For our cyber worms that are soaked online every day, the probability of not poisoning is very low. Many people are often poisoned, and reinstalling the system is commonplace. In fact, the surface looks like a virus is terrible, in fact, there is no big deal, in the end, the virus I is just a special program, is a special code, nothing more than through some technical means that users can not simply find and remove. So as long as we know how it works, it is easy to solve. Let's take a look at how to crack the virus a few small tricks. There are many technical methods used by viruses, but in the end they are all meant to hide themselves. As long as you can hide yourself, let yourself be ingrained in the system, and occupy the user's computer for as long as possible, the purpose is reached. So where do the viruses usually hide themselves in the system? There are mainly the following: 1. Process. The virus will definitely produce a process. If the user ends the virus process, then the virus will only be killed. So the virus will take great efforts to protect its own process from being ended. The methods used are usually: hidden process, multi-process protection, dll insertion. 2. Startup items. In order for the virus to start up with the system startup, it is usually done in the startup item, and if necessary, they will also register themselves as system services, starting with other programs. 3. Virus files. As the body of the virus, the protection measures are naturally the most important, otherwise the virus files are gone, and everything is white. They set their own properties to be hidden, while destroying the system's folder options, so that users can't find the location of the virus files. To solve the virus process ending process, we first think of "Task Manager", but usually the virus will disable "Task Manager", this time we can only use some professional security tools to complete this work. , for example, the ice blade. After running the ice blade, the hidden process will be displayed in red font, we can easily find that right click on the virus process to end. To deal with viruses that are protected by multiple processes, the ice blade is also hand-in-hand. Use the Ctrl key to select the virus process at the same time, and the right button ends. After the process of clearing the virus startup item, the virus loses its combat capability and has already been slaughtered. Now we have to deal with the startup of the virus. Click “Start”Menu →“Run”, enter “msconfig”Enter, switch to “Start” tab, and cancel the hook in front of the virus startup item. If there is no virus startup item, then the virus is likely to add itself to the system service. Go to “Control Panel”→ quo;Administrative Tools”→“Service”, find the corresponding virus service, double-click to open it and select its startup mode “Disabled”. If you don't know which is the normal service and which is the virus service, you can use some tools to deal with it, such as Jinshan Guardian, Super Patrol and so on. Delete the virus file Now it is the turn of the virus file. But now we can't find the virus file, because it has been hidden, we want to display the hidden file is also unlikely, because the "folder option" is also passive, which means that our system can not be displayed now Those hidden files are gone. So what should I do? It is very simple. Open the registry editor, navigate to HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer, see if there is NoFolderOptions in the right window, if you change the value to 0, if not, create a new DWORD key, the value is 0. Once set, click on <;Tools> Menu →“Folder Options" in the <;Explorer>, switch to “View” tab, check the “show all files and files Folder & rdquo;, and at the same time remove the "hidden protected operating system files" & rdquo; front hook, click "ld"; OK & rdquo;. This virus file will be displayed, usually located in the Windows directory and Windows /system32 directory, find it to delete. This article comes from [System Home] www.xp85.com