Professional Documents
Culture Documents
I hate virus....
ABOUT ME: Hi, I'm Shahdan from Malaysia. I'm a first year student of 'Bachelor in
Information Technology' at Cosmopoint International University College. Because of
I cannot afford to pay for commercial software, I choose to use FREE software for
my computer. FREE, here can be a FREEWARE, Free for personal use or FREE &
Open source software. Do give me a feedback if you find the information is useful
or it's just a bad idea to write this ebook.
Email me: rudinshah@gmail.com
Introduction
This free ebook is for Non-Technical user of Windows XP(or other windows version where
the tools can be use). The purpose of this ebook is just to share with you(the reader) an
information of a FREE application/software that can be use to clean your system from virus.
The author hope this ebook will be helpful if you somehow face a doom situation. This
ebook cannot be use as your guideline rather than just to give you ideas to solve the problem
by yourself. Please consult your computer security advisor if you don't want to do this by
yourself. Sorry for my (not good) English...
http://www.portablefreeware.com/
http://www.portableapps.com/
http://www.sourceforge.net/
Some Intro
I had experience this with a viruses Eg; SVVCHSOT.exe, Trojen Horse, .vbs, etc
- the virus start automatically on windows startup. It copy itself at windows folder.
- It start with the shell command(something like that),
- It will copy to your pendrive(maybe any removable storage), hide itself in a 'layer' that we
cannot see even when we enable the ' Show hidden file' command.
- It will alter the 'Autorun.inf' file of your pendrive/removable storage
- It will disabled the 'Task Manager' and 'Folder Option' command
- It will disabled the registry editing capability(we cannot edit the registry)
If somehow your system infected and your antivirus cannot detect/delete the virus, here is
some tools that may help you eliminate it.
The Tools
I use this tools to delete the virus manually after I format my PC. The antivirus are installed
but because the virus database are not updated, it cannot detect the virus.
1. First of all, disconnect your Internet connection and make backup of your important
documents(file/folder)
3. ProcessExplorerNT (http://www.sysinternals.com/)
- To check current windows process and kill any suspicious process if Task Manager is
disabled(by virus)
- No installation needed
- 'He' is one of Windows© family now
4. RegSeeker (http://www.hoverdesk.net/freeware.htm)
- To check the registry/startup entry of viruses, disabled it if required to do so
- Startup entries
- No installation needed
5. ExplorerXP (http://www.explorerxp.com/)
- To View all hidden file and folder that might being used by virus
* Used to view any hidden file/folder that cannot be viewed even after the ' Show hidden file'
command enabled
- Folders that can be view: Recycler, FOUND.000..., MSOCache, Folder Settings, _Restore,
System Volume Information, ........
- Need to install, but you can copy the installation folder to your pendrive to make it portable
6. FreshUI (http://www.freshdevices.com/)
- Windows tweaking tools
- To enable the Folder Option in Tools menu in Windows Explorer if disabled by virus
- Windows Interface - Explorer Interface Settings - Explorer Menu Options - Show 'Folder
Option' commands - yes
- To enable the Task Manager if disabled by virus
- Windows System - Other - Ctrl-Alt-Del Option - Allow user to run Task Manager - yes
- To enable Regedit application(open/edit)
- Applications - Regedit - Disable Regedit - Enable Regedit Application
- Require free registration after 11 days of use
7. Regedit (C:\WINDOWS)
- check any possible key(virus) in registry and delete/edit the key
- Edit - Find... (type a virus name plus extension - e.g.:SVVCHSOT.exe)
- Not recommended for unexperienced user(modify it at your own risk)
- A small mistake can lead to disaster...
9. Autorun.inf
- Simply a text file(Setup Information file) that sometime we have in our portable storage or
in autorun CD. It's OK to delete it
- To rewrite the autorun file that being changed by virus, you have to make your own
Autorun.inf file
- open Notepad, type [Autorun] and save it as Autorun.inf
- Copy and paste the file in your portable storage - Overwrite existing file
- The step may not like follow the above, it's depend on the situation
Some virus/Trojan may infect your pendrive and duplicate itself in every folder you have in
your pendrive, (e.g. \document) there will be a file called 'document.exe' in the folder. It will
use a yellow folder icon. But if you have a file that have the same name as it folder, there is
maybe no virus in the folder except in 'Folder Settings' folder if any.
If somehow, the virus corrupt your windows system, you can use Knoppix Live CD to
backup all your important documents.
Here are some of the FREE security software that can be use to protect your computer from
virus and it family.
Antivirus
Avast! Home (http://www.avast.com/)
- Free antivirus
- Require free registration (for home version) in 60 days after installation for one year of
personal license. Can be renewed after that without cost.
I install both the Avast! Home and AVG to protect my system from virus. It works great
without conflict. From my experience, this two free antivirus should be installed together (if
you are using any of this FREE antivirus) because there are some virus Avast cannot detect
but AVG detect it and vice versa.. The update process takes less time.
The standalone Dr.Web CureIt! antivirus is a great tool if you want to scan your system
without installing it, but don't expect it to detect all viruses(if any).
Firewall
COMODO Firewall Pro (http://www.personalfirewall.comodo.com/)
- A FREE firewall
- COMODO has many FREE security software; Antivirus, Firewall, Anti-Malware, etc.
* If you are using Mozilla Firefox internet browser or any other browser, it is a good to
install a security plugin..
For an emergency purpose, I do have a folder in my pendrive that include all the
tolls/software above.. Most of the tools can be run directly from removable storage except the
FreshUI, Avast! Home and AVG Free antivirus, COMODO Firewall, and of course the
Regedit.exe....