Today Cyber security has become a very interesting topic. everyday new flaws, errors are created which are exploited by hackers. some do it for fun while some are serious thieves.
in either case the damage is done and you find the only way to run your PC is by formatting.
I have always read in forums:"Found virus -Help", "pendrive virus",etc.The most common request is to provide antivirus(which is normally cracked). what people dont know is that this always results in a cycle. you install an antivirus(cracked) to get rid of viruses but at the same time you infect yourself with an undetected trojan.
What people also don't know is that there is no need to create so much hype when the solution exists right before their eyes(rather hands!). Hence i decided to write few steps to ensure that your home computer is not affected from viruses without paying anything.(Note: this guide is for beginners)
Step 1: Secure OS:
Assuming most of the readers are windows users i recommend them to immediately edit the following registry key.
Start=>run=>regedit
go to HKCU=>Software=>Microsoft=>windows=>currentversion=>policies=>explorer:
edit the "NodrivetypeAutorun" key to "0xff".
the reason is that most of the viruses propogate through autorun files, and windows executes the virus the moment it sees autorun.inf. we just disabled that!
another recommendation is to enable Windows update to fix critical flaws.
Step 2:Antivirus:
install any decent free home editions of antivirus like avast or avira. they are enough to protect your PC. ensure that you add password protection so that unwanted people dont purposely install malwares. if you are too paranoid then you can also install firewall though it slows down your system.(i havent used firewall for two years still i didnt get infected)
Step 3: Internet:
The most common source for a virus injection is from internet. i recommend all the readers to install firefox browser immediately not because it is 100% safe (obviously they havent any software 100% hack proof), but because it is secure than IE anytime.
But doing this wont prevent you from being infected because the moment you visit an infected site your pc gets infected(most of the cases). Well then how can you find whether the site you want to visit is infected or not? Fact is you dont have to visit that site to know this fact, people are there to do that. Install a firefox addon "Web of Trust" or "Mcafee Siteadvisor" and they will guide you to proper sites. I recommend WOT cuz it is free n has siteblocking feature.
another thing is that never install any activeX or plugin not signed by publishers. recently it was reported that few sites were asking their users to install a plug-in not signed by the publisher but it was in the name of reputed company. as predicted it turned out to be a trojan. hence beware.
Step 4:Mail protection:
This topic is always ignored by non-professionals. people think nothing happens if you open spam mails. but this section is also equally important. recently i got a mail in my inbox saying it was received from "me". so i opened it. it said something about free mobile lottery stuff. i didnt need any software to know where the link was pointing to. WOT just told me that those were infected sites. so the most important thing is that never click on the link provided in mail without verifying the sender. common spam mails include "Hack your friends mail". never ever click those stuff.
Finally very important piece of advice: Never ever think that your system is secure for they have never built it.
Some more important data based on comments:
@unmesh
By default windows executes "autorun.inf" if the folder you are opening contains one. this applies to any folder. this property is usually exploited by trojans/viruses which spread through pendrive like mazebat, autoit, sality,etc. hence it is necessary to disable this option, because if u unadvertently open a folder containing infected autorun file, u get infected.
the above registry tweak has been tested by me and is safe.
as far as disabling autorun is considered then the only disadvantage is that your CD's dont run automatically. but that hardly matter cuz u can always manually open them.
still microsoft has given following values to this:
How to selectively disable specific Autorun features
go to:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDriveTypeAutoRun
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\NoDriveTypeAutoRun
The following table shows the settings for the NoDriveTypeAutoRun registry entry.
Value Meaning
0x1 Disables AutoPlay on drives of unknown type
0x4 Disables AutoPlay on removable drives
0x8 Disables AutoPlay on fixed drives
0x10 Disables AutoPlay on network drives
0x20 Disables AutoPlay on CD-ROM drives
0x40 Disables AutoPlay on RAM disks
0x80 Disables AutoPlay on drives of unknown type
0xFF Disables AutoPlay on all kinds of drives
