- Posts: 31
- Thank you received: 0
folder.htt and desktop.ini
20 years 6 months ago #877
by sahirh
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Replied by sahirh on topic Re: folder.htt and desktop.ini
Dear me !! Huliyar, don't run around deleting those files just yet.
Yes, these files CAN be infected by a virus, but not necessarily ! If your virus scanner is up to date with its definitions and not giving any warnings, then I don't think you need to worry.
note, these files are used by windows to control how folder behave. Don't mess with them unless your virus scanner shows they're infected ! If you just don't want to see them, you can turn of the 'show hidden files and folders' option in windows explorer under folder options.
Here are a couple of links you might want to follow
urbanlegends.about.com/cs/virushoaxes1/
securityresponse.symantec.com/avcenter/v...a/vbs.terrosist.html (an example of a virus that infects them)
www.astalavista.com/library/os/windows/folders.shtml (why virus writers use these files)
These files are not a virus. At the MOST they could be infected by a virus, but if your virus scanner is not telling you this, then you're better off not deleting them.
Alot of people assume that they're virii merely because some viruses that spread over the network can infect these files.
With regard to your firewall question, I can only answer it this way :
Firewalls are meant to keep out intruders -- its a bonus that they can stop network borne viruses IF they are configured properly. For example the recent MSBlast virus spread through port 135, if that was blocked on the firewall, you were safe from being infected from the OUTSIDE world.. the firewall would make no difference if the virus was already on your internal LAN.
Furthermore, configuring a linux box and writing firewall rules is not something that you can just whip up before breakfast (well i know some people who do but ..
It requires an understanding of your network needs, what needs to go out (example - web requests), and what needs to come in (example - mail). The firewall machine itself needs to be 'hardened' against attacks, and if you're a linux newbie, you're better off not trying to do this without some serious R&D in a lab.
That said - a linux box is a nice idea for a firewall because the vast majority of viruses spread through windows systems.. there are only about 40 known viruses for linux..
www.securityfocus.com/columnists/188 (Nice article)
If your system is slow, it may not be the work of a virus, try degragmenting your hard disks
www.diskeeper.com (the best defragmenter)
and make sure you don't have millions of tasks running on your machine at once (is your system tray near the clock full of many icons ?)
Anti-virus software is the best solution to virus problems (okay thats got to be the most inane statement I've ever made
just regularly update your virus definitions and run a system scan occasionally (some vendors say once a week.. i'm very lax and run one once a month)
If you're not familiar with linux, consider getting a personal firewall like zonealarm, it is well set up straight out of the box, and is free.
www.zonelabs.com
To end a long post with a summary :
1. Check your virus definitions are up to date
2. Run a system scan, let the software clean the virus if you are infected
3. Leave those files alone if you're not infected
4. Defragment your hard disk using diskeeper
5. Stop any programs you don't need to run
6. Install a personal firewall.
I feel like I'm giving google answers a run for their money
Ps. if you're interested in a little tool that shows you what programs are starting with your computer, then check this out, its very useful
www.sysinternals.com/ntw2k/source/misc.shtml#autoruns
Yes, these files CAN be infected by a virus, but not necessarily ! If your virus scanner is up to date with its definitions and not giving any warnings, then I don't think you need to worry.
note, these files are used by windows to control how folder behave. Don't mess with them unless your virus scanner shows they're infected ! If you just don't want to see them, you can turn of the 'show hidden files and folders' option in windows explorer under folder options.
Here are a couple of links you might want to follow
urbanlegends.about.com/cs/virushoaxes1/
securityresponse.symantec.com/avcenter/v...a/vbs.terrosist.html (an example of a virus that infects them)
www.astalavista.com/library/os/windows/folders.shtml (why virus writers use these files)
These files are not a virus. At the MOST they could be infected by a virus, but if your virus scanner is not telling you this, then you're better off not deleting them.
Alot of people assume that they're virii merely because some viruses that spread over the network can infect these files.
With regard to your firewall question, I can only answer it this way :
Firewalls are meant to keep out intruders -- its a bonus that they can stop network borne viruses IF they are configured properly. For example the recent MSBlast virus spread through port 135, if that was blocked on the firewall, you were safe from being infected from the OUTSIDE world.. the firewall would make no difference if the virus was already on your internal LAN.
Furthermore, configuring a linux box and writing firewall rules is not something that you can just whip up before breakfast (well i know some people who do but ..
It requires an understanding of your network needs, what needs to go out (example - web requests), and what needs to come in (example - mail). The firewall machine itself needs to be 'hardened' against attacks, and if you're a linux newbie, you're better off not trying to do this without some serious R&D in a lab.That said - a linux box is a nice idea for a firewall because the vast majority of viruses spread through windows systems.. there are only about 40 known viruses for linux..
www.securityfocus.com/columnists/188 (Nice article)
If your system is slow, it may not be the work of a virus, try degragmenting your hard disks
www.diskeeper.com (the best defragmenter)
and make sure you don't have millions of tasks running on your machine at once (is your system tray near the clock full of many icons ?)
Anti-virus software is the best solution to virus problems (okay thats got to be the most inane statement I've ever made
just regularly update your virus definitions and run a system scan occasionally (some vendors say once a week.. i'm very lax and run one once a month)If you're not familiar with linux, consider getting a personal firewall like zonealarm, it is well set up straight out of the box, and is free.
www.zonelabs.com
To end a long post with a summary :
1. Check your virus definitions are up to date
2. Run a system scan, let the software clean the virus if you are infected
3. Leave those files alone if you're not infected
4. Defragment your hard disk using diskeeper
5. Stop any programs you don't need to run
6. Install a personal firewall.
I feel like I'm giving google answers a run for their money
Ps. if you're interested in a little tool that shows you what programs are starting with your computer, then check this out, its very useful
www.sysinternals.com/ntw2k/source/misc.shtml#autoruns
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
Time to create page: 0.151 seconds