System tools have magical details command line powerful anti-toxic weapon
As early as a few years ago, there are prescient netizens exclaimed: People drift on the Internet, can not win the bid. By now, computers have become commonplace. In the face of this menacing virus trojan, anti-virus software and firewall nature is a must not be less. But sometimes there are many stubborn molecules that rely on anti-virus software and firewalls to deal with them. And did you know that on the command line of Windows, there are some very useful tools available for us to make the most of our powerful weapons against the virus, and we can fight the virus more effectively. Let's take a look at the powerful anti-toxic weapons on the command line.
First, the tasklist--piercing eyes
Today's viruses are becoming more and more cunning, often missing the head or tail. But many viruses often expose fox in the process, so viewing processes is an important way to remove viruses. Of course, we view the profiling process through the system's task manager or other more powerful process viewer, while the command tool--tasklist (Windows XP or later) is actually available at the command line. This command, like Task Manager, displays a list of active processes. But by using parameters, you can see the information that Task Manager cannot see, but by using parameters, we can achieve more powerful functionality. Using the parameter "/M", Running "tasklist/m" will show all DLL modules loaded for each task, as shown in Figure 1; with the parameter "/svc", Running the "tasklist/svc" command displays a list of active services in each process, as shown in Figure 2, From this we can see that the process svchost.exe the services that can be used to identify the malicious virus process. In addition, we can use the Tasklist command to view the process of a remote system, such as entering "tasklist/s 208.202.12.206/u friend/p 123456" at a command prompt (excluding quotes) You can view the process of a remote system with an IP address of 208.202.12.206. The "208.202.12.206" after the/s parameter refers to the IP address of the remote system to be viewed, and the "friend" after/U refers to the user account that the tasklist command uses, it must be a legal account on the remote system, and the "123456" after/p Refers to the password of the friend account. In this way, the network management remote killing virus is also more convenient.
tasklist command
tasklist command