Balatechone: Creating new article
Malicious software, like viruses, can infect your computer through a number of channels, but compromised websites are probably the most common. The bad site might have been designed to infect computers or it may have been hijacked for nefarious purposes. Minimize damage to your computer and others by immediately disconnecting your system from the Internet as soon as you suspect you may have a virus. Unplug your network cable and turn off your computer's Wi-Fi.[[Category:Spyware and Virus Protection]]
== Steps ==
# Look for Culprits: Using the Windows Task Manager you can often find likely viruses or malware. You can open the Task Manager by pressing "Ctrl+Shift+Esc." On the Processes tab are all the different processes running on your computer, including the amount of CPU and memory resources they are consuming. Typically a virus will consume large quantities of CPU and memory so you can sort the lists -- by clicking on the heading -- to see which processes are the most resource-hungry. You can select a process and close it with the End Process button. However, if you aren't sure what the process is doing it's best to leave it alone until you can single out what it does. You can find out more about any process by right-clicking on it and selecting Properties or Open File Location. Finding the processes that seem to be using up resources and where they live on your computer can help you to identify the infection and figure out how to remove it.
# Perform a Scan: While it's likely that a virus that has infected your computer has also circumvented your local security, it's still a good idea to start with a scan of your files. If your anti-virus software won't launch that's another good sign that you are, in fact, infected. You can boot Windows into Safe Mode and retry the scan. Safe Mode disables any extraneous software and may allow your local virus scanner to operate and remove the bug. If your anti-malware software is compromised and won't even launch in Safe Mode, you can still use your computer to affect some solutions. Boot up into Safe Mode with Networking, reconnect your computer to the Internet and launch an online virus scanner. Some options include Panda Security, ESET and Bitdefender (see links in Resources). The benefit of an online scan is that it ensures the scanning software isn't compromised by the virus.
# System Restore: Windows has an automatic backup tool that creates restoration points whenever software is changed in the system. You can often use System Restore to dial the computer back to a time before the software infection took place. When you launch the System Restore program in Windows you can choose how far back you want to go. Typically it's best to go back one restore point at a time until you've solved the problem. If you know when the infection happened, restore your computer to the restoration point just before that. If you can't launch System Restore from within Windows, you can get to it in Safe Mode or, if all else fails, use a Windows installation disk to access the feature. If you can only access the command prompt in Windows you can start System Restore with the command: rstrui.exe.
# External Help: If you just can't get the virus off using your computer by itself, you can get additional resources to help remove the insidious bug. You can download the HouseCall software to a USB flash drive and run it on the infected computer. If that won't work either, you can create bootable CDs that use Linux as a base operating system for running a virus scanning tool. The Kaspersky Rescue Disk and the F-Secure Rescue CD provide Linux-based virus scanning and removal. You'll need to download the ISO files on another system, burn them to a CD and then boot your infected computer from the CD-ROM drive to use these utilities.
# Delete the Virus: Some particularly pernicious viruses resist nearly all attempts to remove them via anti-virus software. If you happen to have one of these it will continue to show up on scans, even after it looks like it has been deleted. Security companies will keep lists of the viruses, what they do and how to remove them, so once you have the name of the culprit that's infecting your system, you can do some serious violence to it. You'll need to disable any processes the virus has running on your computer using the Task Manager, then delete any files associated with the virus -- some of which you can find through the properties feature in the Task Manager -- and finally remove the system registry entries that refer to the virus. Deleting system files and messing with the registry could do more harm to your computer than the virus if you delete the wrong things, so do your homework and make sure you're killing the right things. For example the MiTech Mate blog offers detailed instructions on manually deleting a whole host of viruses.