"IT expert network Exclusive"Windows System integrates countless tools to meet the needs of users in different applications. In fact, these tools are "versatile", if you have enough imagination and are good at digging, you will find them in addition to the bank can also help us to disinfect . I don't believe you, you see!
One, task Manager to the virus behind a knife
Windows Task Manager is the primary tool for managing processes , and it can view current system process information in its Processes tab. Under the default settings, only the image name, user name,CPU footprint, memory usage, etc., and more information such as I/o read/ write and virtual memory size are hidden. Do not underestimate these hidden information, when the system appears inexplicable fault, may be able to find a breakthrough from among them.
1. The killing will automatically disappear double process Trojan
Some time ago a friend of the computer in a Trojan horse, through Task Manager to find the Trojan process as "system.", terminate it and then refresh, it will revive. Enter Safe mode to remove C:windowssystem32system.exe, restart it will reload, how can not completely clear it. From this phenomenon, the friend should be a double process Trojan. This kind of Trojan has the guardianship process, will carry on the scanning regularly, once discovers the process which the guardianship has been killed will revive it. And now a lot of dual-process Trojan is monitoring each other, resurrection. So the key to killing is to find this "mutual reliance" of the two Trojan files. The Trojan process can be found with the help of the task manager's PID identification.
With Windows Task Manager, first check "pid (process Identifier)" in "view → select columns" so that you can see the PID ID for each process after you return to the Task Manager window. So when we terminate a process, it regenerates the parent process by using the PID ID to find the regenerated one. Start the command Prompt window and execute the taskkill/im system.exe/f command. Refresh the computer and re-enter the command as shown in Figure 1, you can see that this terminated System.exe process PID 1536, which belongs to a PID 676 process. In other words, the system.exe process with PID 1536 is created by the PID 676 process. Returns Task Manager, which is known by the query process PID as the "Internet.exe" process process. (Figure 1)
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
