Skip to Content

Battle against the viruses

Many computer users have had problems with computer viruses. For this reason, I decided to write this article that describes how to deal with them.

Few essential rules

  1. Always have an antivirus on your computer;
  2. Never turn off anti-virus;
  3. Keep antivirus up to date;
  4. Don't browse suspicious web pages;
  5. Don't take computer programs from people's which you know poor;
  6. Do not open any links sent via chat (eg Skype) if you are not sure then that is real person not a robot. Viruses often try to act like a real person, but most likely not be able to answer to a question. "What is this?" if you will ask about sent to you web link.

Anti-virus programs

Nowadays there are many free antivirus programs for non-commercial use. Some of them are intended for home computers, but unfortunately the companies will need to buy them. Now we will look at a number of both paid and free anti-virus. But do not forget then doesn't exist such anti-virus, which is able to protect against all viruses and not worth to sacrifice to much of computer's resources for antivirus.

  1. Microsoft Security Essentials - probably is best for today anti-virus solution, it requires genuine Windows. It provides for your PC's real-time protection, it also checks network traffic & etc. Most of free antiviruses provide just partial deffence as they have commercial versions of they while Microsoft Security Essentials has no commercial version, you pay for this when you buy Microsoft Windows.
  2. Avira AntiVir - Free for non-commercial & home use anti-virus also it has commercial version which includes more features. This antivirus advantage is that compared to many anti-virus programs, it uses less of computer resources and less slowdowns PC.
  3. Avast - Pretty not bad antivirus but free version provides just minimal protection, also it uses slightly more computer's resources than Avira.
  4. AVG - One of the oldest free anti-virus, AVG does its job, but this program significantly slow down computer performance. Also was noted that even a commercial version of AVG is unable to deal with viruses which executable file already been started. If a person is not an experienced computer user, often he fails to eradicate the virus with AVG. When AVG is unable to remove already started virus file, best is to rename/move manually that file and to restart PC, eg. c:\windows\system32\virus.exe >> c:\temp\virus.vir and important then new file extension was non-executable.
  5. Norton Antivirus - often obtained when buying a new computer with a trial period. As a result, many computer users know this antivirus. This anti-virus always starts with a number of computer services (WinNT Services), which greatly slows down the computer. Because he is one of the world's most popular anti-virus - a large part of computer viruses are designed to be able to bypass or neutralize the work of NAV. Norton Antivirus also offers a free scan of your computer from viruses.
  6. Kaspersky antivirus - commercial version only. This antivirus provides reliable protection. But it also able to slowdown PC, it detects when computer are in idle and starts preventive disk scans and not always terminates it when the user starts to do something with the computer. But it's really effective protection.
  7. NOD32 - it's also popular anti-virus, as i never tested it i have no information about this anti-virus.
  8. Dr. Web - Last but certainly not bad antivirus, Dr.Web maybe a little slow, but it's quite reliable and one of the oldest anti-virus programs. Also, in addition to the commercial version of Dr.Web anti-virus offers Live CD version, which can clean your computer from viruses when windows is not started or unable to start.

Dr.Web Live CD

If your Windows or Linux system has been rendered non-bootable by malware, restore it for FREE with Dr.Web LiveCD! Dr.Web LiveCD will clean your computer of infected and suspicious files, help you copy important information to a removable data storage device or another computer, and then attempt to cure infected objects.

System scanning progams

In addition to anti-virus programs also exist other protective measures, which require a greater or lesser level of expertise in information technology.

  1. Malwarebytes - is malware scanner which scans for viruses, worms, trojans and other evil. This software does not perform automatic protection, but allows you to scan your computer for a variety of problems associated with malicious software, including system registers. Very good and recommended tool, it deals with issues other than the anti-viruses.
  2. HijackThis - opens you a possibility to find and fix nasty entries on your computer easier. Therefore it will scan special parts in the registry and on your harddisk and compare them with the default settings. If there is some abnormality detected on your computer HijackThis will save them into a logfile. In order to find out what entries are nasty and what are installed by the user, you need some background information.

Online virus scanners

If you've found a suspicious file in which your antivirus doesn't detects a virus you can scan it with online virus scanner. One of the most popular online scanners is www.virustotal.com. This scanner scans files with up to 40 different anti-virus software.

System monitoring tools

There are also software for all computer activity monitoring. These measures are designed for experienced computer users. These measures make possible to trace a suspicious computer activity, even when the antivirus does not recognize the virus. It may help to identify a variety of malicious programs or malicious computer activity. A good software package offers Sys Internals, these tools are often used by programmers.
  1. TCPVIEW - is a Windows program that will show you detailed listings of all TCP and UDP endpoints on your system, including the local and remote addresses and state of TCP connections. On Windows Server 2008, Vista, and XP, TCPView also reports the name of the process that owns the endpoint. TCPView provides a more informative and conveniently presented subset of the Netstat program that ships with Windows. The TCPView download includes Tcpvcon, a command-line version with the same functionality.
  2. Process Monitor - Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more. Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit.

Windows Vista or higher operating systems

Windows Vista or higher operating systems have aditional protective measures against malware and viruses. 

  1. Windows Defender - increases natural Windows system immunity against malware and viruses. To keep Windows Defender working effective require to keep Windows up to date.
  2. User Account Control (UAC) - is a feature in Windows that can help prevent unauthorized changes to your computer. UAC does this by asking you for permission or an administrator? password before performing actions that could potentially affect your computer's operation or that change settings that affect other users. When you see a UAC message, read it carefully, and then make sure the name of the action or program that's about to start is one that you intended to start. By verifying these actions before they start, UAC can help prevent malicious software (malware) and spyware from installing or making changes to your computer without permission. 

Other tools

www.lythum.lt also provides one tool which can help to analyze what happens inside MS Windows system. It's Alpha Task Manager .NET this tool helps to analyze internal Windows structures up to hidden ones, manage all these windows & etc.