First, what is the process of Alg.exe
Alg.exe is the Microsoft Windows operating system with its own program. It is used to handle Microsoft Windows network Connection Sharing and network connection firewalls. This program is very important for the normal operation of your system.
But the Alg.exe process is a very important system process on Microsoft Windows, and is used for application-tier gateway services, which will start automatically as the system is turned on.
Second, the Alg.exe process can be closed?
To tell you the answer is "not closed." We know that this process is coming out. Windows System network Connection Sharing and network Connection Firewall, so although it is a system process but only the system auxiliary tool, shutdown it does not affect the system. However, the small part recommends that the process not be closed in general. The process is typically saved under the C:windowssystem32 system directory. If you find that the program appears elsewhere, it may be the virus disguised as the program running in the background, then the anti-virus software will be killed.
Third, Alg.exe is poisoned how to solve?
If you find that the Alg.exe file is under the C:windows root directory, then it means that your computer is on the Alg.exe virus. Do not say after poisoning will cause the effect of the explanation, now do the virus to clear off immediately. We said above can use anti-virus software to kill the virus. Maybe some anti-virus software can not kill the virus, it needs to be killed by killing anti-virus software manually. Here, use the registration form to the killing bar. The specific steps are as follows:
1, click Start-Run the menu, and then enter the "regedit" command on the Run input box and press ENTER to open the Registry Editor.
2, expand: hklmsystemcurrentcontrolsetservices
3. Delete: Application Layer Gateway Services (pointing to C:windowsalg.exe)
4, expand: HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows Ntcurrentversionwinlogon
5, change the key value of sfcdisable to dword:00000000
6, expand: HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows Ntcurrentversionwinlogon
7, Delete: "SfcScan" =dword:00000000
8, expand: Hkey_local_machinesoftwaremicrosoftwindowscurrentversionshell Extensions
9, Delete: "V7b5x2s1i4h3" = "12/15/2006, 01:26 PM"
10, restart the system. Displays hidden files.
11, delete C:windowsalg.exe.
12, in the C:windowssystem32microsoft directory to find Backup.ftp, renamed to Ftp.exe; find Backup.tftp, renamed Tftp.exe. Then, drag Ftp.exe and Tftp.exe to the System32 folder, overwriting Ftp.exe and tftp.exe that were overwritten by the virus.