I'm a Systems Engineer for PayPal. I also work for a computer consulting firm. I'm often asked to handle virus, spyware and security problems for businesses. Here is some good generic advice to clean your PC, and make sure you don't get infections in the future. Everything I will recommend here is completely free. When you're done with this guide, your computer will be more secure, and should be faster as well.
If you ever think you have an infection, do the following:
1 - Download Process Explorer from here:
That will show you every process running on your computer. You can Google up the process names to find out what they are, and kill the ones you don't want running. This might kill the virus so you can clean it properly. The normal Task Manager might tell you that you don't have permission to kill a process, and some viruses stop you from loading the task manager. But you can always load Process Explorer. The worst thing you can do killing processes is crash Windows, forcing you to reboot.
2 - Download and install a HOSTS file.
This will block tons of domains. Your computer simply can't talk to them. The domains on this list are known to spread viruses or serve up ads. Even by itself, a HOSTS file will block a whole bunch of ads. Depending on which version of Windows you're running, the installation differs bit, but it is very simple.
3 - Download Spybot Search and Destroy from here:
When you run the installer, the last step will ask you if you want to install IE protection and TeaTimer real-time protection. The IE protection shouldn't matter, because you should never use IE. TeaTimer is nice, but I recommend skipping it, and using something else for real-time protection.
Load up Spybot, and then check for updates. Then run a spyware scan. Remove all infections. You may need to reboot when it is done, and allow it to do another automatic scan to finish removing infections. When it is finished removing infections, then run the immunize feature.
Malwarebytes is often recommended by others. It is a good product. I prefer Spybot because of the Immunize feature, which does a better job of protecting you in the future. If you want to check out Malwarebytes however, you can download it here:
4 - Run a Virus Scan
If you have a legit copy of Windows (not pirated), the best product for you to run is Microsoft Security Essentials. It is a very fast, accurate virus scan and real-time protection program that uses hardly any memory. Many other anti-virus programs really eat resources and slow your computer.
If you have a pirated copy of Windows, or an older version (Windows 2000) then there is AVG Free, and Clam Win. Of the two, Clam Win uses less resources.
If you have an existing anti-virus product like McAfee or Norton, I recommend just removing it. You have to pay for updates, they slow your computer considerably, and these are the products targeted the most often. They really aren't that great.
Pick one anti-virus to install. I like to scan with a second one from time to time, but only have one installed at any given time.
Install which ever anti-virus you choose, update and scan.
If you did find infections in the previous two steps, or you just want to be thorough, every once in a while, you should do a scan with a second anti-virus engine. Each engine is different and detects things others don't.
TrendMicro's HouseCall is a free, online-virus scan. It isn't an app that runs in the background all the time. You just load up Firefox, go to this site, and run the online scan.
5 - Remove unneeded background services
Your computer *should* be free of viruses and spyware at this point. But it might not be much faster, because you still have a bunch of junk running in the background. Let's go ahead and make your computer faster, and more secure while we're at it.
Some services, like Remote Registry, are legit, but allow people remotely to change your registry (Windows settings). If you have a home computer, there is zero reason to run this service. It is just a security issue waiting to be exploited. Here is a guide to help you check Windows services. If nothing else, disabling unnecessary services cuts down on "attack surface" and makes your computer run faster. The following site has guides for XP, Vista and 7 to show you how to adjust Windows services.
Here are some services I recommend setting to "Manual" for most users:
- Distributed Link Tracking Client
- Help and Support (help still works when this is set to manual)
- IPSEC Services
- Server (unless you have shared folders on a home network, then leave it)
These you can usually set to "Disable"
- Error Reporting Service (This just sends reports to Microsoft.)
- Indexing Service (Slows your hard drive down big time!)
- Remote Registry (not in XP Home, only Pro)
- Security Center (This doesn't make you secure, it only nags you to install anti-virus, which we're doing. Don't bother running the service just to check and harass you)
- System Restore Service (Windows System Restore doesn't work well and just slows your computer down. You're better off backing up data to DVDs, thumb drives, external hard drives, whatever, and doing a repair install of Windows if something gets screwed up)
- TCP/IP NetBIOS Helper Service (unless you have a home network with shares)
- Wireless Zero Configuration (If you have a laptop with wireless, leave it. For desktops with no wireless, disable it!)
6 - Disable apps running in the background
In addition to Windows services, you probably have a bunch of third-party apps that load when your computer does. This slows down the time to boot your computer, eats memory, and slows it down.
Apps start from two places, the "Startup" folder in your Start Menu, and your registry. The "Startup" folder is very easy to check. The registry is a little tricker, but not too bad.
To see all the things in your registry that startup when your computer boots, the simplest way is to go Start, Run, and then type "msconfig" without the quotes and hit enter. Now go to the Startup tab. Uncheck anything you don't want to start. If you're not sure what something is, Google up the name.
Sometimes you can't see the full path of these files in the Msconfig tool. You can edit the registry directly if you want. Microsoft has a guide for that here:
At this point, reboot if you haven't already. If you used Msconfig, you'll get a message on the next boot telling you how you used msconfig, which you obviously know. You can then say not to show that message again.
7 - Last tips to make sure you never get infections in the future
The biggest tip is to never use Internet Explorer (IE) unless you absolutely have to.
Mozilla Firefox, Google Chrome, Opera, or Safari are recommended, basically in that order. Mozilla Firefox has an optional ad-blocking extension that helps a great deal. Chrome is fairly secure by itself, but its ad-blocking extension isn't as good.
Install Adblock Plus in Firefox from this link:
To help protect against future infections, update Spybot regularly (you have to manually update it), re-immunize, and do some scans from time to time. Your anti-virus (Microsoft Security Essentials, AVG, or whatever) should update automatically on its own.
I'll add some more tips later, but I'm out the door. BTW, feel free to repost this whereever you want. I don't even need credit. I just want to help make the web a safer place for people. If you do repost, obviously leave out the part about being a PayPal Systems Engineer if you don't work for PayPal.