Do it without tools! Manually remove rogue software

        The magic height is one foot, the road height is one foot, and the rogue software is changing with each passing day. The cleaning software will gradually reveal its limited side---only the most known rogue software can be known. So today I want to introduce the method of manually removing rogue software from my old rookie.

Recommended auxiliary software: icesWord

It is assumed that rogue software is already available on the computer. According to my experience, rogue software will want to use IE
for binding, so

Step 1: We can locate the location of rogue software through plugin management in IE.

Open "IE"->Tools->internet Options->Programs->Manage Add-ons

and then list a lot of IE plugins, all we have to do is observe the plugins The publisher, if you see an "unverified" in front of the publisher, I recommend not to let it play any role, disable it, and then disable it without microsoft, don't worry about closing some useful plugins, let's say < U>Play the
Flash plugin in the webpage, even if we close it, IE will prompt you later. There is a gear symbol on the status bar, double click to open, then it will prompt you which plugin you need, and you will not be late when you resume.

Step 2: Record the name of the plugin (Dll file) that was basically suspected of rogue software, and then search the system in the search. In general, most rogue software will be installed to x: \\Program Files\\ below, find the folder where the rogue software is installed, try to delete first, there should be no way to delete, the system will pop up a window - "a file is being used", then you just cleared it in IE Not enough, because the rogue software has loaded itself into the rundll32.exe process.

Step 3: We have to use icesword to operate. Open icesWord, then select the process, find rundll32.exe (sometimes there may be a few, if there are more than one, one operation), right click and select "module information", find the dll in the module you just can't delete File, now force the end of this rundll32.exe process, and then return to Program Files, do not rush to delete. Now open regedit.exe and start searching for the dll plugin (the plugin for the rogue software you just found in the rundll32 module), find a location and right click to delete the registration key, then press F3 to continue searching until you jump out of the window and say the search is complete. That means that you have cleared the rogue software very cleanly, delete the folder you just found, restart the computer, how, the world is clean!

There are a few points to note about the operation of the registry:

1. Don't delete the key value. If you accidentally delete an important data, the computer may have problems.

2, regedit.exe search time, first point to the top of my computer (note: is the "my computer" in the registry editor), so the registry search can search the most thorough.

Note: Rogue software sometimes bundles IE with two or more dll files at the same time, so you should do the following steps several times, one by one to unbind the dll file to IE.

Postscript: The rogue software is really terrible (the protection measures of the glacial Trojans are advanced, and many firewalls are not alarmed), but everyone can understand the rogue software through this article, I believe everyone will later Seeing rogue software will not be so flustered. In fact, everyone does not have to worry about rogue software can not be clear, can only reinstall the system, in fact, because rogue software is only a kind of malware, has not yet reached the realm of Trojans, so it is impossible to think of some Trojans to use the driver to add Implement rootkit (completely hide files and processes and network
transmitted packets). In short, for rogue software, we can completely try to delete it manually, do not care about its advanced protection features, software is always its loopholes, we will have unexpected gains as long as we use it!