Hackers use RunPE processes and hijack legitimate processes to evade detection by anti-virus software. By using RunPE Detector software, we can detect malicious processes hiding in the system memory, and after finding them, we can shut them down to prevent them from further infecting the system.
First, run the RunPE Detector software. Once the software is running, the English welcome screen will give a brief introduction of the software. Click on the “Scan Now” button, and the current Windows system memory will be scanned and checked (Figure 1).
During the scanning process, the scanned suspicious processes are displayed in the form of a list. The content of the inspection report mainly includes items such as Process Name, Process ID, Process Priority Level, and Image Path (Figure 2).
After the check is finished, a pill-like icon will light up at the top right of the RunPE Detector process list. Clicking on this icon will immediately clear the checked processes from memory (Figure 3).
If there is a security process in the process list that the user can confirm himself and does not intend to clean, you can remove the check mark in front of the process and then perform the cleanup. After the cleanup is finished, it will give an indication of successful cleanup (Figure 4).
The above software can only end the suspicious processes running in the memory, and cannot remove the programs associated with them. If you want to deal with the related suspicious programs, you can uninstall or remove them by following the paths indicated in the software process list. In addition, for Windows 10 users, you can use the “Virus and Threat Protection” window in the “Windows Security Center” and click on the “Manage Settings The link “Management Settings” ensures that switches such as “Real-time protection”, “Cloud-provided protection” and “Auto-submit samples” are turned on to facilitate the automatic removal of viruses and evil software when they are found (Figure 5). The software is automatically removed in time after it is found (Figure 5). If you are using Windows 7 or Windows 8, please install reliable third-party antivirus software to deal with it.