Experts quickly diagnose computer viruses have a trick

In the network era of "talking about toxicity", the most worrying thing for system users is that the system is attacked by viruses. Many times we will think that it is safe to install anti-virus software on the system. In fact, many computer viruses cannot be defended by anti-virus software. Then, we need to learn how to diagnose whether the computer is infected with the virus in daily life. For the sake of our computer security, let's take a look at this tutorial with the experts!

1. Press Ctrl+Shift+Delete (click this button at the same time) to bring up the Windows Task Manager to view the system running. Process, find unfamiliar processes and write down their names (this requires experience), if these processes are viruses, in order to facilitate subsequent cleanup. Don't end these processes for the time being, because some viruses or illegal processes may not end here. Click Performance to view the current state of the CPU and memory. If the CPU utilization is close to 100% or the memory usage is high, the probability of computer poisoning is 95%.

2. View the service items currently started by Windows, and open the “Services” in the “Management Tools” of the “Control Panel”. Look at the status of the right column is "Start" & rdquo; start the category is "Automatic" items; in general, the normal windows service, basically has a description of the content (except for a few hackers or worms forged) At this point, double-click to open the service item that is considered to have a problem and view the path and name of the executable file in its properties. If the name and path are C:/winnt/system32/explored.exe, the computer will recruit. There is a situation where "Control Panel" can't open or all the icons inside run to the left, there is a vertical scroll bar in the middle, and the right side is blank, then double-click Add/Remove Programs or Administrative Tools, the form is empty. This is the feature of the virus file winhlpp32.exe attack.

3, run the registry editor, the command is regedit or regedt32, see those programs are started with windows. Mainly look at Hkey_Local_Machine/Software/MicroSoft/Windows/CurrentVersion/Run and the following several RunOnce, etc., check the value of the item on the right side of the form to see if there is an illegal startup item. WindowsXp running msconfig also plays the same role. With the accumulation of experience, you can easily determine the startup of the virus.

4, use the browser to judge online. Visit some common well-known websites to open.

5, unhide the properties, view the system folder winnt (windows) /system32, if the folder is empty after opening, indicating that the computer has been poisoned; open system32, you can sort the icons by type, see if there is The executable file for the popular virus exists. By the way, check the folders Tasks, wins, drivers. At present, some virus execution files are hidden here; the files under the drivers/etc are the objects that the virus likes to tamper with. It was only about 700 bytes, and it was changed after being tampered with. More than 1Kb, this is the reason why the general website can be accessed and the security vendor website cannot be accessed, and the famous anti-virus software cannot be upgraded.

6, by anti-virus software to determine whether it is poisoned, if poisoning, use anti-virus software to kill the virus can generally be detected, sometimes anti-virus software will be automatically terminated by the virus program, and manual upgrade failed.

If you want to put our computer in a safe operating environment and avoid virus attacks, we need to use a certain virus to diagnose common sense, in order to better protect against hacker attacks and protect our system security. I hope this tutorial is helpful for you to detect computer viruses.