Before proceeding with the instructions listed on this page, backup the files from your computer that you want to save. The processes listed below could result in you losing your data or losing access to your data in such a way that would be very difficult (if possible) to recover.
We have found that these virus infections typically happen while the computer was used off campus and not protected by the latest software updates and the campus firewall. Ensure you are always running the latest Microsoft updates or the latest versions of software, including Adobe Reader by configuring your computer properly. After removing the virus, it is recommended that you update your computer as soon as possible in order to prevent re-infection. Running Windows updates as soon as they are released and installing / using Configuration Manager can help keep your computer up to date.
Run a full scan using the latest version of Microsoft's Malicious Software Removal Tool (MSRT), using the first section of instructions on the previous page. (Note: the latest version is distributed every month with Microsoft Windows Updates and a quick scan is performed by default. You can also download it directly from the Microsoft KB890830 download page.)
Try one of these freely available applications at your own risk. (Have you backed up your important files?) If you do not want to run this or if your computer does not start properly after this, skip to the last step.
ComboFix... From a working computer, download the latest version of ComboFix to a USB memory stick, then use the instructions on this same page to scan for and remove the fake antivirus application on the infected machine. SUPERAntiSpyware Portable... From a working computer, download the latest version of SUPERAntiSpyware Portable Scanner to a USB memory stick, then use this application to scan for and remove the fake antivirus application on the infected machine.Sometimes these applications are installed so deep that removing them properly requires Windows to be re-installed.
Backup the files from your computer that you want to save. Format your hard drive. Rebuild your machine using the installation disk(s) that came with your computer. You will then need to re-install all Windows Updates and software to re-connect to the Thomas network. Note: This procedure will remove all data from your computer.