First, if you think your system may already have been compromised, start by running Trend Micro’s Free online virus scan (this is a good idea even if you have an AV program and fear it may have been compromised). If the online scanner finds anything and can remove it, great. If it finds something it can’t remove, make a note of whatever virus-trojan-worm is identified and do a search for a removal tool – the best place to start for finding and downloading one of these is probably the Symantec Removal Tools Page.
Once you’ve ascertained that your system is clean, follow these steps to keep it that way:
1. Install a firewall and have it set to (a) operate in real time and start when your system boots, and (b) autoupdate its signatures. My personal choice used to be Norton Personal Firewall but there are also a couple of good free ones, ZoneAlarm being the one usually rated as best and my current choice (or Sygate). Once the firewall is installed, go through any list of “safe” programs it may have created on setup and delete or disable any entires you know nothing about. If they are legitimate programs, you’ll later get popup warnings from the firewall informing you that “program-name.exe” is trying to connect to the internet and asking you if you want to allow that to happen, so if it’s genuine all you have to do is say “yes – it’s safe”.
2. Install a real-time antivirus scanner – do an initial total system scan and then and have it set to autoscan any files that are created, all files from your diskette and CD-ROM drives as they are copied or installed, and all incoming email (if you’ve done everything else right, you really don’t need to scan outgoing email but you can usually to be extra safe). Again, through trial and error I was for a long time a fan of Norton AntiVirus (I find McAfee gave me two many false alerts) but there are also some good free ones still available, the three most highly recommended being AVG (my current choice), AVAST, and NOD32. Do a full system scan at least once a month as a safety net.
3. Install and run Microsoft AntiSpyware. Then download and install Ad-Aware and Spybot Search & Destroy – disable real-time scanning for these so they don’t clash with MS AntiSpyware and run them monthly. Another option is SpywareBlaster.
4. Install Mike Lin’s freeware Startup Control Panel 2.8 to easily see what programs are starting up automatically when you boot. Disable any you’re not sure you want (if they absolutely must run, you’ll find out soon enough and the utility allows you to easily re-enable it). While you’re at Mike Lin’s website, also download and install Startup Monitor: this little program sits in the background of your system and warns you when any program tries to install something to load automatically at system boot, with the option of allowing or disallowing that function.
5. Install HiJackThis! (zip file). Be cautious deleting things detected by this utility unless you know what they are – HiJackThis! detects both harmful and useful/needed add-ons.
6. Get GiPO’s freeware MoveOnBoot utility to move/delete any files locked by Windows at the time.
7. Dowload and install ShellExView.
8. Don’t install any freeware or shareware or indeed any software at all without reading the fine print to check that they are not installing other things along with whatever it is you actually wanted to try – my personal choice is not to install ANYTHING no matter how good it claims to be if it says it’s going to install other stuff along with it and doesn’t give me the choice of NOT installing those extras. Once you’ve installed the new software, run at least one of Ad-Aware and Spybot S&D to double check that it didn’t install something by stealth. Also, after installation, check if anything has been added to autostart using Startup Control Panel above.
anti-virus, firewall, anti-spyware, anti-malware, computer security, AVG, Avast, NOD32, ZoneAlarm, Microsoft AntiSpyware, AdAware, Spybot S&D, Mike Lin, Startup CPL, Startup Monitor, ShellExView