Common System Restrictions Made by Malware
Posted by iSergiwa
on 2009/6/29 14:40:00
1 - Disable Folder Options >> so the user can't set the option to show hidden files!
2 - Disable Registry Tools >> so the user can't see what is going on during system startup!
3 - Disable Ctrl+Alt+Del >> so the user can't see the virus and the other applications running!
4 - Disable Show hidden files & folders >> so the user can't see the malware bodies which always come with hidden attribute set to true!
5 - Disable Run Command >> so the user can't use it to run some tools to track the virus activites of remove it.
6 - Disable Windows Firewall (SharedAccess) >> so the virus can send & receive any data through the network without the attention of the user!
7 - Disable Windows Firewall (Wscsvc) >> so the virus can send & receive any data through the network without the attention of the user!
8 - Disable Windows Firewall (Wuauserv) >> so the virus can send & receive any data through the network without the attention of the user!
9 – Restrict Internet Explorer Home Page Changing >> so the user can't change the malicious web page set by the malware!
10 – Restrict Internet Explorer Closing >> so the user can't close the pops up windows that appear when visiting the malicious web page or any other website!
11 – Hide Internet Options >> so the user can't change any setting set by the malware!
12 – Hide Internet Explorer Address Bar >> so the user can't see what web page being visited and what scripts being executed!
13 - Restrict Internet Explorer Right Click >> so the user can't view the source of the page being visited and other useful things.
14 – Hide Internet Explorer Navigation Buttons >> so the user will be forced to user the keyboard shortcuts to navigate through the web sites!
15 - Hide Internet Explorer Context Menu >> so the user can't access this menu which make him able to select some useful settings.
16 - Hide Internet Explorer Toolbar >> so the user can't use it to remove some unwanted toolbars made by the malware.
17 - Disable Command Prompt (cmd.exe) >> so the user cannot run any console programs like command prompt removal tools...
18 - Disable Control Panel >> so the user cannot use the control panel applets.
19 - Hide system files/folders >> so the user can't see the malware bodies which usually come with system attribute set to true!
20 - Change Show Hidden files option button >> So even if you select "Show hidden files and folders from folder options these files & folder will not be shown!
21 - Disable Show System files check box >> So even if you unchecked "Hide protected operating system files" these files & folder will not be shown!
22 - Disable Show all files/folders check >> So changing this from folder options will be ignored!
23 - Hide Desktop items >> to prevent the user from accessing My Computer and other desktop shortcuts!
24 – Hide files extensions. This is commonly used by malware to trick the user. By hiding file extension, a user doesn't know whether a file with folder icon is an exe file or just an ordinary folder.
25 – Disable File Extensions Check >> So changing this from folder options will be ignored!
26 – Restrict Windows Update >> So the user cannot download security patches from Microsoft.
27 – Disable Shut Down CommandD >> So the user cannot shut down the system normally.
28 – Restrict Settings Folders >> Just imagine when you all items under Start menu>Settings wont run!
29 – Disable Taskbar context menu >> You right click your taskbar.. Oops; nothing happens!
30 – Disable Logoff Command >> So the user cannot logoff and use another profile.
31 – Hide Start Menu Logoff >> So the user cannot use this shortcut to logoff!
32 – Restrict Add/Remove Programs >> So the user cannot see what applications and windows components are installed or uninstall/reinstall any application.
33 – File Extension Default >> So the user cannot select "Hide extensions for known file types".
34 – No Windows Update >> So the user cannot download security updates and other fixes for windows.
35 – R-Media Malware >> This item is indicating that a malicious object is trying to invade your computer through removable media, please see the details below.
36 – Hidden Drives >> So the user cannot see any of the storage drives but they still can use RUN to access and explore them.
37 – Restricted Drives >> So the user can see the drives but cannot access them even when using RUN command.
38 – No Search >> So the user cannot search the file system using the start menu item for any file.
39 – No Display >> So the user cannot access the Display control Panel to change the display settings.
40 - Corrupted Safe Mode >> So the user be forced start the computer in normal mode where the virus always active.
41 - Execution Debugger >> So the user cannot run many security tools and antivirus software to get rid of the virus.
42 - Windows Security Center >> So the user cannot access many security settings.
All restrictions above can be removed by RRT - Sergiwa Antivirus Toolkit the free version.
Back to RRT Download Page
Bookmark this article at these sites
The comments are owned by the author. We aren't responsible for their content.