1. Turn off System Restore before antivirus (Win2000 system can be ignored): Right button My Computer, properties, System Restore, turn off System Restore tick on all drives.
Clear IE Temporary files: Open IE point tool-->internet option: Internet temporary files, click the "Delete Files" button, will delete all offline content tick, click OK Delete.
Close applications such as QQ. Do not do any double-click to open the disk until you do the following. All downloaded tools are placed directly on the desktop.
2. Use the force removal tool POWERRMV
Fill in the following file (including the full path), check "suppression kill the object to generate again", point kill "there is no hint can not find, please ignore the error continue"
C:\windows\Temp\winlog0n.exe
C:\windows\Temp\Servere.exe
C:\windows\Temp\iexpl0re.exe
C:\Program Files\rising\rav\qnkwwweg.dll
C:\WINDOWS\system32\msdebug.dll
C:\CONFIG. Exe
C:\WINDOWS\system32\RAVFY. Exe
C:\WINDOWS\system32\RAVWL. Exe
Restart the computer and press F8 to select Enter Safe mode to do the following
--------------------------------------------------------------
The following operations are required in Safe mode.
[Safe mode?] Press F8 to enter Safe Mode when restarting the computer
--------------------------------------------------------------
3. Use tool Sreng to do the following:
Download and how to use it look at the link below "There are illustrations" to understand the operation again!
"The following operations are risky, and you must understand the above methods before you operate." 】
The contents of the "Sreng reminder after opening" function do not match the expected value they may be modified by some malicious software "Please ignore the error, install the normal modification after the soft." 】
==================================
Start Project--> the registry with the following deletion
<fv16ywqt3c9><C:\windows\Temp\winlog0n.exe> [n/A]
<8tclhlxbhdh><C:\windows\Temp\Servere.exe> [n/A]
<8fbvs1><C:\windows\Temp\iexpl0re.exe> [n/A]
<{e25c29ab-12b9-4523-a53c-324b5fba648c}><c:\program files\rising\rav\qnkwwweg.dll> [n/A]
<{754FB7D8-B8FE-4810-B363-A788CD060F1F}><> [n/A]
Start the project--> service-->win32 The following item deletion of the service application
(Run Sreng---> Startup project---> Service--->WIN32 Service Application---> Check "Hide Certified Microsoft Project"---> select the service to be removed---> select Delete Service---> Click settings--- > Choose No (No) in the prompt to confirm the deletion. )
[Win32 Debug Service/msdebugsvc] [Stopped/auto Start]
<c:\windows\system32\\rundll32.exe Msdebug.dll,input><microsoft corporation>
[Tomdemoservice/tomdemoservice] [Stopped/auto Start]
<c:\config. Exe><n/a>
[Winfyservice/winfyservice] [Stopped/auto Start]
<c:\windows\system32\ravfy. Exe><n/a>
[Winwlservice/winwlservice] [Stopped/auto Start]
<c:\windows\system32\ravwl. Exe><n/a>
After restarting your computer, use the tools recommended below to clean up (remove) All selected points that you can detect (Windows Cleanup Assistant or Super Rabbit) reference
http://post.baidu.com/f?kz=149133630
QQ is strongly recommended to reload after unloading.
Pay attention to change QQ network Game account password.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
