Search Technology Help

Need help? Call the Help Center at 617-552-HELP or use this form

Website Feedback

Repairing Your Virus-Infected Computer

windows vista, xp, and 2000

Before You Begin

Before you begin to repair your computer, you must have access to a non-infected computer, such as a friend's computer or a computer in the CTRC. Do not plug an your infected computer into a working network jack on campus! Use the non-infected computer to:

  1. Print this page for your reference.
  2. Download McAfee VirusScan Enterprise 8.5i software (you will need to enter your BC username and password to download the software).
  3. Download ePO to your desktop (you will need to enter your BC username and password to download the software).
  4. Download the latest virus protection update/DAT (you will need to enter your BC username and password to download the software).
  5. Burn the files you downloaded to your onto a CD or DVD or copy them onto a memory stick.

Remember, you must complete the steps above using a non-infected computer.

Part 1: Install the New McAfee VirusScan software, ePO software, and the latest virus protection update

IMPORTANT: It is essential that you first uninstall all anti-virus applications such as Norton Home, McAfee VirusScan Home edition, or McAfee VirusScan Enterprise edition prior to installing the new McAfee VirusScan Enterprise edition (below) again. Serious computer problems could result if you do not uninstall existing anti-virus software. Make sure to disconnect your computer from the Internet before uninstalling your anti-virus software. You could get infected while you are unprotected!

Install McAfee VirusScan

  1. Make sure you are NOT connected to the Internet.
  2. Close all applications before beginning this process.
  3. Locate the VirusScan8.5Setup.exe installer on the CD you burned or your memory stick.
    Windows Vista: Right-click the installer and select Run as administrator.
    Windows XP and 2000: Double-click the installer.
  4. If installing on Windows Vista, a pop-up box may appear that reads "An unidentified program wants access to your computer." If you receive this message, click Allow.
  5. Wait for the McAfee VirusScan Enterprise Setup to process (see Figure 1).
    NOTE: Do not close this window, it will close on its own when the process completes.
    Figure 1 - Process progress
    Figure 1.
  6. When the setup window appears (see Figure 2), click Next.
    Figure 2 - Setup Wizard
    Figure 2.
  7. Do the following (see Figure 3):
    • Under the License expiry type, select Perpetual.
    • Read and select I accept the terms in the license agreement.
    • Click OK.
      Figure 3 - License Agreement
      Figure 3.
  8. Under Setup Type, select Typical and then click Next (see Figure 4).
    Figure 4 - Typical Install
    Figure 4.
  9. Under Access Protection Level, select Standard Protection, then click Next (see Figure 5).
    Figure 5 - Standard Protection
    Figure 5.
  10. Click Install (see Figure 6).
    Figure 6 - Begin Install
    Figure 6.
  11. When McAfee VirusScan Enterprise setup has completed successfully, make sure the Update Now and Run On-Demand Scan options are not selected and click Finish (see Figure 7).
    Figure 7 - Finish and Update
    Figure 7.
  12. If you are prompted to restart your computer, select Yes.
    If you are not prompted to restart your computer, restart your computer by clicking the Start button, then clicking Shut Down. From the drop-down list, select Restart, then click OK.

Install ePO using Windows Vista

  1. Right-click the ePOAgent icon on the CD you burned or your memory stick and select Run as administrator (see Figure 8).
    Figure 8 - Run as Administrator
    Figure 8.
  2. Under the security warning, select Run (see Figure 9).
    Figure 9 -Choose Run
    Figure 9.
  3. If the User Account Control dialog appears, click Allow.
  4. On the taskbar at the bottom of your screen, click Interactive services (see Figure 10).
    Figure 10 - Interactive Services
    Figure 10.
  5. Select Show me the message (see Figure 11).
    Figure 11 - Show me the message
    Figure 11.
  6. Wait for the Setup to complete, select OK, THEN select Return now (see Figure 12).
    Figure 12 - Click return now
    Figure 12.
  7. Restart your computer.
  8. Delete the ePO Agent installer icon from your desktop.

Installing ePO using Windows XP or 2000

To install ePO using Windows XP or 2000:

  1. Double-click the ePO Agent Installer icon on the CD you burned or memory stick (see Figure 13).
    Figure 13 - ePO Installer
    Figure 13.
  2. When you see the message "Setup completed successfully," click OK.
  3. Restart your computer.
  4. Delete the ePO Agent installer icon from your desktop.

Installing the latest virus protection update

To install the latest virus protection update/DAT:

  1. Locate the sdat.exe icon on the CD you burned or your memory stick and double-click it to begin installation (see Figure 14).
    Figure 14 - SDAT installer
    Figure 14.
  2. If running Vista, when prompted, click Allow.
  3. Click Next until installation begins (see Figure 15).
    Figure 15 - Begin Installation
    Figure 15.
  4. After the SuperDAT is installed, click Finish (see Figure 16).
    Figure 16 - Click Finish
    Figure 16.

Part 2: Turn off System Restore (Windows Vista and XP only)

If your computer running Windows Vista or XP is infected with a virus, it is possible for the virus to be backed up by the System Restore function. You could then restore a virus-infected file. Due to the proliferation of computer viruses and worms, it is recommended that you disable system restore on your computer.

Disabling System Restore with Windows XP

  1. Click Start, right-click My Computer, then click Properties. (Classic view: On your Desktop, right-click the My Computer icon, then click Properties.)
  2. Click the System Restore tab.
  3. Select the Turn off System Restore or Turn off System Restore on all drives box, then click Apply (see Figure 17).
    Figure 17 - Turn off system restore
    Figure 17.
  4. When you get a message warning you that all previous restore points will be deleted, click Yes (see Figure 18)
    Figure 18 - Delete all restore points
    Figure 18.
  5. Click OK.

Disabling System Restore with Windows Vista

  1. Click Start, right-click Computer, then select Properties (see Figure 19).
    Figure 19 - System Properties
    Figure 19.
  2. In the left panel, click System Protection (see Figure 20).
    Figure 20 - System Protection
    Figure 20.
  3. When prompted, click Continue.
  4. Uncheck all Available Disks listed (see Figure 21).
    Figure 21 - Uncheck Available Disks
    Figure 21.
  5. When prompted, click Turn System Restore Off (see Figure 22).
    Figure 22 - Turn off system restore
    Figure 22.
  6. When System Restore is off, the Available Disks will be unchecked (see Figure 23). Click OK.
    Figure 23 - Click OK
    Figure 23.

Part 3: Delete temporary Internet files & cookies

To delete temporary Internet files and cookies:

Delete temporary Internet files and cookies with Windows XP or 2000

  1. Click Start, then click Control Panel. (Classic view: Click Start, point to Settings, and then click Control Panel.)
  2. Double-click Internet Options.
  3. Do the following (see Figure 24):
    • Under the Temporary Internet files heading, click Delete Cookies.
    • When prompted whether to delete all cookies, click OK.
    • Under the Temporary Internet files heading, click Delete Files.Figure 24 - Internet Options
      Figure 24.
  4. When prompted whether to delete all files, check the Delete all offline content box, then click OK (see Figure 25).
    Figure 25 - Internet Options
    Figure 25.
  5. On the Internet Properties window, click OK.

Delete temporary Internet files and cookies with Windows Vista

To delete temporary Internet Files and cookies with Windows Vista:

  1. Click Start, then select Control Panel.
  2. On the left panel select Classic View (see Figure 26).
    Figure 26 - Classic View
    Figure 26.
  3. Double-click Internet Options (see Figure 27).
    Figure 27 - Internet Options
    Figure 27.
  4. Under Browsing History, click Delete (see Figure 28).
    Figure 28 - Delete Browsing History
    Figure 28.
  5. Click Delete Cookies and Delete Files (when prompted if you are sure you want to delete, select Yes), then select Close (see Figure 29).
    Figure 29 - Delete Cookies and Internet Files
    Figure 29.
  6. Exit the Internet Properties window.

Part 4: Start your computer in Safe mode

  1. Restart your computer.
  2. While your computer is restarting, press <F8>.
    Important: You must press <F8> at the moment just before Windows begins to start. If you see a "keyboard error" message, restart the computer and try again.
  3. Using the arrow keys on your keyboard, select Safe Mode and then press <Enter>.

Part 5: Scan your computer and remove viruses

Note: The initial scan of your computer may take a long time to complete.

  1. Windows XP and 2000: Right-click on My Computer and from the drop-down list, click Scan for viruses.
    Windows Vista: Right click on Computer and from the drop-down list, click Scan for threats.
  2. If a virus, spyware, or adware is found, VirusScan attempts to delete it. Depending upon the results of this, one of the following happens:
    • The infected file gets deleted, so you do not need to do anything else. Your computer is no longer infected.
    • The infected file cannot be deleted, so the file is moved to the C:/Quarantine folder (see Figure 30). Delete the file from the Quarantine folder: Within the VirusScan window, right-click the file name and click Delete.
      virus found
      Figure 30.
    • The infected file cannot be deleted and it cannot be moved to the C:/Quarantine folder (see Figure 31). To get rid of it, bring your computer to the Walk-In Help Desk in O'Neill 248 next to the Campus Technology Resource Center (CTRC).
      Figure 31 - Virus Found
      Figure 31.

    Important: Some viruses can damage files so that they are unusable. In this instance, your file is already beyond repair. VirusScan cleans the file, but may not be able to save it. This is where back-ups come in handy. Learn more about the options for storing your documents and files at Boston College.

    Do not use periods when naming your files! Outlook moves messages with attachments that have 2 or more periods in the name (For example: notes.04.01.20.doc) to the Junk E-mail folder. To prevent this, do not use periods when naming your files, and also remind people that send you attachments not to use periods.
  3. When scanning is done, close all McAfee VirusScan windows.

Note: It may take up to a week for McAfee to release virus definitions capable of detecting and removing new infections. If the virus you are infected with is not detected by VirusScan or the viruses (not spyware) cannot be removed or quarantined or moved, please call 617-552-HELP (4357), as we may have manual removal instructions available.

Part 6: If virus removal was successful, reconnect to the BC network

Important: If you were not able to remove the virus, bring your computer to the Walk-In Help Desk in O'Neill 248 next to the Campus Technology Resource Center (CTRC) to get help.

If you received a message to fix your computer or you would be disconnected:

  • If you were able to complete Parts 1-5 and virus removal was successful, then just plug your computer back into the network jack. Your computer should be "clean" now.

If you were disconnected from the network:

  • If you were able to complete Parts 1-5 and virus removal was successful, call 617-552-HELP (4357) and explain that you were disconnected and have performed the "self-clean" process and are ready to be reconnected to the network.

Part 7: Update your computer and re-scan your computer for viruses

  1. As soon as you are reconnected to the network, open Internet Explorer and from the Tools menu, click Windows Update. Follow the instructions to get updates and make sure that your computer is set to automatically download and install new updates.
  2. Once all updates are installed, restart your computer.
  3. Follow the instructions above in Part 5: Scan your computer and remove viruses one more time.
    Note: Rescanning your computer for viruses will accomplish two things: 1) It will validate that all viruses were successfully removed, and 2) It will notify BC ITS that your computer is virus-free and confirm that you have successfully completed this process.

Part 8: Protect your computer from future threats

  1. Go to bc.edu/virus and click the "Protect Your PC Checklist" link.
  2. Follow the instructions to protect your computer from future infections.

Part 9: Turn System Restore back on (Windows Vista and XP only)

Turning System Restore Back on with Windows XP or 2000

  1. Click Start, right-click My Computer, then click Properties. (Classic view: On your Desktop, right-click the My Computer icon, then click Properties.)
  2. Click the System Restore tab.
  3. Do the following (see Figure 32):
    • Uncheck the Turn off System Restore or Turn off System Restore on all drives box.
    • Click Apply.
    • Click OK.
      Figure 32 - Enable System Restore
      Figure 32.

Turning System Restore back on with Windows Vista

To turn on system restore with Windows Vista:

  1. Click Start, right-click Computer, then select Properties (see Figure 33).
    Figure 3 - System Properties
    Figure 33.
  2. In the left panel, click System Protection (see Figure 34).
    Figure 34 - System Protection
    Figure 34.
  3. When prompted, click Continue.
  4. Check all disks listed under Available Disks, then click OK (see Figure 35).
    Figure 35 - Check all available disks
    Figure 35.