This is a little guide to help people keep their computer clean, or if it gets messed up, to help them clean it.
Why keep a computer clean? It prevents crashes, popups, spying, sluggishness, and generally allows you to make your computer work the way you want.
This page is kind of long, so I'll put right here a list of the names of what I recommend, in the order of how I would use them, to do a full cleaning of viruses and spyware:
- Safe Mode
- Disable System Restore
- Aim Fix
- Spybot Search & Destroy
- AVG Anti-Spyware
- Symantec Antivirus
- Windows Defender
- Dr.WEB CureIt!
- Active Ports
- RootKit Unhooker
- Microsoft Update
Windows Security Center
Note that I have a bunch more stuff bellow, like more programs, safe computer practices, how to control legitamate programs, and other ways to speed up your system.
Most of what I put here I picked up from my own playing around, and from working at the IT Help Center on the UMO campus.
DISCLAIMER: These recommendations are in no way the official recommendations of the University of Maine IT department, implicit or implied.
This is mainly written for people using Windows XP on campus, but should work well for others too.
All the links in here were checked on 01/28/2007. If some don't work, either tell me or use Google to find what you need. The document was last updated on 03/29/2007.
Before you start cleaning, disable System Restore. While this is a nice feature for when your computer breaks so bad that Windows can't start because of a setting change or an application being installed, it makes a nice hiding place for spyware and viruses. Disabling System Restore removes this hiding place. You can re-enable it when you're done cleaning if you wish. And, before you start, note that you should do as much cleaning as you can in Safe Mode. It's a way of starting Windows with as little starting as possible. This means viruses will have a tough time starting too. To get to safe mode, restart your computer, and while it's starting, before it gets to the Windows logo, press F8 once every second or so, until you get a menu. Select Safe Mode. Not everything can be done in Safe Mode, but what can, should. Like, install everything, update them all, then boot into safe mode to do the scans.
OK, first off, you should have an antivirus on your system. If you're not sure if you have one, go to Start > (settings) > Control Panel > Security Center. What you have is listed in there. UMaine has signed a contract with Symantec that allows the university to freely distribute to all university students, staff, and faculty a full version of Symantec Antivirus Corporate Edition. You can get your copy on CD at the IT Help Center in the basement of Shibles Hall, or here: (http://www2.umaine.edu/software/antivirus.html). If you don't like Symantec or don't qualify to get it from the university, you can get avast! 4 Home edition for free here:(http://www.avast.com/eng/download-avast-home.html), or AVG Anti-Virus: (http://free.grisoft.com/doc/5390/lng/us/tpl/v5#avg-anti-virus-free). A good one-time scanner (doesn't run all the time to catch something as soon as it starts) is Dr.WEB CureIt!: (http://www.freedrweb.com/cureit/). And new tool: Windows Live OneCare Safety Scanner: http://onecare.live.com/site/en-us/default.htm.
You should also have a firewall. Windows XP comes with its own firewall that works pretty well. You can find it in the Control Panel, under Windows Firewall. It's basic but it's solid. For an alternative there's ZoneAlarm, for free here: (http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp?dc=12bms&ctry=US&lang=en&lid=staticcomp_za), just click "Download FREE ZoneAlarm".
Now, you should also have anti-spyware scanners on your computer. I have noticed that 4 free programs together form a very powerful protection: Spybot - Search & Destroy: (http://www.safer-networking.org/en/mirrors/index.html), Ad-Aware: (http://www.lavasoftusa.com/products/ad-aware_se_personal.php), Windows Defender: (http://www.microsoft.com/athome/security/spyware/software/default.mspx), and AVG Anti-Spyware: (http://free.grisoft.com/doc/5390/lng/us/tpl/v5#avg-anti-spyware-free). There is also another program, not really an anti-spyware, CCleaner, which removes excess and unneeded temporary files and registry entries from your system, generally speeding things up: (http://www.ccleaner.com/).
Don't forget to frequently update and run your antivirus and antispyware programs. Make sure to update immediately before each scan, even if you have automatic updates turned on. Every 1 to 2 weeks is good.
If you think you might have gotten a virus over AIM, try AIM Fix at (http://www.jayloden.com/aimfix.htm).
Two more anti-malware programs I like are AVG Anti-Spyware (http://free.grisoft.com/doc/5390/lng/us/tpl/v5#avg-anti-spyware-free), and Dr.Web CureIt! (http://download.drweb.com/drweb+cureit/).
Keep your operating system updated. With Windows, this is very important since it is a popular operating system (malware writers write their software for Windows), and Windows is usually released with lots of holes. If you can, use Microsoft Update, since it tries to also update other Microsoft products, like Microsoft Office. I usually use the Custom button over and over again until no more updates are found: http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en.
Windows Security Center is good to keep running propperly, since it will tell you if Windows Update, your firewall, or your antivirus fails. To make sure it's working, go to Start > Control Panel, click Classic View on the left, and open the Security Center icon. If it says on the top that the security center service might be stopped, go to your Control Panel, open up Administrative Tools > Services. Scroll to the Secuirty Center item, double click, make the Startup Type Automatic, Apply, and then Start the service. Close and re-open the Security Center. Do this, even if Security Center is running OK: Click change the way security center alerts me on the left, and select all the boxes in the window that pops up. And finally, I've noticed that Spybot Search & Destroy likes to make sure Security Center is running OK, and can fix it a little. With Windows Security Center running OK, make sure all 3 bars are... green I believe, or blue. Not yellow or red. Just make sure it's happy.
Another thing to keep updated is Java. If you want to force an update of Java, go to Start > Control Panel, select "Switch to Classic View" in the top left, double click Java, and go to the Update tab of the window that pops up. If you have no Java icon or update tab, you can download the latest Java Software from http://www.java.com/
I recommend using Firefox as an internet browser, instead of Internet Explorer. The interface is a little nicer, and it's quite the bit more secure: http://www.mozilla.com/firefox/. Also, you may want to think about installing the Adblock Plus extension for Firefox, it's good at blocking ads in web pages :) : https://addons.mozilla.org/extensions/moreinfo.php?id=10&application=firefox
You might want to try defragmenting your hard drive. A highly fragmented hard drive, in which files are split up and spread all over your hard drive, can slow your system significantly. To defrag, go to Start > All Programs > Accessories > System Tools > Disk Defragmentor. Selct your hard drive and hit Analyze. If Windows says your hard drive needs to be defragmented, do so. If Windows says you do not need to defragment, then don't bother. A lowly fragmented hard drive does not affect your system.
You should have an idea of what programs are starting up with your computer. If you have a lot starting, that is very taxing on your system, even if everything that's starting are OK programs. Look through the icons in the system tray, just to the left of the clock in the lower right corner of the screen. If there's anything there that you don't absolutely want, find a way to stop it from starting up. Try double clicking the icon or right clicking to get into that icon's program. A more invasive, forceful, and complete way to change your startups is to go to Start>Run, type msconfig, and hit enter. In this window, go to the Startup tab. You can uncheck anything you want here, everything that's checked starts up with windows. But, you might uncheck your anti-virus or AIM or something. So, try looking up the names in Google. It took me a long time and many Google searches to get a feel for what this list in this window means. Also, you can go to the Services tab, check Hide All Microsoft Services at the bottom, and uncheck anything in the list, same as the Startup tab.
Also, you can see what programs report that they're installed on your computer by going to Start>Control Pannel>Add/Remove Programs. Get familiar with this list, and remove anything that a Google search says is bad.
Safe computer practices: one of the most important and difficult to describe recommendations. OK, here we go. Do not click on any links sent to you over AIM unless you first confirm that the sender really did send it. If you use a P2P file sharing program, be wary of what you download and open; pay special attention to the file extensions (to make file extensions visible, open up My Computer on you desktop or in your Start menu, go to Tools > Folder Options > View, and uncheck the "Hide extensions for known file types" option.) When browsing the internet, try to stay in pages you trust. Keep an eye on the Adress/URL bar in your browser, to make sure you're at the site you think you're at. And, when downloading files, make sure the site it's coming from is the site you think it should be. Be careful of any files you download; make sure you know what you're doing. Also, don't open strange e-mails, especially in an on-computer client like Microsoft Outlook.
Oh yea, make sure all your Windows user accounts have passwords. To do that, go to Start > Control Panel > User Accounts.
Well, that's all I can think of right now. Hopefully if I come up with more stuff later I'll update this. Also, you can contact me with comments and questions.
Here are 2 things I've heard are OK but haven't tried myself: Panda Software Activescan: http://www.pandasoftware.com/activescan/activescan/ascan_2.asp, and Trend Micro Housecall: http://www.trendmicro.com/hc_intro/default.asp.
And here are some links to some more advanced programs I like. But, to use these well, you will need to be a generally advanced computer user, be good on Google, be good on forums, and know what you're looking for. HijackThis: (http://www.spywareinfo.com/~merijn/programs.php). RootKit Unhooker: (http://www.antirootkit.com/software/RootKit-Unhooker.htm). Active Ports: (http://www.protect-me.com/freeware.html).