Controlling Computer Viruses in Windows

Posted in Viruses by Thad Kerosky on August 21, 2009

Red bugs devouring a Baobao fruit

Viruses are a huge problem in Tanzania and most of Africa. Computers in Africa have many more viruses compared to the rest of the world. Parts of the problem may be that here virusi software siyo halisi and isn’t updated reliably because of the slow internet here.

In my experience, most Virus scanner companies are late to recognise viruses that come from East African countries so even if you have updates you are not always protected. Remember, the people that treat computer viruses and add them to the database are generally working in St. Petersburg, New York, or Israel; not Nairobi, Dar or Capetown.

Still, the first best way to deal with viruses is to keep your software up to date. No matter which software you use, it must be updated as often as you are bringing new viruses to the computer. This can be every week or every month. It depends on your computer. There are many virus scanners at FileHippo–some are Trial Versions but in order to get updates, you usually have to go into the software.

If you know where to find them, you can download offline files for the updates to use from your USB Flash Drives. Some versions of McAfee have programs to update with a file that you can download here (sdat). Some other company’s update files (Norton, Avast) can be found listed near the bottom of this page.

When I get stuck with those tool in Normal mode, the best way I have found to deal with viruses in Tanzania is to use Safe Mode (F8 while starting Windows), my normal Virus Scanner and the Sysinternals Suite from Microsoft. The main two programs I use from the Suite are autoruns.exe and procexp.exe. The package of tools is updated about once every two months to see more secret virus hiding places in Windows.  Remember: your normal virus scanner will always work best from Safe Mode. If it does not work in normal mode (“failed to remove”), then you should try in Safe Mode.

Here are some rough instructions:

• Turn on computer.
• right away, press F8 repeatedly in the first screen to get the option of Safe Mode
• Choose Safe Mode with Networking
• Safe Mode is a special mode where the programs that normally come when you start the computer do not come.
• If Safe mode gives a blue screen or restarts immediately then you have a very kali virus and you need to try to clean it from normal mode. You probably won’t be able to fix Safe Mode without reinstalling Windows.
• Press Yes to enter safe mode when it asks.
• Update your virus scanner from file that you downloaded if you could not update before. You can probably not install a new virus scanner in safe mode.
• Start the virus scanner from the start menu (On-Demand scan for C: drive)
• Start a scan.
• If you cannot find anything, Copy Autoruns.exe to the computer, newer version will work best to find new viruses hiding places (optional)
• On the virus scanner, when it has finished make sure all the viruses confirm “Deleted” status as action taken.

• If that has not worked, Unzip and open Autoruns.exe, wait for it to load.
• After it loads enable both Options->Verify Code Signatures and Options->Hide Microsoft & Windows Entries.
• Press refresh.

• Look through the list of items that will start. You can temporarily disable things that look suspicious with the checkbox or right click and delete permanently. Be a little bit careful about mouse and keyboard items.
• Reboot.

Next topic in viruses: How to make all hidden files from Viruses on Flash Drives appear.

2 comments