SPOILER ALERT!
Tips on how to eliminate running EXE and DLL viruses
The best way to eliminate a operating EXE, DLL virus 2008-02-0700: 00 Author: Anonymous Source: NEW YORK software program Channel Editor: Zhao Biao clearing the virus, there was not encountered such and such a plan is operating, you are able to not eliminate strategies What? In fact, it is actually extremely very simple to clear these running applications. This short article will give you a detailed answer.
1st, the killing of the EXE virus that begins the process
1. A single method EXE virus or Trojan horse plan that could be located within the approach, like: svch0st.exe, some antivirus application can locate and cease the process, kill the virus; some antivirus application will alert the user or type a log, have to have the user Just after further judgment, stop the corresponding course of action manually to kill the virus.
2. The dual-process EXE virus or Trojan horse program that can be discovered within the method cannot be stopped at the same time due to the manual system. When we manually drop one of many processes, the other procedure will restart the process. In view of this situation, antivirus software is powerless. If each are non-system processes, we can quit the approach and kill the virus through the process manager/process/end process tree; you can also make use of the file/settings inside the tool IceSword/ It really is forbidden to create threads to stop among the list of processes, and after that cease one more process to kill the virus.
3. For dv images infected by Panda Burning Incense, the above two manual processes are invalid, simply because it is impossible to manually eliminate the virus from the virus-infected files. At this time, you'll be able to only offer virus samples to antivirus software program producers, and wait for the antivirus application to be upgraded. Process it, or reinstall the operating method.
Second, for the use of method insertion technology, hidden method DLL virus killing
At present, some advanced viruses or Trojan horses use process insertion technology to hide the course of action and insert their DLL dynamic hyperlink library files into current method processes. Generally inserted into explorer.exe and winlogon.exe, the existing antivirus software is aimed at this This type of dynamic link library virus detection and killing is just not perfect, and occasionally antivirus computer software may perhaps even misjudge, which include Symantec accidentally killing two important dynamic hyperlink library file events.
For inserting the DLL file in explorer.exe, most of them can use the module/uninstall within the tool IceSword to uninstall the DLL file, and then manually delete the DLL virus file.
For inserting dv format in winlogon.exe, a couple of can use the module/uninstall in the tool IceSword, uninstall the DLL file, after which manually delete the DLL virus file; most of them cannot be uninstalled.
For the above two cases that cannot be removed, you will need to manually delete the DLL virus file in safe mode.
In addition, you'll find currently some viruses or Trojan horses that at times infect the U disk, along with the Autorun.inf and corresponding EXE files are generated on the U disk.
1st, the killing of the EXE virus that begins the process
1. A single method EXE virus or Trojan horse plan that could be located within the approach, like: svch0st.exe, some antivirus application can locate and cease the process, kill the virus; some antivirus application will alert the user or type a log, have to have the user Just after further judgment, stop the corresponding course of action manually to kill the virus.
2. The dual-process EXE virus or Trojan horse program that can be discovered within the method cannot be stopped at the same time due to the manual system. When we manually drop one of many processes, the other procedure will restart the process. In view of this situation, antivirus software is powerless. If each are non-system processes, we can quit the approach and kill the virus through the process manager/process/end process tree; you can also make use of the file/settings inside the tool IceSword/ It really is forbidden to create threads to stop among the list of processes, and after that cease one more process to kill the virus.
3. For dv images infected by Panda Burning Incense, the above two manual processes are invalid, simply because it is impossible to manually eliminate the virus from the virus-infected files. At this time, you'll be able to only offer virus samples to antivirus software program producers, and wait for the antivirus application to be upgraded. Process it, or reinstall the operating method.
Second, for the use of method insertion technology, hidden method DLL virus killing
At present, some advanced viruses or Trojan horses use process insertion technology to hide the course of action and insert their DLL dynamic hyperlink library files into current method processes. Generally inserted into explorer.exe and winlogon.exe, the existing antivirus software is aimed at this This type of dynamic link library virus detection and killing is just not perfect, and occasionally antivirus computer software may perhaps even misjudge, which include Symantec accidentally killing two important dynamic hyperlink library file events.
For inserting the DLL file in explorer.exe, most of them can use the module/uninstall within the tool IceSword to uninstall the DLL file, and then manually delete the DLL virus file.
For inserting dv format in winlogon.exe, a couple of can use the module/uninstall in the tool IceSword, uninstall the DLL file, after which manually delete the DLL virus file; most of them cannot be uninstalled.
For the above two cases that cannot be removed, you will need to manually delete the DLL virus file in safe mode.
In addition, you'll find currently some viruses or Trojan horses that at times infect the U disk, along with the Autorun.inf and corresponding EXE files are generated on the U disk.
