First, do not reboot
Generally speaking, when you find that there are abnormal processes, unknown programs run, or the computer runs significantly slower, or even IE often ask whether to run some ActiveX controls, debugging scripts and so on. Then it means that you may have been poisoned at this time.
And a lot of people feel poisoned, think the first thing to do is to restart the computer. In fact, this approach is extremely wrong. When a computer is poisoned, if it is restarted, it is highly likely to cause greater damage.
Second, the Urgent disconnect network
Because of the outbreak of the virus, not only slow the computer, but also damage the data on the hard disk, but also may send out your personal information, viruses and so on, so that the harm further expand. To this, found that after poisoning, the first thing to do is to disconnect the network.
More ways to disconnect the network, the easiest way is to run to the computer behind the cable, which is the most straightforward way. However, in the actual application, we do not need such trouble, after all, running to the back of the computer is still relatively irksome. If you have a firewall installed, you can disconnect the network directly from the firewall, if you do not have a firewall, you can right-click on the "Network Neighborhood" icon, select "Properties" from the pop-up menu, and right-click "Local Area Connection" in the open window to set it to disabled. If you are a dial-up user, just disconnect the dial-up connection or turn off the Moden device.
Iii. Backup of important documents
Poisoning should not be immediately after the antivirus, the author personally think that if the computer does not have important documents, then how to operate all does not matter, at most I put the hard disk completely formatted reinstall. However, if you have important data, messages, and documents stored in your computer, you should back it up to another device immediately after you disconnect it, such as a removable hard disk, a CD-ROM, and so on. Although the files that you want to back up may contain viruses, this is much better than antivirus software removing them when it comes to virus checking.
Moreover, after the virus attack, it is very possible to enter the system, so the timely backup of important documents after poisoning is one of the most important ways to mitigate losses.
Four, total anti-virus
In the absence of worries, we can carry out the killing of the virus. The killing should include two parts, one is in the Windows system for a full antivirus, the second is in DOS under the antivirus. At present, the mainstream anti-virus software is generally able to directly create a DOS antivirus disk.
In the antivirus, we recommend that the user first to the anti-virus software to make the necessary settings. such as scanning files in a compressed package, scanning e-mail, and so on, and handling files that contain viruses, such as "purge viruses" or "quarantine", rather than "delete files", in order to prevent important files from being deleted because of misuse.
V. Change important data settings
Because viruses, trojans are often to steal the user's personal data for the purpose, so after a comprehensive anti-virus operation, must be some important personal data, such as QQ, email account password reset. Especially after the discovery is Trojan horse program, especially need to carry out this work.
Vi. Checking your Network Neighborhood
If it is a LAN user, after processing the virus of their own computer, but also to check whether other computers on the network are also infected with the virus. Because many viruses will attack other computers on the network. A virus in one's own computer is most likely to infect other computers on the network. If it is not cleaned up in time, it is highly likely that it will be transmitted in reverse.
The method of checking is to perform a comprehensive virus removal on each computer, can also install Jinshan network dart Such virus firewall, if there are other computers on the network virus, then the virus firewall will stop the attack, we only need to open its interception log, you can know which IP address issued by the virus database, According to the IP address to find the computer, and according to the above method to deal with it.