I figured i'd write up another little help guide, since we get people asking this stuff all the time. I just had to disinfect 3 XP machines, so all this info is fresh in my mind, as well as information on the latest wonderful viruses designed to screw us all over. Here is my antivirus howto First step: Isolation Disconnect from any and all networks. isolate the machine. That means you connect NOTHING to it, not even flash drives or USB drives. If you want to get an antivirus on there, burn a CD. modern viruses write to flash drives and hard drives, and auto execute upon connecting to other machines. Second step: Manually trim the startup. use MSCONFIG to stop anything starting with windows you dont recognise - some viruses and malware start with windows via here, so its a good starting place. Secondly, use Hijack this. Its more complex, but also a great way to stop things starting with windows, that shouldnt be. It also shows objects that sneakily attach themselves to windows explorer and/or internet explorer. Disinfection Optional step: One possible way to disinfect systems is to remove the hard drive and connect it to your system (do NOT boot from it, use it as an external/USB drive) and scan from there. Its faster and can disinfect system (Windows) files easier, but puts your system at risk. I suggest doing this AFTER the other steps, when there is less risk to your own machine. Its also possible to do this, copy all important files off the drive (scan them afterward!) and format the infected hard drive. 1. Save yourself some time, and clean all temporary files from your web browsers and windows. empty all caches. Ccleaner is a great help there. Lots of viruses hide there, so you might as well delete them all instead of wasting time disinfecting them. 2. Disable system restore. While you may think this is contradictory to a safe system, viruses LOVE hiding in system restore files. You restore your system, think all is well and those keyloggers and trojans just keep on working... 3. Try and use an offline antivirus, or get offline database updates. Kaspersky has a bootable recovery CD, and MSE has downloadable updates you could apply via a burned CD. 4. Use a real antivirus. If it was free, its likely not that good. Not being told you have a virus is not the same as not having a virus. On that topic, MBAM (malwarebytes anti malware) is poor. I find it recommended all the time here on the forums so i tried it first - and while it found 8 viruses on the first machine, it missed 26 others that kaspersky and microsoft security essentials (MSE) both discovered. While it may seem contradictory, never trust just one product for your AV needs - over time, they may become worse or others may become better. when a machine is really in trouble, try more than one. I used MSE, kaspersky AV 2011, hijack this, MBAM, spybot S&D, and CCleaner on each machine. Out of those, kaspersky found the most infected files, but is also the only one to cost money. Without it i'd have been screwed, because a hidden startup file tied into explorer redownloaded some of the viruses the minute the PC had internet - MSE and MBAM didnt catch the redownloaded files, while kaspersky did (and kaspersky didnt stop the startup file because it linked to a website, NOT to a harmful virus that could be removed) Finally: prevention 1. Get an antivirus with a realtime scanner. MSE or kaspersky are my choices there. 2. Dont use high risk programs like Internet Explorer, or outlook express. Firefox and Thunderbird are two great alternatives there, but many others exist. 3. Use a web based email, not a local client. Gmail for example, scans all attachments before they get anywhere near you - so the viruses dont even get a chance to download to your PC. 4. use a program with URL based blacklists. Kaspersky offers this, blocking known bad URL's from even loading, thus preventing viruses from getting anywhere near your machine. Spyware blaster is a good freeware program that helps immunize browsers from known bad sites as well, but in a passive way - it never alerts you that your system tried to access the bad sites. 5. use vista or windows 7, and leave UAC on. Its a great way to prevent many viruses from actually doing any damage. Seriously, rootkits cant infect a system with UAC on since they cant give themselves admin privileges. 6. Avoid being played. Put simply if something is offered free on the internet, don't trust it. Google it first to find out. Free games, music, or small crap like emoticons in MSN or smilies for yahoo are great targets for viruses - the crap you downloaded might even be real, but the nasties are likely embedded inside. Play it safe.