Scan and Secure Steps for Windows Computers
To clean your computer and prevent it from getting additional viruses, take the following steps in the order provided:Step 1
Disconnect your computer from the network by unplugging your network cable. This will make sure that your computer does not spread viruses to your roommates and neighbors, and will make sure that your computer is not re-infected while you are trying to clean it). You will need to download any necessary updates and software from another computer and copy them to your computer via a CD disc or USB drive.
Step 2
If you are using XP, disable system restore (This will clear our your restore points, but many virii and spyware hide within these files and therefore render them ineffective. If you are not using XP, go to step 3). Go to Settings/Control Panel, click on System, and then select the System Restore tab, and check the Turn off System Restore check box.
Step 3
In Safe Mode*, run an updated anti-virus software package. First, make sure it has ALL of the latest updates/definitions by checking the manufacturer's website and downloading the latest updates (McAfee or Norton). Write down the names of the viruses that were found. Scan again until it does not find any viruses. It is crucial to keep your anti-virus software package updated daily to prevent future infections. AVG is not effective in detecting or removing current viruses. Current recommendations for anti-virus software packages can be found here.
*NOTE - Many viruses will go undetected unless you do the scans in Safe Mode. To start your computer in Safe Mode, restart the computer and press the F8 key within 3 seconds before you normally see the standard Windows loading screen. The windows will usually be completely blank during this time, then use the arrow keys to select Safe Mode.
Step 4
Run the updated version of Ad-Aware in Safe Mode. This will remove troublesome spyware from your computer, as well as double-check for many viruses. We recommend updating and running Ad-Aware regularly. The latest version of Ad-Aware can be found here at http://www.lavasoftusa.com/support/download.
Step 5
If you are using Windows XP, re-enable system restore (If you are not using XP, go to step 6). Go to Settings, Control Panel, click on System, and then select the System Restore tab, and UN-check the Turn off System restore check box.
Step 6
Verify that you have the critical patches for your operating system by downloading and running the following updates:
Windows XP
Windows XP Service Pack 2 and all Current Critical Patches
To get a physical CD with all the latest patches you can check one out by visiting the ACS Helpdesk.
Windows 2000
Windows 2000 Service Pack 4
Update Rollup 1 for Windows 2000 SP4 (KB891861)
All Current Critical Patches
Stop by our ACS Helpdesk to check out a CD if you are unsure what critical patches have been released
It is crucial that once you are unblocked you visit the Windows Update website at http://windowsupdate.microsoft.com, and download and install any other critical updates it identifies. If you are using Windows 2000 or XP, make sure to set your computer to automatically download and install new critical updates. Even with automatic updates, it is still a good idea to visit the Windows Update site at least once a week to verify that the latest critical updates are installed on your computer.
Directions for doing auto updates can be found here.
Step 7
Make sure you have complex passwords for every available Windows account on your computer. Complex passwords contain upper AND lower case letters, numbers, and symbols (for example: "g0oDPa$$" or "N1c3Day!"). More information on complex passwords can be found here.
Step 8
Plug your computer back into the network.
Step 9
When you are finished, send an email to ResNet by replying to your initial AUP notice (If you have already deleted this email, just send a new email to resnet@ucsd.edu). In the email, let ResNet know that you followed all of the steps listed above, and what the results of each step was, including the names of the viruses that were found. Leave your computer turned on and plugged into the network so we can request that your computer be scanned (to verify that it is clean) and unblocked. Make sure you are no using any firewalls, as this will prevent the security scan. Following these steps is crucial for maintaining both the functionality and security of the network. If you have any questions about how to follow any of these steps, please contact ResNet.
