Protecting your Computer: Part 3 – AntiVirus

January 11, 2006

by Philip Dunn [ Part 1 ] [ Part 2 ]
Almost everybody is aware of the need for Antivirus software, so this article will concentrate on installation issues and virus removal.

The first program to install on any new computer is antivirus software. There are many programs, but the best is still Norton Antivirus. The new version comes in several flavors, but one of the most useful is Norton Internet Edition. This complete package comes with an integrated firewall – a must.

Installing Norton on computers with fresh installations of Windows XP is easy. The problems arise when trying to install over old versions of Norton Antivirus – especially those whose virus list update subscriptions have expired.

Antivirus programs work by checking files against “signatures” of known viruses. These signatures can be particular behaviors, files sizes or a combination. Since new viruses appear everyday, good virus programs update their virus signature files automatically. Failure to update leaves your computer vulnerable.

Software makers like to get paid for the work they do, so Symantec - maker of Norton Antivirus – sells subscriptions to its antivirus updating service. Purchasing the package new usually gives you 3 months to 1 year of free updates – after that, you must pay. The problem is most people don’t, despite the annoying nag messages.

Not wanting to be unprotected, they run down to the nearest computer store and buy the latest version thinking they will get another free year. Not so – even after uninstalling Norton, the new installation detects the expired subscription and refuses to update or even run properly. Now what?

Here’s the trick. Symantec has an unadvertised tool to remove the old subscription information that allows you to reinstall its software and get another year of free updates. Note: this only works with 2005 and below versions. New versions, like Windows XP, require registration over the Internet.

The SymNRT software can be found at this link.

Once you know this trick, updating your software is simple. Just run the uninstallation tool and install the new version. Or, if you are unscrupulous, you can reinstall your old version and keep getting free updates – the main reason why this tool is not advertised.

Automatic updating is great, but can cause problems if it fails during the update process. Also, there are times when you are not connected to the internet and still would like to manually update you virus signature list.

No problem. Go to this link.

and manually download the file. It’s too big for a floppy disk – about 7MB – so use a memory stick or CD to get it to your computer. Simply double click the file and it updates your Norton Antivirus.

Most people start think about antivirus software when it’s too late. Their machine is already infected. They usually end up formatting their hard drive and losing all their data.

The majority of the time, you can eliminate viruses without having to reinstall everything. Unfortunately, virus elimination often requires the skills of a professional. Finding one is not always easy. Be careful with people who are well-meaning and “good with computers”. Remember: you data is at risk – get a pro.

Even if you don’t take these steps yourself, you should ask that they try them – many techs will just format your hard drive. While this is sure, you lose all you settings and files and need to reinstall all your software.

Step 1: Make reasonably sure your machine is infected. Detecting infections not always easy, but usually possible. Press Ctrl+Alt+Del and click the task manager. Click the Performance tab. If the CPU Usage is at or around 100% and you are not using any programs, you have a virus. If you can’t activate the task manager – a frequent virus symptom - you are infected. If you’re antivirus software won’t scan your hard drive, this is another dead giveaway, but also can be caused by expired antivirus update subscriptions. Not being able to read or install programs from your floppy, CD or DVD drives is another frequent symptom. If you have none of these symptoms you may have a software or hardware problem. Note that some infections cause no easily detectable symptoms.

You may be able to determine the name of the virus by located the process in the Task Manger – it normally the process using all the CPU time. Type the name of the process in to Google and see what comes up. It may identify the virus for you. Once you have the name, Symantec offers free virus removal tools here. If this does not work or you can’t determine the virus name, go to step 2.

Step 2: Find a friend or local computer tech that has an uninfected computer with a good updated antivirus program. Physically remove your hard drive and connect it to the uninfected machine as a slave drive. If you or your friends don’t know how to do this, go to a pro.

When you start the computer, it will not be able to load the virus since it is located on the slave drive not the master. Your friend’s computer can then scan the slave drive – yours – and eliminate the virus. The whole process may take several hours and works almost 100% of the time.

There are some really nasty viruses that will slowly delete all the files on your hard drive, infect the computer itself – the CMOS chip - and even do physical damage. One of these invariably requires drive formatting and sometimes even erasing the CMOS chip on the infected machine. These viruses are rare, however.

Make sure you keep your antivirus software up to date – update at least once a week or set your software to update automatically.

Distrust Microsoft’s automatic Windows XP update function. This has been used by hackers to infect computers. Experts recommend turning it off and downloading patches as part of a service pack. If you have good firewall and antivirus programs, these patches should not be necessary.

Windows Recovery feature has also been implicated as a haven for viruses since many antivirus programs are unable to scan the areas on the hard drive where the recovery information is stored. This can be disabled as well in the Control Panel.

Don’t install pirated or “cracked” software or “warez”. Do not let well-meaning friends install “cool” programs on your computer and stay away from porn sites. Always scan any file downloaded off the Internet.

Remember, your behavior is the best frontline defense against viruses.

Copyright 2006 PhysOrg.com