STEP 1		Print this page
		We suggest that you print this page before you start. Expand each section by clicking the "+" before you print the page. PRINT

STEP 2		Find the name of the infection
		I use Norton AntiVirus 2006 1 Start Norton AntiVirus. If Norton AntiVirus is installed as part of Norton SystemWorks or Norton Internet Security, then start that program and click Norton AntiVirus. 2 In the left pane, click Reports. 3 In the right pane, click View Norton Quarantine and Restore. 4 To see which treat was detected, in the left pane, click the first threat. You will see entries in the right pane if that was the type of threat detected. If nothing appears in the right pane, click the next type of threat and see if anything appears in the right pane. Do this with the other threat types until something appears in the right pane. 5 In the right pane, under Name, right-click the entry, and then click Details. 6 On the General tab, click the link to go to the risk write-up. I use Norton AntiVirus 2005/2004/2003 1 Start Norton AntiVirus.  If Norton AntiVirus is installed as part of Norton SystemWorks or Norton Internet Security, then start that program and click Norton AntiVirus. 2 In the left pane, click Reports. 3 Do the following, depending on your version of Norton AntiVirus:    In Norton AntiVirus 2005, click View Quarantined Items. In Norton AntiVirus 2004/2003, to the right of Quarantined items, click View Report.   4 Under the headings File Name and Virus Name, note the name of the quarantined file and the name of the risk that was detected. 5 Search the Symantec Security Response online database for the risk write-up. The write-up provides information about the risk and how to remove it.

STEP 3		Determine whether you need the quarantined file
		Worms and Trojan horses generally must be deleted In general, worm and Trojan horse files must be deleted, because they cannot be repaired. Worms and Trojans copy files to the hard drive, which are then loaded when Windows starts. In most cases, it is safe to delete worm files and Trojan files because Windows does not need them. In some cases, a worm will place an entry in the Windows registry that will call one of its files whenever an executable is opened. Security risks If the write-up indicates that the risk is adware, spyware, a joke program, a dialer, a remote-access program, or a hack tool, in most cases you can delete the file.  However, it is possible that the file is part of a legitimate software program and removing it will cause that program to stop functioning. The write-up will explain if this is the case. If it is, then decide whether you want to keep the legitimate software. If you do, then exclude the risk from future detection. If you do not, then uninstall the legitimate software by using the Windows Control Panel Add/Remove. Other types of files If the following statements are true, then it is likely that the quarantined file or files are not needed: The quarantined file is identified as unrepairable. You do not recognize the file. Windows starts normally and all programs can be run with the file in Quarantine. If you still are not sure if the file is needed Submit the quarantined file to Symantec Security Response. To submit the file to Symantec Security Response for analysis, read Submitting a file to Symantec Security Response using Scan and Deliver. Symantec Security Response will email you a response with their analysis. If their response shows that it is an unrepairable Trojan or worm and to delete and replace it if necessary, then this means that the file is safe to delete. This message does not necessarily mean that you need to restore the file. The only time you need to replace a quarantined file is when the file is part of a legitimate software program or a Windows system file and is infected by a virus that cannot be repaired by Norton AntiVirus. In that case, you should restore a clean copy of the file from a backup or from the original software installation CD.

STEP 4		Response options
		Delete the quarantined file if it is not needed  If you are sure that the file is not needed and you want to delete it, read Removing files from Norton AntiVirus Quarantine. Files that are deleted from the Quarantine folder are permanently removed from the hard disk. Note Windows system files that are infected and cannot be repaired must be deleted. When that happens, the system files usually will need to be replaced. For additional information, read the Windows documentation, Help files, or contact Microsoft. Restore the quarantined file if it is needed If you decide that the quarantined file is safe to be restored, and you want to restore it, then do the following depending on how the file is classified:  If the file is classified as a Security Risk, read Restoring security risks in Norton AntiVirus 2006 for instructions. If the file is classified as a Security Threat, read Restoring a file from Quarantine for help in restoring the file. Leave the quarantined file in Quarantine If you decide to leave the file in Quarantine, then it will remain there indefinitely, until you take action. When the file is placed in Quarantine, it is encrypted and is no longer a threat to the computer.

Available Translations: