Rebuilding a virus infected computer.

NOTE - DO NOT USE ANY WEB BROWSER on the computer until ALL the below are complete
(to prevent getting viruses on your potentially unprotected machine).



1. Disconnect the network cable (and Wireless).


2. Back up any files on the computer you need to keep.


3. Reboot with installation CD (turn power off and then back on so viruses are not active in memory)

	3a. Wipe the hard drive (the below assume this is the first and only hard drive).

		Windows XP recovery console:
			diskpart
			(remove all partitions and then create the ones you want)
			format C: /fs:ntfs

		linux:
			fdisk /dev/sda
			(delete all partitions and then write the changes)


	3b. Replace the boot sector on the hard disk

		Windows XP recovery console:
			fixmbr
			(this replaces the boot sector with the Windows XP boot loader)

		linux (example):
			lilo -M /dev/sda mbr
			(this replaces the boot sector on /dev/sda with the lilo boot stage 1)


5.  Reboot (turn power off and then back on so viruses are not active in memory)
    - Machine should not be able to boot from hard drive.


6. Reinstall Operating System (usually with the CD that came with the computer).

	Windows:
		First Account is Administrator - Do NOT Make this your everyday account
		Turn on the Windows Firewall (set it to block everything)
		Disable Remote Desktop
		Disable Universal Plug and play
		Disable File and Print sharing


7. Connect the network

	Windows:
		UofM computers (UofM property):
			Attach to Active Directory ad.umn.edu (all users will come from there) .
			Manually run Windows Update until there are no patches to install
			Install Antivirus - Microsoft System Center 2012 with SP1 Endpoint Protection for Windows

		Non UofM computers (personal/home computers):
			Manually run Windows Update until there are no patches to install
			Install Antivirus
			You may put Windows Firewall in normal mode (IF YOU WANT).
			Create user accounts (make sure they are not Administrators).


8. Go TO:  http://safecomputing.umn.edu/