Clean PDF
Clean PDF
Clean PDF
For information related to this topic refer to: Secure Computing Overview (http://www.cmu.edu/computing/security/index.html) Symantec Endpoint Protection (http://www.cmu.edu/computing/doc/software/index.html) System Restore (http://www.cmu.edu/computing/doc/security/restore/index.html) Information Security Office (http://www.cmu.edu/iso/) Last Updated: 12/9/09
-1-
clean-pdf
You should also refer to Computing Services' Security News (http://www.cmu.edu/computing/news/security/index.html) page for information about recent infections or compromises. Last Updated: 8/4/09
-2-
clean-pdf
-3-
clean-pdf
3. Through the installation process, accept the default responses. When you click Finish, make sure that the options to Update and Launch the software are checked. 4. Once Malwarebytes launches and the Malwarebytes' Anti-Malware screen appears, select the Update tab and then click the Check for Updates button. 5. Once any updates are loaded, select the Scanner tab, select the Perform quick scan radio button and then click Scan. The scan may take a few minutes. 6. When the scan is complete, it will show you all of the potentially harmful files on your computer. Click the Remove Selected button to remove them automatically. Malwarebytes' Anti-Malware creates a log file of the results. For more detailed information on Malwarebytes' Anti-Malware, visit the following web sites: Malwarebytes (http://helpdesk.malwarebytes.org/login) Note: Support requires online registration; a support forum (http://www.malwarebytes.org/forums/) is also available Help2Go (http://www.help2go.com/Tutorials/Protect_Your_PC/Malwarebytes_Antimalware_Tutorial.html) Using Malwarebytes Tutorial (http://library.dickinson.edu/Technology/Training/Tutorials/General/malware.pdf) Note: More advanced users may also want to download and run ComboFix (http://www.bleepingcomputer.com/combofix/how-to-use-combofix) .
clean-pdf
1. Scroll down through the list until you find the antivirus program (e.g., Symantec AntiVirus, McAfee, etc.) select it and then click Remove or Uninstall. 2. Next, verify that the removal worked by following the appropriate steps below: Windows 7: o start Control Panel o under System and Security, select Review your computer's status o if the name of an antivirus software program appears, (e.g., Symantec AntiVirus, McAfee, etc.) the removal DID NOT work completely; there may be a fragment of the program left. Make note of the antivirus software name. Windows Vista: o start Control Panel o double-click the Security icon o double-click the Security Center icon o click Malware Protection o if the name of an antivirus software program appears, (e.g., Symantec AntiVirus, McAfee, etc.) the removal DID NOT work completely; there may be a fragment of the program left. Make note of the antivirus software name. Windows XP: o select Start > Control Panel o double-click the Security Center icon o click the down arrow for Virus Protection o if the name of an antivirus software program appears, (e.g., Symantec AntiVirus, McAfee, etc.) the removal DID NOT work completely; there may be a fragment of the program left. Make note of the antivirus software name. 1. If removal fails, refer to the following vendor sites for addtional help with uninstalling it: Symantec (http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/ 2005033108162039?Open&docid=2005092709200113&nsf=sharedtech.nsf&view=docid) McAfee (http://service.mcafee.com/FAQDocument.aspx?id=TS100507) Kapersky (http://support.kaspersky.com/faq/?qid=208279463) AVG (http://free.avg.com/faq) Note: The uninstall for AVG is not as complex as other programs. Select your version in the FAQ and follow the instructions. Trend Micro (General) (http://esupport.trendmicro.com/4/How-do-I-remove-Trend-Micro-InternetSecurity-Pro-and-Trend-Micro-Inte.aspx) or Trend Micro (Dell) (http://esupport.trendmicro.com/6/How-do-I-uninstall-Trend-Micro-PCcillin-Internet-Security-14-for-Dell.aspx)
-5-
clean-pdf
clean-pdf
Change Passwords
Change your local Windows user account (password used to log onto your computer) and/or Windows administrator account passwords (password to install software). For steps, visit the FirstConnect (http://www.cmu.edu/computing/firstconnect/) site and follow the appropriate "Secure Accounts" steps: Windows 7 & Vista (https://www.cmu.edu/computing/firstconnect/os/win7-vista/account.html) Windows XP (https://www.cmu.edu/computing/firstconnect/os/xp/account.html) Consider purchasing an external backup drive and doing regular backups. If you have problems in the future, rather than working through all of these cleaning processes, you can restore from backup. IMPORTANT: Passwords should ALWAYS be changed if your computer is compromised, even if you just restore from a backup.
-7-