After determining the action of the rogue software, prepare to remove it from the system. Although rogue software is not the same as Trojans and viruses, it runs the same way. I am going to find the startup items of the rogue software first, and then clear them step by step.
In order to enhance the user's recognition ability, the new version of SREng adds startup items and service risk judgment rules, and highlights colors when suspicious content is found. Red indicates a high-risk project and blue indicates an unknown security status item. The author first checks the "registry" startup item, SREng will automatically read the contents of all startup items of the Windows system. If the default key value is found to be changed to a non-default value, a warning will pop up to remind the user to pay attention. The result is not any. Suspicious items.
I think with the gradual popularization of NT kernel operating systems such as Windows 2000, XP, and 2003, many softwares have been "advanced with the times" and started using system services. I don't think rogue software will be an exception. Let's go. Select the "Services" tab in the "Startup Project", then click the "Win32 Service Application" button, you can view the current system service in the pop-up window. By effectively managing these processes, the system can be optimized. After selecting the "Hide Microsoft Services" option, the program will automatically block the publisher's Microsoft project and find suspicious things from these non-Microsoft services. No suspicious startup items were found.
I know that in addition to using the system service
, the individual rogue software also uses the driver to start, you can see the word "driver", do not simply contact the hardware device Together, many applications use their own drivers at the bottom of the system. The advantage of this is that it not only enhances the stability of the program, but also protects itself better (Figure 2). After the SREng was completed, the "driver" project was added. After careful inspection, a driver showing red was found, named "Cnmin**.sys". After confirming that it is the driver of the rogue software, after selecting the "delete service" option, click the "Settings" button to delete the driver.
Figure 2 Driver Check
A Meng Tip: Before using the various repair software to delete system related files, be sure to back up the registry files to avoid system problems caused by accidental deletion.
Recently, Tweak-XP Pro, a tailor-made optimization tool for Windows XP, has a new version, adding vi
Windows XP has a hardware configuration file that saves the installation information of all hardware
One of the ultimate weapon: Windows Security Explorer since August 6, 2004, Microsoft laun
In this way, you can have your own integrated WinXP SP2 (VLK) CD installation disk in about
Backup and recovery of the dual-system Windows
Windows XP operating system wireless network security explained
System Acceleration Wizard Let your system run faster (1)
Windows XP system cannot empty the recycle bin
The magic of the Win XP taskbar
Removing hidden Windows XP components
Using software to integrate Windows XP CD-ROM SP1
Getting Started: Learning Hard Disk Partitioning and Sizing
Crazy simulation Fully simulated Windows XP installation environment
Window xp is a good way to keep your desktop clean and tidy
Familiar with Windows XP Group Policy (1)
Wonderful: system startup speed question and answer highlights
Windows XP computer can not shut down? 6 strokes to easily solve the problem
Win7 notebook closed with a broken network
Windows 7 system taskbar time area display lunar calendar
Master teaches you to easily learn Windows 7 burning function
Win7 boot prompt error code 0xc0000102 What should I do?
Three ways to lock your screen in Windows XP
The system comprehensively analyzes why the Windows 7 partitions are worse and worse.
Vmware Server installation notes for Linux and Windows
Example analysis of error information about broadband connection