Wednesday, May 28, 2008

I don't know why I'm thrilled about detecting a virus!?!

i just plugged in my 2GB usb drive into the G4 and discovered extra files which were locked... one autorun.inf and one WinProcess.exe.vbs (which could be viewed with dreamweaver). i don't know why i feel so thrilled at discovering this... maybe it's because i caught it before it could wreak destruction on my comp... "i caught the sucker before he could catch me!!"... gosh, this really shows that i have nothing else better to do... anyway, at first i thought that the autorun.inf file came from my flash instructor (he passed us some flash templates and pdf manuals) since he taught us about publishing flash as a projector and how to burn it into CDs so that it will have autorun capabilities (we need an .exe, .ico, .bmp and the autorun.inf files to make this happen). however after opening the vbs file in dreamweaver and scanning through its script, things like "i love u" and "i'm here to rule the world again" convinced me that it was a virus... surprisingly i couldn't find much info about it on google. one thing i'm curious about is how can we unlock the files on a windows platform... i learnt how to unlock locked files on a mac os x by chance... i was trying to delete a burn folder but couldn't trash it because it was locked, so i read the popup help to unlock the folder.

ok, the paragraph above is pretty redundant. the moral of the story is that i unlocked the files so that they could be trashed, then i emptied the trash so that no further infections can occur. i should have kept the inf file so that i can modify it later to use for the flash projector stuff... i kept the WinProcess.exe.vbs script in a text file so that i can read it when i have time! this is the first time i've seen a script for a virus... i don't even know what sort of script it is!!! sheesh, i hate computer stuffs!!!

as a reminder to myself, i want to blog about my results, voting and... crap, i forgot the last one... hopefully this will be in my next post.

No comments:

Post a Comment