Brochure
S O L V I N G T Y P I C A L T A S K S
35
RECOVERING THE OPERATING SYSTEM AFTER INFECTION
If you suspect the operating system of your computer to be corrupted or modified due to malware activity or a system
failure, use the post-infection Microsoft Windows troubleshooting wizard that clears the system of any traces of malicious
objects. Kaspersky Lab recommends that you run the Wizard after the computer has been disinfected to make sure that
all threats and damage caused by infections have been fixed.
The Wizard checks whether there are any changes to the system, such as the following: access to the network being
blocked, known file format extensions have been changed, the toolbar is locked, etc. There are different reasons for
these different kinds of damage. These reasons may include the activity of malicious programs, incorrect system
configuration, system failures, or even incorrect operation of system optimization applications.
After the review is complete, the Wizard analyzes the information to evaluate whether there is system damage which
requires immediate attention. Based on the review, a list of actions necessary to eliminate the problems is generated.
The Wizard groups these actions by category based on the severity of the problems detected.
To run the post-infection Microsoft Windows troubleshooting wizard:
1. Open the main application window.
2. In the lower part of the window, select the Tools section.
3. In the window that opens, in the Microsoft Windows Troubleshooting section, click the Start button.
The post-infection Microsoft Windows troubleshooting wizard window opens.
The Wizard consists of a series of screens (steps) that you can navigate through by using the Back and Next buttons.
To close the Wizard after it completes its task, click the Finish button. To stop the Wizard at any stage, click the Cancel
button.
Let us review the steps of the Wizard in more detail.
Step 1. Starting system restoration
Make sure that the Wizard option to Search for problems caused by malware activity is selected and click
the Next button.
Step 2. Problems search
The Wizard will search for problems and damage which should be fixed. When the search is complete, the
Wizard proceeds automatically to the next step.
Step 3. Selecting troubleshooting actions
All damage found during the previous step is grouped on the basis of the type of danger it poses. For each damage
group, Kaspersky Lab recommends a sequence of actions to repair the damage. There are three groups of actions:
Strongly recommended actions eliminate problems posing a serious security threat. You are advised to
perform all actions in this group.
Recommended actions are aimed at repairing damage that poses a threat. You are also advised to perform
all actions in this group.
Additional actions repair system damage which does not pose a current threat, but may pose a danger to the
computer's security in the future.
To view the actions within a group, click the + icon to the left of the group name.