IT Connect

Information technology tools and resources at the UW

Malware infections

Preventing infections

  • Use the most current version of your operating system, email software, and web browser.  Newer software typically has better defenses and fewer vulnerabilities.  The Managed Workstation Service can provide you with the latest versions of Windows, Office, and the most popular browsers.  Find the latest software in the Software Center on your MWS device.
  • Remove high risk software from your computer.  Remove Adobe Flash and instead use Edge or Chrome to view content that still requires a Flash player.  Remove any versions of Java that aren’t required for your work.  Uninstall QuickTime from your Windows computer and instead use another program.
  • Get your software from a trusted source.  Use the Software Center or UW Uware.  If you download software on the internet, only use software that came directly from the publisher.  Some third party sites repackage popular software with malware.
  • User security software like Sophos Antivirus and Windows Defender.  The Managed Workstation Service can provide you with a version of Sophos that allows us to alert you if a virus is detected.  Find the latest software in the Software Center on your MWS device.
  • Be wary of USB devices.  Moving files from device to device with a USB storage drive opens those devices to infections on the drive.  To move files around, use a network share, mapped drive, or cloud storage location.
  • Don’t open email attachments unless you are expecting them.  Even better, contact the sender to confirm.
  • Mouse over links before clicking on them in an email or on a web page — when you hover over the link with your mouse, you will see the actual location the link will take you to.  It may not be what you expect.
  • Check the URL in the address bar of your web browser: is it what you expect?
  • For further reading: https://www.microsoft.com/security/portal/mmpc/shared/prevention.asp

Removing malware

  1. Open Sophos, either via Start — Programs, or through the blue S shield icon in the system tray near the clock.
  2. Click “Scan my computer” and let it run; it can take a few hours.  You can continue to use your computer while the scan completes.
  3. If malware is detected, it will appear in the left pane of the Sophos application in “Items Under Quarantine”.  Click “Quarantine” to see the list of detected malware.
  4. Select the infected file from the list and then click the “Perform Action” button in the lower right corner of the Quarantine manager.  Choose to clean the file.  If the option to clean is grayed out, either Sophos cannot clean this file or you do not have sufficient rights to make the change.  If that is the case, then MWS customers should contact support by sending mail to help@uw.edu.

You may instead choose to perform an offline scan and cleanup.  For instructions, see here: http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline