Skip to Navigation | Skip to Content

General Virus Removal Instructions

about getsecure isitsecure documents services contact

search the site

did you know?

  • If you have forgotten the password you use with your NYU NetID and/or your password hint, follow the instructions on the NetID & Password page.

related pages

If you are here because you received a virus notification from ITS: Activity from your computer on the NYU network indicates that it is infected with one or more viruses or worms. ITS can not determine the specific virus(es) on your computer, so you must follow these general virus removal instructions, which will detect and remove most known worms and viruses and help protect your computer in the future. If you do not complete these instructions, your computer will be a threat to the security of other computers on NYU-NET and will therefore be blocked from accessing the network until it is disinfected.

If you are here because you think your computer might have a virus: Follow the instructions below to check your computer for most known viruses and worms, remove them, and help protect your computer in the future.

STEP 1

If you are using Windows XP, Vista, or Windows 7, you need to disable System Restore to make sure that the virus files you remove are not restored when you restart your computer. For instructions, see www.nyu.edu/its/security/getsecure/restore.html.

STEP 2

Apply all available Windows patches and updates. To do so, open Internet Explorer, go to http://windowsupdate.microsoft.com, then follow the instructions.

STEP 3

If you already have antivirus and anti-spyware software running on your computer, download the latest virus definitions.

If you have not yet installed antivirus software, download your ITS-provided copy of Symantec AntiVirus (for Windows and Mac) and free trial-edition of Ad-Aware (for Windows):

  • Go to the ITS Software website at http://software.nyu.edu and log in with your NYU NetID and password.
  • Click the appropriate links to download Symantec AntiVirus and, for Windows users, you can download a free copy of Windows Defender or Lavasoft Ad-Aware.
    (Windows Vista and Windows 7 already come pre-installed with Windows Defender.)
  • Install the software, then immediately download the most recent definitions files.

STEP 4

Restart your Windows computer in Safe Mode:

Windows XP, Vista, and 7 Instructions

  1. Print these instructions before you begin as you will not have access to them while your computer is off.
  2. Click Start, then click Shut Down.
  3. In the dialog box that appears, select Restart from the drop-down menu, then click OK.
  4. Allow your computer to power down completely. When it begins to reboot, press F8 repeatedly until a boot menu appears.
  5. Use the arrow keys to select the Safe Mode with Networking option and press Enter.
  6. Select the operating system you would like to load and press Enter.

Click here for more information on Safe Mode.

Additional Safe Mode information

  • For security and diagnostic reasons, Safe Mode limits functionality to only the essential files and drivers (mouse, monitor, keyboard, mass storage, base video, and default system services). You may also choose the Safe Mode with Command Prompt option, which loads the same files and drivers as safe mode, but the GUI interface is replaced by a command prompt.
  • Safe mode can be used to diagnose problems. If a symptom does not appear in Safe Mode, you can rule out the default settings and minimum device drivers as possible causes. If a newly installed device or driver is causing problems, you can use Safe Mode to remove the device or reverse the change.

STEP 5

Run a full system scan:

  1. Open Symantec AntiVirus by selecting START > PROGRAMS > SYMANTEC ENDPOINT PROTECTION > SYMANTEC ENDPOINT PROTECTION.
  2. Select Scan for threats on the left-hand panel.
  3. Next, click Full Scan.
  4. If any files are detected as infected, click Repair.
  5. If any files are detected as infected and cannot be repaired, click Delete. (If this happens and you do not have a backup copy of the file, you will lose the data it contains—be sure to back up your files regularly.)
  6. Restart your computer.
  7. Repeat these steps until no more files are detected as being infected.

STEP 6

After following these instructions, you must contact the IT Service Desk at 1-212-998-3333. Please be prepared to provide information regarding the disinfection of your computer.

Please note: these instructions are provided here for the convenience of the NYU community. New York University is not responsible for any damage that might result from following these instructions.

Page last reviewed: March 3, 2011