When you use your computer, you may encounter a situation where the computer suddenly crashes and sometimes restarts automatically. There are fewer files on the endless end. It is found that the desktop refresh is slow, there is no big program running, and the hard disk is desperate. Reading and writing, the system also inexplicably searches the floppy drive, anti-virus software and firewall alarms, and finds that the system is getting slower and slower. You should be careful at this time.
The first time reaction (to develop a good habit to the bowl can reduce the loss): Use CTRL + ALT + DEL to call up the task table to see what programs are running, such as the discovery of strange programs will add more Note that in general, any program on the task manager will not have a negative impact on the basic operation of the system (note: here is the basic operation, first explain to everyone, about this article I am on the network Regarding the results of this study), so you can close some suspicious programs to see if some abnormal conditions have returned to normal, then you can initially determine that it is a Trojan, and found that multiple programs with the same name are running. And it may increase with time. This is also a suspicious phenomenon. Pay special attention to it. If you find these phenomena after connecting to the Internet or LAN, don't doubt, check it out! , (Note: There may be other viruses at work)
1 Upgrade the anti-virus software to the latest, and perform a comprehensive inspection scan of the system.
2 Click Tools → Folder Options → View Hide hidden protected operating system files (recommended) and hide extensions of known file types. The previous checkmarks are removed for easy viewing.
3 Look at the first few lines in the WIN.INI file in the Windows directory: [WINDOWS] load= ren= Here is the program to start Windows automatically, you can look at the comparison.
4 Look at the lines in the SYSTEM.INI file in the Windows directory: [386Enh] device= Here is the system itself and the additional drivers. The added drivers generally use the full path, such as: device=c:\\windows\\system32\\tianyangdemeng.exe (here is just an analogy)
5 View "Programs" → "Start" in the Start menu. . Here is also the program to start Windows auto-execution, if it is, it is placed in C:\\Windows\\Start Menu\\Programs\\, save it in a safe place and then delete it, you need to restore it when you need it. Just recover.
6 Enter "MSCONFIG" in "Start" → "Run" to see if there is a suspicious startup item. You may ask, isn't that said before? In fact, these two methods are different. If you look at these two methods separately, you will find a difference. As for the deeper point, I don’t know what to say. Oh, don't be joke, I hope the experts come out to answer it!
7 To view the registry, enter "REGEDIT" in "Start" → "Run".
Make a backup of the registry before you can view it. (Be sure to develop a habit. When you modify the wood file, you need to make a backup first.)
Check HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunServices and Run to see if there is any Suspicious program.
Check HKEY_CLASSES_ROOT\\EXEFILE\\SHELL\\OPEN\\COMMAND to see if it exists. The com file associated with the Trojan, the correct value is "%1"%* View HKEY_CLASSES_ROOT\\INFFILE\\SHELL\\OPEN\\COMMAND to see if there is. The Trojan associated with the INF file, the correct value is "SYSTEM ROOT%\\SYSTEM32\\NOTEPAD.EXE%1View HKEY_CLASSES_ROOT\\TXTFILE\\SHELL\\OPEN\\COMMAND to see if there is a Trojan associated with the TXT file, the correct value is %SYSTEM ROOT% \\SYSTEM32\\NOTEPAD.EXE%1Start CMD, enter NETSTAT -AN to see if there are any abnormal ports.
8 Execution files in Windows.exe, .com, .dll...all of them may be hackers Place the virus or the carrier of the hacker virus. When the system is normal, make a backup of the above files, and write it back when needed!
9 In the Windows directory, see if there is a A file named Winstart.bat. This file is also an automatic batch file similar to Autoexec.bat. However, it can only be used in Windows and not under DOS. Look carefully if there are any drivers you don't know. Record it, go to Baidu to check, generally this automatic batch file will not be used. (Only judged by experience)
I bought a sharp laptop (amd1700+) in December 2003. I recently found that the computer always shuts
How to make IE allow to install objects with invalid signatures Phenomenon If an object contains inv
System Restore is a key information recovery tool similar to the Restore Wizard. In fact, as early a
Although the data in the registry is very complicated, in order to improve system performance, we ha
How to effectively prevent cookies from leaking secrets
Solve the annoying IE fake death four tricks
What is the reason that the boot system prompts boot.ini illegal?
Introduce the "naughty" service item in the system to find the root cause of the fault
How to customize the paper type
Press F1 to boot into the complete solution of the system.
Why does my hard drive become a pluggable device after installing this system?
There is a desktop background but can't enter the system to solve
How to crack rar password in WinXP system?
Master: Commonly used shortcut keys for Windows systems
Win7 system LAN sharing setting solution
Is it necessary to spend money on system upgrades? Teach you how to upgrade for free
Get the win7 system prompt error 1079 fault
Win8 can't shut down the monitor of the series. What if the monitor is turned off but still running?
Win7 system system call failure two solutions
How to add broadband connection to Win7 system
Magical digital U disk Easy to build my personal portable workstation
Windows Embedded 8 Preview is open for download
After Win8 reloads, there is only a solution for the recycle bin on the desktop
Only 3 days Win10 became the world's fifth largest desktop operating system
Windows delete files or folders are rejected, you need administrators to provide permissions only
Win10 IoT Core IoT Core 1st Anniversary Update ISO Image Download Address