Summary: Computer viruses are a fact of modern connected life. Anti-virus software is required, and both it and the database it uses should be kept up-to-date.
Computer viruses are a fact of modern, internet-connected life. At best, they're annoying performance sucking beasts, but at worst ... kiss all your data good bye.
We all need to take steps to make sure that our computers are safe, or we risk infection. Complacency is not an option.
And yet, even after all the news, and all the warnings, and after all this time ...
complacency remains all too common.
•
There are four important steps:
1. Install and Run an Anti-Virus Program
There are many out there.
Personally, I run Computer Associate's eTrust AntiVirus. It was the corporate standard solution where I used to work, and has served me exceedingly well for several years now. I have it scheduled to update signatures and scan every night.
I've also heard good things about Panda Antivirus, AVG Anti Virus, and Kaspersky Anti-Virus. Symantec maintains one of the best reference sites for virus related security issues.
Free and On-Line Virus Scanners: I've learned that not all virus scanners catch all viruses. I recommend having a selection of free virus scanners to run as a "second tier". AVG has a free product. Trend Micro's Housecall, and Panda's Active Scan are on-line scanners that download as an ActiveX control in your browser. Most downloadable virus scanning solutions often include free trial periods that can also come in handy as one-time second-level scans.
Download and install the package of your choice. Now. Before you forget.
2. Update the Anti-Virus Database
Your first step should be to update the virus signature database that came with the installation. New viruses are being created every day, and the databases that the anti-virus programs use are being updated as well. You need to get the latest database for your program right away.
Most of the programs have update functions that will locate, download and install the latest databases automatically. Make sure that this is enabled.
3. Run Regular Scans
Most of the anti-virus programs work automatically. Once installed they are configured to scan all incoming and outgoing files, and often hook into your email in some way to double check that your received email is clean as well.
Unless you know what you're doing, make sure that this "real time" scanning is enabled.
I also recommend periodically running scans of your hard disk(s). Certainly when you first install the software you should run a full scan. Then, depending on how heavily used your machine is, you should run a scan periodically as well.
Some programs will allow you to schedule such a scan to happen automatically. In my case, for example, since my computers are on 24 hours a day, I schedule full virus scans nightly, while I'm asleep.
4. Keep Windows Up-To-Date
Visit Windows Update regularly, or simply enable the automatic update feature in Windows XP.
All software has bugs. Some of those bugs are used to create the exploits that virus writers take advantage of to create viruses that can infect your system. As these bugs are found, Microsoft fixes the affected components in the operating system, and makes those fixes available for download and install using Windows Update.
The "problem", is that even once the bugs are discovered and publicized, and even when the fix is available, virus writers get busy writing viruses that still exploit them. Why? Because they know not everyone stays up-to-date. (As an example, one of my most popular articles here on Ask Leo! is being read by thousands of people each month who are still being affected by a virus using an exploit that was patched close to two years ago.)
Keep Windows up-to-date. Let someone else have the "fun" of being infected with the latest viruses. Visit Windows Update weekly, or enable automatic update.
Additional Notes
Sadly, there is no "best" anti-virus program. Each may miss some something that the other's catch. That's one of the reasons I list several. The best advice is to use one, any one, and have the others "on call" for those cases when spyware sneaks past the one you use regularly.
If you do install more than one package, you should not enable the "real time" scanning for more than one at the same time - they will conflict with each other, and will cause unpredictable results.
Related:
Ask Leo! - How do I recover from a bad virus infection?
Ask Leo! - I run Anti-Virus software, why do I still sometimes get infected?
Ask Leo! - When do I actually need to run a virus scan?
Ask Leo! - What's the best Pop-Up Blocker? Anti-Virus Software? Anti-Spyware Software?
Ask Leo! - Spyware: How do I remove and avoid spyware?
Article C2339 - April 24, 2005
I have: about:blank...how to get rid of this?
Posted by: Pattie at June 7, 2007 7:26 AMThere are 6 svchost.exe running on my system.My system gets very slow.Three are in small case like "svchost.exe" and three like "SVCHOST.EXE".Is this virus.How to get rid of these .Please help.Thanks
Posted by: Seema at July 9, 2007 10:20 PMI have been reading through your website and have already learned so much. I am writing because I have a process "svc.host.exe" runing in my task manager, can you PLEASE walk me through removing the cause for this > Thank You, Robert
Posted by: rober at May 23, 2008 9:33 PM-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
If you mean svchost.exe, that's an expected and important
windows process. More here:
http://ask-leo.com/what_is_svchost_and_why_is_there_more_than_one_copy_running.html
If you mean svc.host.exe (with an extra dot), then I'm not
sure. All I can recommend is that you run up-to-date
anti-virus and anti-spyware scans.
Leo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
iD8DBQFIOZe6CMEe9B/8oqERAiavAJ95WTwixIzteH7BgS7xUT+0oG3n+gCfX3GI
Posted by: Leo at May 25, 2008 9:46 AM6D2vewCPgtRZZgBmdklSOZY=
=FJo9
-----END PGP SIGNATURE-----
Please help me
In my computer there is a big problem
in my task manager there are 3 programs running called csrss.exe lsass.exe smss.exe i dont know these are unknown programs my OS is XP Service pack 2
i think they are using my computer and when i use my computer it hangs after sometime(at least 10 minutes i can use) after system formatting they also remain here they cannot be removed by my any work i cannot remove them
can u have a simple complex any solution to remove these file
i also want to know that is these above programs are come with XP cd sp2
i usually take files from pen drive from cyber net
i collect net files by pen drive
i think they are really viruses
plese sent me some solution to remove them
Posted by: Yangyadatta at July 10, 2008 3:05 AM-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
csrss.exe lsass.exe smss.exe are all part of Windows. Do
*not* remove them.
Leo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
iD8DBQFIdjizCMEe9B/8oqERAk+mAJ4oU15bOfsumf5JPa61VxzOrEUglgCfXwki
Posted by: Leo at July 10, 2008 9:28 AMrehdsWQISE6yd+hbUw5jl/E=
=wEXC
-----END PGP SIGNATURE-----
Hey Leo,
Posted by: Ian Flikkema at October 15, 2008 8:49 PMMy computer recently wouldnt let me access the task manager, so I started following the steps on your page http://ask-leo.com/why_is_my_task_manager_disabled_and_how_do_i_fix_it.html
Then discovered the run button is gone. Then it wouldn't let me go into regedit. Any suggestions. Already downloaded activescan 2.0
i think my coptr is infected;
Posted by: dhruv at February 9, 2009 2:05 AMi hv 3 partitions c , d ,e
from i can not open e & d until i explore them
and whenever i open a folder in these drives
there is an additional folder in it with same name i can delete them niether i can shredd them.
i have avg antivirus but it can not detect any virus. tell me what to do, my task manager is disabled aslo & it has also deleted my intel graphics accelerator & i can not download it back either. i desperately need ur help.
I've tried going to the referenced anti-virus programs and they're blocked. I tried pinging them and each site times out. When I first noticed this problem I tried running my already installed AVG and the program was blocked and I couldn't run any updates or scans. I tried going to their website and it was also blocked.
I cannot access my task manager, my desktop background changed to a message saying I have a dangerous spyware... it all started on livejournal. Also, internet explorer no longer works. I've been using Safari. When I tried to google or yahoo things on internet explorer, all the results were in big letters and when you clicked on them, several ads would pop up.
I know some of my registry has been infected. I'm not sure where to go from here. Help?
Posted by: tiffa at February 26, 2009 5:16 PMwell thank you for such a good article.
Posted by: www.pshycic.de.tl at April 18, 2009 7:27 PM