A computer virus is a set of computer instructions or program code that is compiled or inserted into a computer program that corrupts computer functions or corrupts data, affects computer use, and is capable of self-replication. This is called Computer Virus. Destructive, reproducible and infectious.
The virus often pretends to be a system file, so that you can't prevent it. We must know some of the process programs that are commonly used in the process and confuse everyone, so that we can prevent it and know it. The following small examples are also common system files that several viruses like. Anyway, if you find an abnormality in your computer, check if your process has problems.
svchost.exe
Process names that are often impersonated by viruses are: svch0st.exe, schvost.exe, scvhost.exe. With the increasing number of Windows system services, in order to save system resources, Microsoft has made many services into a shared mode, which is started by the svchost.exe process. The system services are implemented in the form of dynamic link libraries (DLLs), which point the executable program to scvhost, and cvhost calls the dynamic link library of the corresponding service to start the service. We can open the “ control panel & rdquo; & rarquo; & ldquo; management tools & rdquo; & rarquo; service, double-click the "ClipBook" service, in its properties panel can find the corresponding executable file path is "C: \\ WINDOWS \\ System32\\clipsrv.exe”. Double-click the “Alerter” service to find that the executable file path is “C:\\WINDOWS\\system32\\svchost.exe -k LocalService”, and the executable path of the “Server” service is “C:\\” WINDOWS\\system32\\svchost.exe -k netsvcs”. It is through this call that you can save a lot of system resources, so there are multiple svchost.exe in the system, which is actually only the system service.
There are two svchost.exe processes in the Windows2000 system, one is the RPCSS (RemoteProcedureCall) service process, and the other is a svchost.exe shared by many services; in Windows XP, there are generally More than 4 svchost.exe service processes. If the number of svchost.exe processes is more than 5, be careful, it is likely that the virus is faked, and the detection method is very simple. Use some process management tools, such as the process optimization function of Windows Optimizer, to view svchost.exe. The executable file path, if it is outside the directory ""C:\\WINDOWS\\system32”, then it can be determined that it is a virus.
explorer.exe
Process names that are often impersonated by viruses are: iexplorer.exe, expiorer.exe, explore.exe. Explorer.exe is the "resource manager" we often use. If the explorer.exe process ends in the "Task Manager", then the taskbar, desktop, and open files will disappear, click <;Task Manager”→“File”→ “New task”, after entering "explorer.exe", the disappeared things are back. The role of the explorer.exe process is to let us manage the resources in the computer.
The explorer.exe process is started by default with the system. The path to the executable file is "C:\\Windows"; otherwise, it is a virus.
iexplore.exe
Process names that are often impersonated by viruses are: iexplorer.exe, iexploer.exeiexplorer.exe process and the name of the explorer.exe process above are very similar, so it is easier to engage Mixed, in fact, iexplorer.exe is the process generated by Microsoft Internet Explorer, which is the IE browser we usually use. It is easier to identify it after knowing the effect. The name of the iexplorer.exe process starts with “ie”, which means IE browser.
The executable program corresponding to the iexplore.exe process is located in the C:\\Program Files\\Internet Explorer directory, and exists in other directories as a virus unless you have transferred the folder. In addition, sometimes we will find that the iexplore.exe process still exists in the system without opening IE browser. There are two cases: 1. The virus fakes the iexplore.exe process name. 2. The virus sneaked through the iexplore.exe in the background to do bad things. So if this happens, use the anti-virus software to check it out.
Although Microsoft has stopped updating services for the WinXP system, some users have not given up
Know the common process Just press “Ctrl+Alt+Del” to open the task manager, click &ldquo
Nowadays, the disk capacity is getting bigger and bigger, but why do people still complain about the
In Windows Vista, the Remote Desktop feature is turned off in the default installation, so if you ne
Windows 2008 configuration cluster continuous replication (1)
XP does not work properly shut down
Practical tips for Windows comes with Notepad (1)
WinXP system open the website prompt "There is a runtime error" how to solve?
How Windows XP Prevents Hacking (2)
A good way to make Windows look for files is easier
The operating system WinXP system downloads the installation parameters
You may not have noticed the Windows XP Tips application
IE7.0 browser Internet skills summary (1)
Windows XP operating system 30 strokes network skills
How to install F11 one-click restore function for desktop computer? (a)
Win10 how to enable setting administrator account
How does Win10 System Resource Manager always automatically refresh?
Qiaozhi local connection limited ills
Explain the steps of Win8.1 boot black screen
Win7 system web page error "Can not resolve the server's DNS address" What should I do?
How to use win10 remote desktop?
Windows7 system optimization slimming method
360 accidental kill how to do? 360 antivirus how to set the file as trust?
Can only enter safe mode, press F8 to select normal boot in the boot menu and enter safe mode