|
|
| (13 intermediate revisions by 5 users not shown) |
| Line 1: |
Line 1: |
| − | =Virus, Spyware, Malware or Trojan removal instructions=
| + | #REDIRECT [[Virus and Malware Removal]] |
| − | | |
| − | ==Running a scan in "Safe Mode"==
| |
| − | | |
| − | ===Abbreviated===
| |
| − | | |
| − | # Verify that your virus definitions for [[Symantec Endpoint Protection]] are current (less than 7 days old). | |
| − | # Disable [[System Restore]].
| |
| − | # Reboot in [[Safe Mode]].
| |
| − | # Launch the [[Symantec Endpoint Protection]] application and run a full scan.
| |
| − | # Delete any quarantined files.
| |
| − | # Reboot in normal mode.
| |
| − | # Turn [[System Restore]] back on.
| |
| − | # Run [[Windows Update]] and apply all the critical updates.
| |
| − | # Set your machine to automatically get updates from [[Microsoft]].
| |
| − | # Reboot your machine.
| |
| − | | |
| − | ===Detailed===
| |
| − | 1. Verify that your virus definitions for [[Symantec Endpoint Protection]] are current (less than 7 days old).
| |
| − | | |
| − | [[Image:Currentdefs.jpg|500px]]
| |
| − | | |
| − | *Launch the [[Symantec Endpoint Protection]] Application and verify the virus definitions are less than 7 days old.
| |
| − | | |
| − | 2. Disable [[System Restore]].
| |
| − | *Click Start Menu - Control Panels - System. On the [[System Restore]] tab - check the Turn Off System Restore box. Click Apply.
| |
| − | | |
| − | 3.Reboot in [[Safe Mode]].
| |
| − | * Turn off the computer.
| |
| − | * Restart the computer. The computer begins processing a set of instructions known as the Basic Input/Output System ([[BIOS]]). What is displayed depends on the [[BIOS]] manufacturer. Some computers display a progress bar that refers to the word [[BIOS]], while others may not display any indication that this process is happening.
| |
| − | * As soon as the [[BIOS]] has finished loading, begin tapping the F8 key on your keyboard. Continue to do so until the Windows Advanced Options menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
| |
| − | * Using the arrow keys on the keyboard, scroll to and select the Safe mode menu item, and then press Enter.
| |
| − | | |
| − | 4. Launch the [[Symantec Endpoint Protection]] application and run a full scan.
| |
| − | [[Image:scan.gif|500px]]
| |
| − | * Launch the [[Symantec Endpoint Protection]] application. Click on Scan for threats, then click Run Full Scan.
| |
| − | | |
| − | 5. Delete any quarantined files.
| |
| − | * Launch the [[Symantec Endpoint Protection]] application. Click View Quarantine, select all the files in [[quarantine]], click delete.
| |
| − | [[Image:quarantine.gif|500px]]
| |
| − | * In the delete window click delete.
| |
| − | | |
| − | 6. Reboot in [[normal mode]].
| |
| − | | |
| − | 7. Turn [[System Restore]] back on.
| |
| − | * Click Start Menu - Control Panels - System. On the [[System Restore]] tab - un-check the Turn Off [[System Restore]] box. Click Apply.
| |
| − | | |
| − | 8. Run [[Windows Update]] and apply all the critical updates.
| |
| − | * Launch [[Internet Explorer]] and visit http:///www.windowsupdate.com.<BR>
| |
| − | * A security warning page may appear.<BR>
| |
| − | ڰڱ:岹ٱܰٲ.Բ]
| |
| − | * Click Yes and follow the prompts. You will then see the Windows Update pages:
| |
| − | [[Image:Expressinst.gif|500px]]<BR>
| |
| − | * Select the Express Install option.
| |
| − | * The [[Windows Update]] server will scan your machine for missing updates. After the scan you will see a screen listing the total updates need.<BR>
| |
| − | | |
| − | * Click the Install Button.
| |
| − | * After Express Install has finished (this may take some time, depending on the number of updates), you will be promopted to reboot.<BR>
| |
| − | | |
| − | * Click Restart Now. Your machine is now updated with current patches.
| |
| − | 9. Set your machine to automatically get updates from [[Microsoft]].
| |
| − | * From the Start Menu select Control Panels - [[Automatic Updates]]. Make sure Automatic is selected and pick a time and day for the updates to be installed.<BR>
| |
| − | [[Image:autoupdate.gif]]
| |
| − | | |
| − | 10. Reboot your machine.
| |
| − | | |
| − | ==Running a scan using the Symantec Recovery Tool CD==
| |
| − | | |
| − | The Symantec Recovery Tool CD is a boot CD you can borrow from Technology Services that will boot off of the CD and run a scan. This is a useful tool when you computer is so infected that it will no longer boot into Windows. This tool will scan your computer and attempt to remove any infected files.
| |
| − | | |
| − | '''Note''' It is important to note that this tool remove any infected files including critical Operating System files. If this is a the case a complete re-install of the operating system is the best and possibly only option.
| |
| − | | |
| − | ===Steps to run a scan===
| |
| − | | |
| − | #Make sure your computer is connected to the internet so the virus definitions will update properly.
| |
| − | #Place the Symantec Recovery Tool CD in your CD drive.
| |
| − | #When turning on your computer press the '''F10''' key to get the options to boot from a CD. Depending on your computer model you may have to select another key to boot from a CD. Please refer to your computers documentation for more information.
| |
| − | #When the CD completes booting, select '''"Continue loading Endpoint Recovery Tool."'''
| |
| − | #Select the appropriate language.
| |
| − | #Click '''I agree'''
| |
| − | #Wait for the virus definitions to update and make sure the date in the lower right is current.
| |
| − | #Click Scan.
| |
| − | #When the scan is complete, boot into Windows normally and run a scan in Symantec Endpoint Protection to make sure the viruses have been removed.
| |
| − | | |
| − | ==Additional Virus Removal Tools==
| |
| − | | |
| − | *SUPREantispyware http://www.superantispyware.com/
| |
| − | *Malwarebytes http://www.malwarebytes.org/
| |
| − | *CCleaner http://www.ccleaner.com/
| |
| − | *HijackThis http://free.antivirus.com/hijackthis/
| |
| − | *Combofix http://www.combofix.org/
| |
| − | | |
| − | ==I would like someone to show me how==
| |
| − | | |
| − | Stop by Olin with your computer. Be sure to set aside enough time in your schedule to stay with your computer while it runs a full scan (30 to 120 minutes). It is also a good idea to bring the power cord if you have a laptop so the battery doesn't die in the middle of trouble-shooting.
| |
| − | | |
| − | {{Tech help}}
| |
| − | | |
| − | [[Category:Tutorials]]
| |