by Joe
on
November, 9 2012 10:34A
Another great program I use to prevent PC viruses is Microsoft Security Essentials. It's free from Microsoft and works really well as a real-time antivirus program, which means it's always running checking for viruses when the computer is turned on (as opposed to an on-demand scanner, like ComboFix, which only runs and removes viruses when you specifically start it yourself). This tutorial will guide you on how to download, install and use the Microsoft Security Essentials software to scan your PC for infections. You can also use Microsoft Security Essentials as an on-demand scanner too if you think something got by. As always, no single antivirus program will catch or be able to remove 100% of today's viruses and spyware, but having a real-time antivirus scanner like this one is a great defense.
Page Outline
Demonstration video on how to download, install and run Microsoft Security Essentials
To start off with, I have a 10 minute video as a reference to everything I'm about to cover in the post below. So have a look at the video, and you'll see that downloading, installing and using Microsoft Security Essentials is pretty easy. (I'm sorry about the audio quality. I was having problems with my microphone.)
Download Microsoft Security Essentials for Free
There's only 1 version of this program available, and it's completely free. You can use this version for real-time protection and running ad-hoc scans manually.
Free Version: You can download Microsoft Security Essentials for free from Microsoft's website.
Installing Microsoft Security Essentials onto your computer
When clicking the link above for the free version, you're going to download and run an installer file, which will open up a short wizard that actually guides you into installing the Security Essentials program. If you're using Internet Explorer, then it usually already knows what your operating system is and just provides you with a "Download" button. If you're using another browser, like Google's Chrome, then you may see a drop-down box to select what your operating system is. Right now, Security Essentials runs on Windows XP, Vista and 7 (32 & 64-bit). Once you've downloaded the installer file, you need to run it to start the installation, so you need to browse to where you saved the file and typically you can just double-click on it to execute it and that'll start the installation process. (Alternatively, you may have been prompted to "Run" or "Save" when downloading it. If you selected the "Run" option (like I do in the video), then the installer process will begin automatically after it's been downloaded to a temporary location.)
The installation is really easy and consists of 8 simple steps. Just let the installation wizard guide you through it (accepting all the default options) and basically just keep clicking "Next" until it reaches the end. Here are the steps for the current installation program at this time:
- Welcome to the Microsoft Security Essentials Installation Wizard. This is just a welcome page that tells you a little about the software, just click on the Next > button to continue.
- Microsoft Security Essentials License Terms. Just about every installation program has this, and it's a good idea to read through the agreement first. Click the I accept button to continue.
- Join the Customer Experience Improvement Program. This screen gives you the option to participate in the Customer Experience Improvement Program. Basically what it means is that Security Essentials will send small amounts of information to Microsoft on how the program is being used. Joining it is up to you and could be a good idea to help make the product better. In the video I choose not to join, and although I mentioned anonymity (which it is anonymous anyway, so you don't have to worry about that), I really just don't like programs using the internet in the background without prompting me first. Regardless, you must select one of these options to continue, the Next > button will be disabled until you do. Click the Next > button to continue.
- Optimize security. This screen suggests that if you don't currently have a firewall program in use, then you allow Security Essentials to turn on the built-in Windows firewall. (This is a firewall that came pre-built with your copy of Windows, not Security Essentials). Since having a firewall is extremely important, I highly recommend that you keep this checkbox checked to have the program make sure you have a firewall running. Click the Next > button to continue.
- Preparing to install Microsoft Security Essentials. There's absolutely nothing you have to do with this screen. It's just making sure that your computer is in a state that's ready to have Security Essentials installed. I've never seen this screen do anything but automatically jump to the next screen to have you actually start the install.
- Ready to install Microsoft Security Essentials. This screen tells you that if you have another antivirus program installed, then you should un-install it before continuing. That's true, because having multiple "real-time" antivirus programs running at the same time can cause conflicts with each other and hinder performance of the PC. However, I just wish they put this screen up front somewhere because if you do need to un-install a previous antivirus program, then chances are that you'll also need to reboot and then restart the Security Essentials installation. If you don't have any other "real-time" antivirus programs on the computer, then Click the Install > button to start the actual installation of Security Essentials.
- Installing Microsoft Security Essentials. This is another screen that you don't have to do anything with. All it does is actually install the program. Once the installation is done, the wizard will automatically jump to the next screen.
- Completing the Microsoft Security Essentials Installation Wizard. This screen tells you that Microsoft Security Essentials has been successfully installed. (I've never seen it come up with a failure message.) There's a checkbox on this screen to "Scan my computer for potential threats after getting the latest updates." If you leave this checked then it'll perform a "Quick Scan" after it downloads the latest definition file, which it'll do in just a moment. Since it's only a quick scan, I usually just leave it checked, but it's entirely up to you. (At this point you might notice a message pop-up in the notification area of the task bar. It's telling you that Security Essentials is out of date and needs to be updated. It's going to automatically do that in just a moment.) Click the Finish button to continue.
At this point the security program is installed and will automatically open up and then download the latest virus definition files and run that quick scan we said it could run.
Using Microsoft Security Essentials to scan for infections on your PC
After the installation finishes, the installer window will close and the Microsoft Security Essentials interface will open. It will also add an icon to the system tray (near the clock on your task bar) and in your "Program Files" folder. The icon in the system tray looks like a house with a flag on top. If all is OK with your system, then the icon will be green with a white checkmark in it, if not, it'll be red. To start the program you can either double-click this icon in the system tray or find the program by clicking on the "Start" button on the task bar. (No icon is automatically put on the desktop; the easiest way to open the program is to double-click the icon in the system tray.)
Updating
When Security Essentials opens up for the first time after installing it, it'll automatically check for updates and then run an initial "quick scan" (if you told it to). At any time afterwards, you can always click on the Update tab at the top and then click the Update button to have it check for updates. The updates will automatically be downloaded and installed. When it's done updating the message on this tab will read, Virus and spyware definitions: Up to date. By default it will always get the latest virus and spyware definitions before running a scheduled scan. The definitions can also get downloaded by running Windows Update.
First Time Quick Scan
If you elected to have it do so, Security Essentials will automatically start running a "Quick Scan" after installation and after it downloaded and installed the latest definition file.
Running a Scan
At this point you have the Microsoft Security Essentials downloaded, installed & updated. To scan your computer for any malicious files and infections, click on the Home tab at the top and on the right you will see options where you can choose to manually run a quick scan, full scan, or scan specific files or folders. You can also schedule when future scans should automatically run. When you're running a scan, the option to take care of infected files will occur only at the end after the whole scan has completed, however, if it does recognize anything malicious during a scan, it'll display a message at the bottom of the window reading, "Preliminary scan results show that malicious or potentially unwanted software might exist on your system. You can review detected items when the scan has completed." So just wait for it to finish scanning and then you can take care of them.
- Quick scan
A quick scan will usually take anywhere between 10-20 minutes depending on the speed of your computer and the number of items to go through. If you don't really suspect you have a virus but would like to run a scan for good measure, then a quick scan is a good option. A quick scan will only check the most common areas of the computer for problems. The areas I notice it checks are the following folders: Windows\, Windows\System32, Windows\SysWOS64, Windows\Internet Explorer, Windows\Fonts, \Program Files, \Program Files (x86), \ProgramData, \AppData, ... as well as registry entries, the currently running processes, Scheduled Tasks, Desktop items, Quick Launch items, I'm sure temporary internet files are in this list too, etc...
- Full scan
A full scan will scan every single item on your computer (everything a quick scan does and more). To scan your whole computer for any malicious files and infections, just click on the Home tab then select the Full radio button on the right, then click the Scan now button below it. If you know you have a virus and you're sole purpose of running Security Essentials is to get rid of it, then definitely run the full scan.
- Custom scan
You can also run a scan on specific folders by clicking on the Home tab on the left then select the Custom radio button on the right, then click the Scan now button just below it. When you click the button this will open up another window asking you what folders you want it to scan. It won't let you select specific files within folders, just the whole folder itself. (To scan a specific file only, you can use Windows Explorer (or My Computer) to locate the file, then right-click on it (you can also select multiple files within the same directory before right-clicking on one) and then select then "Scan with Microsoft Security Essentials...") option. Put a checkmark next to the folder(s) you want to scan for viruses and then click the OK button.
- Scheduled scan
You can also schedule a scan to run at a specific time. You can click on the Change my scan schedule link at the bottom of the Home tab, or go directly to the Settings tab and click the "Scheduled scan" option on the left (they both bring you to the same screen). There's already a scheduled scan setup by default, but it's set to run on Sunday's at 2:00 am. If you set the scan to start at a time when the computer is turned off, then it won't be able to scan the computer and that scan will be missed. My experience has been that it doesn't run missed scans the next time you turn your computer on, so you may want to change the schedule to a day and time when you know your PC will be turned on. There are not many options here; you can only set it to scan daily, or on a specific day of the week. By default it's setup to run a quick scan, but you can change it to run a full scan too. For me personally, I'm OK with scheduling just the Quick scan unless I feel there's a problem, and then I'll manually run a full scan. It's also a very good idea to leave the checkbox checked that reads "Check for the latest virus and spyware definitions before running a scheduled scan". You always want it to be up-to-date so it knows the latest threats to check for.
Now that you've got the scan going, just sit back and let it do its job now. It'll show you its progress as it goes along displaying how many objects it scanned, if any threats have been found so far, and what it's currently scanning. It also displays a progress bar so you have an idea of how far into the scan it is and how much is left.
Post Scan Clean-up
When the scan completes you'll immediately know if it found anything or not because the usually green banner at the top will turn red and the picture of the monitor will turn red. It will tell you how many items it scanned, and how many potential threats it found. The easiest way to get rid of any threats it found is to just click Clean PC at this point. That will automatically take care of anything it found. If you're curious to see what it found, and to apply specific actions on what to take for individual items it found, then you can click on the Show details link just below the "Clean PC" button.
If you click to "Show details", then a window will pop up listing the items it found with a "Recommended action" next to each one. You have the option to change how it'll handle the "problem" by removing, quarantining, or ignoring the item. If you select a particular item you can also click on the Show details >> button to see more details about the potential threat it found, like what the actual threat is, and where on your computer it found it. Once you've seen everything it's found (and changed any action if you so desired) then you can just click on the Apply actions button to have it actually remove, ignore, or quarantine them. This may take a few moments and may or may not require a reboot when it's done depending on what it found, but it will prompt you for that. If it prompts you to restart, then go ahead and do that (you shouldn't have any other programs or files open right now, save all your work and close all programs). After the computer reboots then you should be all done and virus free!
If it didn't find anything, congratulations, you're system is clean and you're done... you can click the "X" button at the top right to close the interface. (Remember, Microsoft Security Essentials is a real-time scanner, so you're not actually closing the program, it's still running and you can see it's icon at the bottom of your computer screen near the clock.)
by Joe
on
December, 13 2011 5:52A
Another tool I'll often use to remove malware from PCs is ComboFix. It's an excellent program that works great for removing malicious software from your computer like viruses, trojans, rootkits & spyware. This tutorial will guide you on how to download, install and use the ComboFix program to scan your PC for infections. Of course no single anti-virus program will catch or be able to remove 100% of the viruses being found today, but between this and Malwarebytes' Anti-Malware, you've got a great chance at getting your computer running smoothly again.
Page Outline
Demonstration video on how to download, install and run ComboFix
To get right into it, I have a 6½ minute video that goes over everything I'm about to cover in the post below. There's really no version number displayed, but the file version I downloaded was 11.12.13.2, so if yours look a little different when you run the program, then you may be running a newer version than what I made the demo with and they may have changed some things around.
Download ComboFix for Free
There's only 1 version of this program available, and it's completely free (for non-commercial use only according to the disclaimer).
Free Version: To download the free version you should get it directly from BleepingComputer.com. They're the official place to download ComboFix from.
Installing ComboFix onto your computer
Once you've downloaded the file you need to run it to start the installation, so you need to browse to where you saved the file and typically you can just double-click on it to execute it and that'll start the installation process. (Alternatively, you may have been prompted to "Run" or "Save" when downloading it. If you selected the "Run" option, then the installation process will begin automatically after it's downloaded.)
The installation is really easy. Once you agree to the disclaimer, then it starts extracting all the files to the hard drive. That's it. After it finishes extracting them, it automatically starts up.
Using ComboFix to scan for infections on your PC
After the program has been installed on your computer, the installation will automatically start the program for you.
Create a new System Restore point
Before ComboFix makes any attempts at removing anything from your computer, the first thing it does is create a system restore point. This way, if there are any issues afterwards, you can always restore your computer to the state it was in before ComboFix made any changes. System Restore is supposed to back up the registry, important Windows files, and other miscellaneous files I'm not sure of. It doesn't touch your documents though.
Install Microsoft Windows Recovery Console
The next step in the process is to install the Microsoft Windows Recovery Console. If you already have it installed, then you most likely won't see the prompt for it, unless there's an updated version of it. If you don't, then ComboFix will prompt you to install it and even do it for you automatically. The recovery console is important because after you run Combofix, if the computer is not able to boot back up into Windows, then you can boot into the Recovery Console and get to a command prompt to make further repairs.
Without the recovery console installed, ComboFix will not do as thorough a job or be as aggressive as it typically would, so installing the recovery console is highly recommended. You simply have to click Yes to the End User License Agreement (EULA) and ComboFix will install it automatically for you.
Scanning for Infected Files
At this point you have ComboFix downloaded, installed & running. It's gone through creating a system restore point and installed the Windows Recovery Console. Now it's going to scan your computer for any malicious files and infections. It goes through about 50+ stages and can take up to 10 minutes, or sometimes longer for badly infected machines. It'll list them as it finishes them... "Completed Stage_1", "Completed Stage_2", ... "Completed Stage_50", etc... Some stages go really quick, and others will take longer, so if it appears to have stopped after completing a stage, just give it some time and it should resume with the completion messages once it gets through that stage.
Sometimes you'll see messages in between the stage completion notices that tell you something it did, like if it deleted some files. In the video it deleted the Cache folder and showed us that right after stage 50.
Log Report
After it's done scanning it'll prepare a log report with the details of its findings. It can sometimes take quite a while to prepare the report. There were many times I was wondering if the program just got hung up and then the log file popped up. So be a little patient with this part too. The log report will open up automatically in Notepad. It gets saved to the computer also at C:\ComboFix.txt. The log report details what it did (like deleting the Cache folder as it did in the video), and also gives a lot more information that a technician can look at to see if any further action is necessary or recommended. So at this point the computer should be virus free. If you want to run a supplemental scan, I suggest running Malwarebytes' Anti-Malware to see if there are any additional malicious items that it can clean up.
by Joe
on
March, 8 2011 2:48A
One of the tools I use quite often to remove viruses from PCs is the Malwarebytes' Anti-Malware program. It's an excellent program that works great for removing malicious software from your computer like viruses, worms, trojans, rootkits, dialers & spyware. This tutorial will guide you on how to download, install and use the Malwarebytes' Anti-Malware program to scan your PC for infections. Of course no single anti-virus program will catch or be able to remove 100% of the viruses being found today, but this is usually number 1 in my arsenal.
Page Outline
Demonstration video on how to download, install and run Malwarebytes' Anti-Malware
To get right into it, I have a 7½ minute video that goes over everything I'm about to cover in the post below. The version I'm using for the demonstration video is 1.50.1100, so if yours look a little different then you may be running a newer version than what I made the demo with and they may have changed some things around.
Download Malwarebytes' Anti-Malware for Free
There are 2 versions of this program available, a free version and a paid version. You can use the free version for running scans manually and removing viruses after you've already been infected. However, the paid version unlocks additional features such as real-time protection, scheduled scanning & scheduled updating, helping you stay more proactive at protecting yourself to prevent infections.
Paid Version: You can purchase Malwarebytes' Anti-Malware at the Malwarebytes' store: Download Malwarebytes® Protect, Detect & Remove Malware From Your PC
Free Version: To download the free version you have a couple options.
Installing Malwarebytes' Anti-Malware onto your computer
Once you've downloaded the file you need to run it to start the installation, so you need to browse to where you saved the file and typically you can just double-click on it to execute it and that'll start the installation process. (Alternatively, you may have been prompted to "Run" or "Save" when downloading it. If you selected the "Run" option, then the installation process will begin automatically after it's downloaded to a temporary location.)
The installation is really easy and consists of 10 steps. Don't get overwhelmed, you very simply need to let the installation wizard guide you through it (accepting all the default options) and basically just keep clicking "Next" until it reaches the end. Here are the steps for the current installation program at this time:
- Select Setup Language. Select your language and then click on the OK button.
- Welcome Screen. This is just an introductory page. Click the Next > button to continue.
- License Agreement. It's a good idea to read through the agreement first and then you want to select the option that reads "I accept the agreement". Click the Next > button to continue. (The "Next >" button won't be available to click on until you accept the agreement.)
- Informational Screen. This screen just shows you what has been updated in this latest release. Click the Next > button to continue.
- Select Destination Location. This screen tells you where it will install the program on your computer. You have the option to change it, but it's a good idea to just leave it alone and let it install in the default location. Click the Next > button to continue.
- Select Start Menu Folder. Here you can decide if you want to create a start menu folder (or not) and what to call it. Again, it's a good idea to just leave this at its default value and let it create the folder. Click the Next > button to continue.
- Select Additional Tasks. On this screen you can decide if you want the installation program to put an icon on your desktop and/or the Quick Launch bar. I usually leave this at the default setting too, where the option to put it on the desktop is already selected and not the Quick Launch bar. Click the Next > button to continue.
- Ready to Install. This is just a summary screen outlining all the options that were selected for you to review before actually installing it. If you want to change anything, then click the "< Back" button to get to the appropriate screen and make your changes. At this point you should be all set though. Click on the Install button to continue.
- Installing. There's nothing to do here, just wait for the installation to finish installing the program.
- Completing the Malwarebytes' Anti-Malware Setup Wizard. This is the final screen of the installation. It will now prompt you to "Update" the program and then "Launch" it. I usually leave both of these options selected so the virus definitions database gets updated right away and then the program starts up so you can use it. Click the Finishbutton to continue.
- Updating Malwarebytes' Anti-Malware. If you kept the "Update" option checked, then after you click the "Finish" button you'll see a window pop-up where it will check for any updates and automatically download and install them for you. When it's done it will tell you the database was successfully updated. Click the OK button to continue.
Using Malwarebytes' Anti-Malware to scan for infections on your PC
After the program has been installed on your computer, the installation will either start the program for you initially, or if you didn't select that option during installation (see step 10 above), then you can start Malwarebytes' Anti-Malware by double-clicking on the icon it placed on your desktop.
Update first, (I highly recommend you do this)
Before doing a scan it's always a good idea to check for updates first to make sure you have the latest program updates and virus definition files. To do that, just click on the Update tab and then click on the Check for Updates button. A window will pop-up where it'll connect to its server and see if there are any updates available, and if so it'll download and install them. (Sometimes an update will require the program to close and re-open. It'll prompt you if it needs to do that and simply click Yes if it does and it'll do it for you. When it opens back up, check for updates again to make sure there aren't any more.) When you're up-to-date another window will pop up telling you "You have the latest database version." Click the OK button to continue.
Running a Scan
At this point you have Malwarebytes' Anti-Malware downloaded, installed & updated. Now you want to scan your computer for any malicious files and infections. First of all, make sure you don't have any other programs or files open unless this is just a routine scan. Click on the Scanner tab to see your scanning options. You can select to either "Perform quick scan", "Perform full scan" or "Perform flash scan". (The flash scan is not available in the free version, so if you have the free version you can only run a quick or full scan.) If I'm pretty sure I don't have a virus but just feel like double-checking, I'll usually use the quick scan. Occasionally I'll use the full scan just to be sure. However, if you know you have a virus and you're sole purpose of running Malwarebytes' Anti-Malware is to get rid of it, then definitely run the full scan.
After you've selected the quick or full scan, click on the Scan button. Just sit back and let it do its job now. It'll show you its progress as it goes along displaying how many items it scanned, how many were infected, and how long it has been running for. Unfortunately it doesn't have a progress bar where it can estimate for you how much time is left, but after you run the scan a couple times you'll have an idea of how long a full scan takes on your computer.
Post Scan Clean-up
When the scan completes a message box will come up telling you it's completed. Click the OK button to continue. If it found something, the button at the bottom right will read "Show Results"; otherwise it'll read "Main Menu". If it didn't find anything, congratulations, you're system is clean and you're done... you can click the Exit button to quit the program. If it did find something, click on the Show Results button to continue. It'll display a list of the infected items it found and they should be checked by default. (If you don't want to remove a file, make sure it's not checked.) Click the Remove Selected button to start the removal process. After it's done removing the infected items it'll display a log. You can take a look at the log if you want to see what it did, when you're done, close the log file (you can find this log again under the "Logs" tab). At this point it may need to restart the computer to complete the removal process. If it prompts you to do that, then click the Yes button (you shouldn't have any other programs or files open right now). After the computer reboots then you should be all done and virus free!