How I have learned to avoid most viruses Recently I was a victim of a highly infectious pair of viruses named win32/virut.

NBP and win32/Sality.NBA after I apparently left a new installation without an antivirus. Well since I had not planned to invest on an antivirus then (I mostly use Linux), but then I had brilliant idea in fact most viruses leave their footprint somewhere in the system and the most popular place being the registry. One thing I noticed is that win32/sality.NBA has this bad habit (actually thats what we call social engineering) of hiding ones folders and replacing the folders with executables that are named after the folder they are mimicking and unsuspecting users often run the virus and which is in itself executed before allowing the user view the desired contents (which mostly happens to be in a new window). Win32/virut.NBP was unlike Sality has its own way of infecting the system. Instead of relying on the user to trigger the continuous execution virus depended on only one execution by the user of a foreign infected file which has been the virus then finds its way and adds itself on virtually all executable files in the device. This was not my first time since I a file type specific virus since I had the honors of being infected by Win32/parite.b while close to eight years ago and the infamous dulla@204 virus in my later years at the university three years ago. But the latest infection opened my eyes to the vulnerability of people to viruses. At this juncture I know most of you are asking themselves how do we stop them? The answer is its not that easy. Maybe to paint a picture of what virus writers think of when creating viruses imagine yourself as a predator (virus writer), to capture a specific prey(users of specific operating systems) you will have to target specific activities the prey do often( an example is explorer being the key player in Microsoft, the GUI etc).Now that you know what virus writers see in you how do you boost those weaknesses that make you vulnerable Im going to highlight a number of ways you can achieve that below. 1. Use an up to date antivirus I dont think internet will have been the way it is without antivirus applications. Despite being expensive they are worth it and there is always a version which can suit every type of user irrespective of the platform they are using be it Linux, window or Macintosh. But be careful not to install more than one copy since they will tear each other out. But are they 100% safe...My answer is No. but the best bets for effective protection are with the established antiviruses companies like Symantec,McCAfee,Eset,Kaspersky and Avast amongst others 2. Dont hide known file extensions, This allows you to see a file for what it is and avoid falling prey into double file extension viruses. A good example of such a virus is my good buddy Sality. I know file names will be longer and aesthetic appeal will be lost but better be safe than sorry This can be easily changed in windows 7 and vista by

my computer Organize(in the tool strip just above the drive icons) Folder and search options View Tab(folder Options) Uncheck Hide extensions for known file types 3. Dont hide any file be it system or your own (ignore this if you are careless). Well my friend Sality used to hide all kinds of folders and files by changing a supper hidden registry key in the registry. This left it being visible only hence to get through you had to at least click a virus mimicking what you wanted. Most other viruses use this too so incase its not checked you will discover that (in the case of Sality and co) two folders exist in a infected drive and if you had done step 2 and its still in effect, one folder will have an extension exe or jar or any other. This can be achieved by my computer Organize(in the tool strip just above the drive icons) Folder and search options View Tab(folder Options) check Show Hidden file at times a virus may disable this ability or reverse it as soon as you exit the dialog so to make it hold, remove the virus by some means i.e. antivirus then if its still on run REGEDIT then follow the path HKLM Software Microsoft Windows current Version Explorer Advanced Folder hidden Create a Dword with the name Showhidden and set it to 1 then click OK and there you should have your hidden files shown 4. Be wary of what runs at startup. My good terrible buddy virut.NBP had one single weakness it was quite visible at startup launching an application that opened a port and constantly pinged a address I hadnt seen before so I decided to check what was the application it was attempting to launch everytime at startup I typed MSCONFIG and analyzed the applications starting at startup and I found one application which didnt have a manufacturer and was located at the temporary files I followed the trigger registry as shown below HKLM Software Microsoft Windows current Version Run deleted the key of the application From then on the application was not run at startup. 5. Avoid Disabling the antivirus At times we do the most stupid things and live to regret later, while I was in campus taking part of multiplayer games esp. Call of Duty 4: Modern Warfare was as appealing as ever however running a demanding game and a demanding antivirus proved to be a challenge hence some of us (me included) commonly used to disable the antivirus. Sometime after that I came to learn that all my documents had been re-edited and mysterious characters ~Dulla@204~ appeared all over them not even pdfs where spared. Later I discovered that I had used a cheat tool located on one of my colleagues remote devices while my antivirus was off and apparently that was the source of the infection. In short I had no choice but to purge all my documents so what is the lesson

there? Never ever disable your antivirus, better kill other apps that fool around the system like sidebar search indexer but leave the antivirus alone.

In conclusion dont take for granted your computers security, currently over 1000 new viruses appear every day and if you have breach in your systems security, you may end up learning my lessons yourself!...Have a secure day Shadygraph1cs

* paths provided are drawn from windows 7