Helping people with computers... one answer at a time.
If you realize that an unexpected download has begun and think it might be malicious, it's good to try and stop the download right away.
What is the quickest method to turn off your computer or kill a download? Just curious, in case I need to stop a possible virus web download without damaging the computer processes. I use Vista on laptops. The other day when I was surfing, I went to a "legitimate" web site and saw an instant notification of a virus: bars growing in a strange display - that kind of thing. It did not look like any display that my regular firewall and antivirus ever shows. As quick as I could, I clicked all the quit X corners and did a "normal" shutdown. Afterwards, I ran all my scanners in Safe Mode and nothing odd showed up. But, it pointed out that we all need a very rapid way to shut down the CPU to kill the download. If I had been close to my wireless router, I could have pulled the power cord or if I was connected by ethernet cable, I could have removed that transmission line.
•
You're right in that the fastest way is to pull the network cable, if you have access to it. That's what I generally recommend when possible. It's fast and absolute.
One thing that folks often do, but should not, is to pull the power cord, or otherwise force an immediate power-off of their machine.
I'll explain why that's a bad idea and give you a couple of alternatives when disconnecting the networking cable isn't a realistic option.
•
Pulling the (power) plug
Many people's first reaction when they believe that something bad is happening to their machine right now is to pull the power plug right now. On laptops, that might even include holding the power button down for 10 seconds, which is never a good idea.
Don't do it.
The problem with these methods for shutting down your machine is that they don't give Windows a chance to shut down cleanly. That's very important - it's definitely not something that you want to skip.
When power is removed unexpectedly, you're playing a virtual game of Russian roulette. Most of the time, it might result in no noticeable problems at all. Sometimes, you might notice some minor issues after you boot again.
In the worst case, it's quite possible that your computer may not boot again.
The problem is simply that if the computer happens to be writing to disk and the power goes out at exactly the wrong time, the disk could be damaged. It's not frequent, but it is very possible. Often, you can recover but at a minimum it's a hassle when this happens. (And yes, all of this applies to power outages for other reasons as well.)
So don't pull the plug or force a power off as anything other than a last resort.
Pulling the (network) plug
As you indicated, the ideal scenario is simply to disconnect your computer from the network. It's quick, it's painless, and it definitely stops the download.
"Pulling the plug" can, indeed, mean physically unplugging the network cable from your PC. But as you also alluded to, you could unplug your router or access point. You can unplug its power, instantly turning the device off, or like your PC, you can simply disconnect it from the network.
In addition, many laptops have switches of various sorts that will turn off their WiFi adapter effectively disconnecting you from the network.
Regardless of how you do it, simply physically disconnecting from your internet connection is the fastest and safest way to interrupt a download that you suspect may be malware related.
Pulling the (virtual) plug
What if there's no plug within reach? What if the cables are all hidden, the networking equipment is inconveniently located, or you're using a laptop with no WiFi switch?
This is one of the reasons why I keep the network icon visible in my taskbar's notification area.
In Windows XP, it's easy:
Right-click the network connection icon and then click on Disable. That's it - connection interrupted.
In Windows 7, it's a step or two more complex, I'm afraid.
Windows 7 doesn't display the same network icon as Windows XP does, so it's worth knowing about these steps.
Right-click the network icon and click Open Network and Sharing Center.
Click on Change adapter settings.
Right-click the network adapter that represents your internet connection, and click Disable.
Five clicks and your machine is disconnected from the internet, quickly, safely and without damage.
Then, after you've secured your machine and perhaps checked for any malicious fallout, you can return and enable the network connection in the same way.
Article C4846 - June 15, 2011
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
I never click anything on these malware installs. When I see something suspicious start I hit ALT-F4, repeatedly. Clicking anything on the malware items can trigger them to install.
A clever one I saw last week had an uninstall shortcut that pointed at the install exe.
Posted by: Steve at June 28, 2011 10:40 PMOne of the best recomendation I ever read.
Thanks Leo
Posted by: Ismael Mojica at June 30, 2011 4:33 PMIn response to Bernie on June 24, 2011 7:05 AM:
"Leo provided info on disabling the network in XP and in Windows 7. Anyone have a quick shortcut for Vista? Thanks."
Here's a simple procedure for both Vista and Win7:
Posted by: Frank D at July 9, 2011 8:05 AM1. In Control Panel, click on Network and Sharing Center.
2. At the top, click on the Network icon.
3. In the Network window, right-click on your router or modem icon.
4. Click on Create shortcut.
(The shortcut is created on your desktop.)
5. Move the shortcut icon to wherever you want it (e.g., pin it to the taskbar).
When in panic mode, just click on the icon to disable your Internet connection.
On using "Disable" from the Network Connection icon in the XP taskbar: this is not possible if you're using a Restricted account (i.e. without administrator privileges), which I do myself for most activities and recommend to others because it reduces (probably doesn't eliminate) the risk of malware being installed.
Posted by: Oliver W at July 13, 2011 8:27 AMI am using Avast 4.7 Professional and this action is automatic [!]. I'm not going near 5 with a barge pole.
Posted by: john neeting at July 16, 2011 3:21 AMJust google some forums and find out why. Oh it's good but I don't to sell my soul to the company store, thank you very much