Source: Skynet
What should I do if I find some suspicious processes in the Process List of the task manager cannot be killed by using the task manager?
The Windows XP/2000 job manager is a very useful tool that allows you to see which programs (processes) are running in the system. As long as you read the process list in the job manager at ordinary times, familiar with the basic processes of the system, you can detect suspicious processes at any time, which is of great benefit to prevent Trojans and viruses!
1. Which system processes cannot be switched off?
Multiple processes are started when Windows is running. As long as you press Ctrl + Alt + Del to open the task manager, click View/Select column, select PIO (process identifier), and then click the process tab, you can see these processes. Deny and so on, we can completely disable them. This will not affect the normal operation of the system.
2. How to disable a process that the task manager cannot kill
If you cannot close a suspicious process in the task manager, you can use the following method to forcibly close the process. Be sure not to kill the system core process in the process:
1. Use the tool that comes with Windows XP/2000
Since Windows 2000, the Windows system has provided a user-mode debugging tool Ntsd, which can kill most processes because the processes attached to the debugger will exit along with the debugger, therefore, if you use Ntsd in the command line to call up a process, and then exit Ntsd, the process can be terminated, and Ntsd will automatically obtain the Debug permission. Therefore, Ntsd can kill most processes.
Operation Method: Click Start/Program/attachment/command prompt and enter the command ntsd-c q-p PID (put the last PID, change to the PID of the process you want to terminate ). In the progress, you can find the PID of a specific process. For example, to close the cmd.exe process in Figure 1, enter ntsd-c q-p 408.
The above-p parameter indicates that the PID is followed by the process, and-c q indicates that the DEBUG command to exit Ntsd is executed, and the above parameters can be passed through the command line.
2. Use special software to kill Processes
The task manager cannot kill a process. You can use special software to disable it. There are a lot of software that can Kill processes, such as process killer, IceSword, Liu Ye, System View master, Kill process, etc.
(1) process killer 2.5
: Http://www.onlinedown.net/soft/11003.htm
It can browse all processes running in the system, including those not visible with Ctrl + Alt + Del. It can streamline the process and automatically stop all processes other than the basic process of the system, it can be used to clear Trojans and virus processes. You can use it to stop any running process at any time, select the process, and click "Stop process ".