In this time of world it's quit impossible to using computer without fighting with virus & worms. Especially if you use windows pc. It's not because windows is not enough secured but it's most popular & almost every cyber criminals are targeting windows. Even if you use a Linux distribution or a Mac OSX you are no more secured! As i writing this post i just heard to days ago Apple is advising their Mac OSX users to use a antivirus software. Well Their is plenty of antivirus software suite to take them down. And they are doing not a bad job either. But they can do well against a known virus. So a brand new virus are still a good threat to the users which are creating every day. Though their is heuristic mode on every well known ( or not so well known ) antivirus. But they are effective for only 5% to 30% as PCWorld magazine. So you are still under a very good threat especially if you use internet on your pc or you are in a network.
Why i am talking too much
After informing you the present situation i just like assure you that i don't believe that it's impossible to stop virus to gain access on your pc without your permission. But you have to aware enough in your every move. I just wanna tell you have threat but not in a danger.
I use Windows XP so this post is also for Windows XP. But i hope other windows users will also get some help.
What they want & how they access
In present time most virus & multiple worms wants to control you pc. They want your secured information. Especially your bank & financial information. They can access to your pc through internet or with a removable media such as flash drive & memory card. Visiting a worm affected website or downloading a unknown file especially torrents files are dangerous. Also if your system's autorun feature is enabled for removable media it's a real danger for you. Because removable media is very popular & it may used in multiple pc.
How to stop them
I told you before that your attention & awareness can stop them to access to you pc. Just read the following tips, mind it & use those on your day to day life.
Tips #1:
Your Window must be upto date all times as possible. Microsoft already released SP3 for Windows XP & SP1 for Windows Vista. Of course you must have those. You you have no internet access from your PC download it from your friends PC or cyber cafe.
Automated Windows update is a good very choice for hassle free update. If you like to update manually no problem. But it regularly.
Tips #2:
I must use a antivirus software. And of course it's database should be upto date.
There is some sites to provide free scanning with multiple antivirus. Upload a file to check a suspicious file. It's a wise move as not every virus or worm is not detected by any single security software.
There is also a few free antivirus suite. But as PCWorld magazine those are not as effective as a paid one. They said those are not bad either. So choice is yours.
Some antivirus software like Norton & Kasprskey has self defense control. It make impossible to stop a antivirus while running. It's a very good option because some intelligent worm & virus try stop antivirus software.
Never try to install more than one antivirus. They can fight each other. Well you can't install a second antivirus. Because the second one will not permit you.
Tips #3:
Windows has built in firewall for one way. Disable it. It's useless. You can use a Zone Alarm firewall it's the best. Download it from ... ... well the address may be http://zonealarm.com. Or why not search on google. Your antivirus software should have a firewall. You amy disable it or use it.
Somebody who use a router may think they have hardware based firewall. They don't need a software firewall any more. Bad idea! Install a software firewall is very very recommended.
By the way to disable windows one way useless firewall. Open Security Center from task bar. If it's not their go to Control panel. It will be their. You can also do it from <emp>Control Panel > Administrative Tolls > Services </emp>.
Tips #4:
Stop autorun for removable drive ( such as flash drive, memory card etc ). Download tweakUI from microsoft or from download.com. Using this tweaking software you can stop autorun for removable drive & also their is a option for DVD & CD drive. After doing this you may have to restart you PC.
When use a removable drive don't enter directly on that drive using Windows Explorer. Right click on your flash drive or memory card. If you see a autorun feature it declare there is a very good threat for virus. If you double click on that drive to access on that drive the autorun will be activated. That simple mean the virus or worm will be in your PC just in a second of time. Some smart virus also tweak 'Open' & 'explore' feature. That mean don't ever access to a flash drive or memory card directly. By the way in your Blue Ray drive, DVD or CD drive may have also that autorun. It is because that movie disk want to run automatically. This is may not a threat but if the disk is self burn especially on other peoples PC it should be a threat.
So the question is how to access them. First scan that Flash drive, disk drive & memory card by a good antivirus. If you have a dedicated anti spyware use that also. If there is any old worm or, virus it should be caught. Though if it doesn't caught any thing i can't say you are secured. Use run command to access that drive. It will not activate autorun. So go to <emp>Start Menu > Run</emp>. Type the drive later with a ":" . If your drive is 'F' type 'F:' then enter. Another option is Enter you My computer then click on address bar find your desired drive later.
After if entered on that drive you must have to uncheck 'Hide hidden files and folders' option from 'Folder Option'. In Windows XP Folder Option will be found in <emp>Explorer > Tools</emp>. You also find it in 'Control Panel'. But if you already infected with virus the Task manager & Folder Option may be disabled. Don't worry if it disabled you can activate it. I will tell you very soon how you can activate it.
Well in Folder Options click on 'View' tab. Then click on 'Show hidden files and folders' radio button. Also uncheck 'Hide extension for known file type' & 'Hide protected operating system files (Recommended)'. Now all files with extension will be shown in your PC. If you see any autorun.ini file in the flash drive etc. First open the file. There must be a file name & path. Find that file delete that & the autorun.ini . If there is any folder with a .exe extension it must be a virus with a folder icon.
Some times you may seen your flash drives activity LED is all time flashing even your when your flash drive is ideal. That mean a your flash dive or memory card running a program. It may be a virus may be a good program like portable application. You can not delete a program when running. You have to stop it first. Use Task Manager to do that. As i told before if you have already been infected Task Manager may be disabled. But don't worry we will enable it pretty soon.
Well after all type of checking your removable drive & clean up ( if necessary ) you have to hide the system files again. Because if you delete any system files of windows your system may be gone south.
Tips #5:
Many virus first stop Task Manager & Folder Option. Why? Because Using Task Manager you can stop there activity & with Folder Option u can see them by unchecking hide hidden & system files. So if you need to restore 'Task Manager' & 'Folder Option' its not hard. So don't worry.
CODE
Go to Run. Then type 'gpedit.msc' & enter.
Next, follow the path
<emp>User Configuration > Administrative Templates > Windows Components > Windows Explorer</emp>
Find 'Removes the Folder Options item from Tools Menu' double click on it. Then select 'disabled' radio button & click on OK. This will enable the Folder Option feature. Now we gonna enable Task Manager with the same way.
Follow the path in gpedit.msc
<emp>User Configuration > Administrative Templates > system > Ctrl+Alt+Delete</emp>
Find 'Remove Task Manager' double click on it. Select disabled radio button then click OK.
Next, follow the path
<emp>User Configuration > Administrative Templates > Windows Components > Windows Explorer</emp>
Find 'Removes the Folder Options item from Tools Menu' double click on it. Then select 'disabled' radio button & click on OK. This will enable the Folder Option feature. Now we gonna enable Task Manager with the same way.
Follow the path in gpedit.msc
<emp>User Configuration > Administrative Templates > system > Ctrl+Alt+Delete</emp>
Find 'Remove Task Manager' double click on it. Select disabled radio button then click OK.
Tips #6:
Open the Task Manager under the process tab you can see your all running process. Its very good if you remember your running process & understand those. You see the process 'svchost.exe'. You must see there is multiple process with the same 'svchost.exe' name. And the user name is <emp>"SYSTEM, LOCAL SERVICES, NETWORK SERVICES"</emp>. This is normal> But some times some virus use this name to hide but they generally they can't hide the user name. If it is a virus or worm the user name may be administrator or the user name of the PC ( generally your name ). So carefull if you see some thing like this.
To see the process activity in deep i better recommend you to use <emp>Process Explorer</emp>. It's a freeware you can download it from http://www.sysinternals.com or from http://www.download.com.
It gives you a deep view of process. Which service run under which process, description of a process, company name, Google search link etc.
Tips #7:
If your system becomes unstable, running higher process than normal, System become slower, taking longer time to boot etc thats all can cause of virus. Follow the above tips to resolve. There is no antivirus can stop them without your complete contribution. So be a warrior.
Thats all i have to say. If there is any point i missed this time i'll try to add later. I want you comments if you like this tutorial or even don't like. Enjoy your computing safely.
