost and can be downloaded form Microsoft Download center. You must install all High Priority updates from Microsoft update center before installing this pack. Here is the Office 2007 compatibility pack download page at Microsoft Download Center. The file is a 27.5Mb Windows Executable.

Microsoft should be penalised

Microsoft has made a big issue with patent infringements by Open Source Software including Linux, they need to look at their own products too. With their unstated theme “Do no Good” Microsoft had recently stated in a press release that Open Source Software were infringing more than 300 patents by Microsoft. Whatever but did Microsoft think they could use the products or ideas modeled under GPL.


Here is a poll I created, Please express your opinion as votes..



I think a small amendment has to be done to GNU GPL by which Microsoft is prevented from usiing any of the ideas, software or other fucntionality of software protected under GPL. If there is a tit there have to be a TAT too.

Firefox 3 beta gulping down I/O resources – simple solution

Ever since FireFox 3 beta was released it caused more problems than it actually solved. With addons not working, history clearing problems and even installation issues its time for a change. The new issue is with I/O resource consumption by FF. Actually it is not new. I had noticed earlier on that

C:Documents and SettingsAjithLocal SettingsApplication DataMozillaFirefoxProfilesclyao2bz.defaulturlclassifier3.sqlite

was always in the Disk read/write queue. But I didn’t care much.

Last day after installing a new RAM module, expecting an improved performance, I was surprised to see that there was a lot of disk usage. So I decided to Search with the file name and came out with some quiet interesting facts. The file is actually used as a cache for the reported web sites. So every time you start a new profile, FF starts downloading the file and causes the excessive resource usage. But I still wonder how a 20Mb file download would cause so much CPU and I/O usage.

Solution

Uncheck the

The solution is rather simple. Just turn off the “Report Attack site” function from under Tools>> Option>> Privacy and everything will come back to normal.

Get the color palette used on any web page with Palette Grabber

Palette Grabber is a simple plug in for Firefox made by Konstantine Prevas. It will get the colors used on a web page at the click of the mouse. You can save the color palette in the following formats –

.aco Adobe color Palette
.clr Flash color palette
.psppalette Paint Shop Pro color palette
.gpl GIMP color palette
.act Adobe fireworks color table
.clr MAC OS X color palette

You can use palette grabber to get the colors used in the template of any web site you like.

How to get icons from exe and dll files of programs

The icons that are used by programs such as Photoshop or Microsoft Office are actually stored inside the exe or dll files coming along with the program. To capture and save these icons you can use two methods. One is by using a program that can open an exe file such as PE resource explorer. The other method is simpler and uses a small program that is used only to extract icons from exe and dll files.

Icons inside photoshop.exe opened with copicone

Copicone is an amazingly small program which was created by Guillaume Ryder. It is only 9Kb in size and comes in a zipped package weighing only 4.5Kb. Copicone is free just like all the other utilities avilable at Guillaume’s web site. Just open the dll file or exe file using copycone and you can see the icons. Select the one you want to save and click Save.

Copycone is available only in French. But the limited number of buttons will allow you to easily locate the appropriate controls neede.

Download the Icon extractor – Copicone here. If you want to create your own icons for free read it here.

Start a personal or group web site for free at Google sites

Google Sites” is now available for free public registration and use. With Google sites you can start a personal or group managed web site.

Google sites overview

You can upload content and manage all your files from one location. You can also decide who all could see your site and files uploaded. You don’t need to know HTML or other coding to build your own site. So if you were looking for one good reason to start a web site why wait, start it right now.

I have made a test page on Google Sites. Check it out and post your comments there.

Themes –

Although the sign up process is simple the default themes available really sucks. You can edit theme, images used in template, colors and fonts from Appearance in site administration. Even the repeat options are provided for background images. Also you may change the home page to whichever you like as far as it is on the site itself.

Attach files –

Google sites has the ability to attach files to specific pages. So if you attach a file abc.def to a page you will get the file link as under this page.

Page history –

the author of the page is provided with the ability to view or revert a page to an earlier version.

Google sites provides version history - click for full size image.

For this a detailed history is provided including Author, time of edit, time after edit etc. Also you may subscribe to page changes.

File editing –

Editing the file has been made too simple so to say. Even if you know nothing about web page coding you will be able to create really good looking and attractive pages. The ability to insert Google docs, Google calender, Youtube and Google videos are major plus points. You can also insert Picassa sideshow directly to a page.

Automatic site map generation (not for search engines) –

A site map is generated automatically as you add more and more pages. The site map is not the one used by search engine bots. It is intended to make human navigation easier. You can add Google Analytics with the click of a button.

Search –

Web site search is built in. The search results page is rather neat and functional with the sidebar shown and results easily navigable.

Bottlenecks –

You cant use <embed>, <script>, <iframe> or <style> tags even while editing HTML code of the site as they are considered to be unsafe tags. So if you need to add a video you are forced to upload it to Youtube first. Pretty thoughtful from Google.

Over all Google sites is a great combination of functionality and ease of access for those who don’t want to get deep into the troubles of managing a site. You are provided with almost all the tools for basic site management. As always  uploading of an exe file is prevented, but after ZIPPING it can be uploaded. And at 100Mb although the storage space isn’t so much to boast about you will be satisfied for sure.