【 Weak current College 】 guide you how to delete hidden in the Windows services in disease

1. What is a Windows service

Windows services are also called WindowsService, which is the Windows operating system and Windows network infrastructure, belong to the core part of the system, it supports the entire Windows of various actions. Such as DNS clients, the print program, Windows Update Services, scheduled tasks, Windows time service and other services, they can contact to the machine running properly. If you do not have proper management of these services, it will affect the normal operation of the machine.

A service is a Win32 executable that or is rundll32.exe to run formation in the form of a .dll. With normal use of the program, such as open WORD, there is an interface, but the service does not have a user interface. Nor can run by double-clicking the corresponding .exe program to run. The Windows and how to control a service?

Windows service by the level of the service to manage the services.exe, which is responsible for managing, executing services start, stop, pause, etc., Our most common action is through the Windows Services MMC interface to complete the operation.

2. how to delete a Windows service

Now the rogue software, more and more to your registration as a service. Generally the non-Windows system services to the lists to 023, such as the following:

O23-Service: unknown-BKMARKS [provide transfer protocol data security mechanisms, valid preserving data transmission security, and integrity. ]-C:\WINDOWS\SYSTEM32\RUNDLL.EXE

O23-Service: unknown-ewidoanti-spyware4.0guard [ewidoanti-spyware4.0guard]-D:\ProgramFiles\ewidoanti-spyware4.0\guard.exe

O23-Service: unknown-KSD2Service [KSD2Service]-C:\WINDOWS\system32\SVCH0ST.exe

For these rogue software, have to delete the .exe file so that it can no longer run, or directly to clean up the service itself, so that the computer is reset, it won't start.

Delete means there are two:

Method 1: use the sc.exe command in the Windows

Start-run-cmd.exe, and then enter the sc can see. Use approach is essential:

Scdelete "service name" (if the service name with a space, you need to with quotation)

As for the above: scdeleteKSD2Service

Essentials II: direct registry editing (selection)

Open the registry editor, locate the following key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services General Service to the same name here shows a primary key, delete the relevant key values directly.

III. special circumstances

1, if the service is rundll32.exe, and this file is located in the system32 directory, you cannot delete the rundll32.exe file, which is the Windows system files. At this time, as long as the cleaning services.

2. If a service is removed immediately and automatically set up, there is a process in background notes to monitor and defend. Need to be in session manager kill the appropriate process, or after startup, press F8 to safe mode to remove.