i-Live

如何從你的電腦移除彩虹橋木馬病毒

如果要完全清除Bifrost，您需要刪除的所有與Bitrost相關的檔案、文件夾、Windows registry keys和 registry values 。

那些檔案與資料夾是需要刪除的

Note: The paths use certain conventions such as [%PROGRAM_FILES%]. These conventions are explained here.

檔案

[%SYSTEM%]plugin1.dat [%SYSTEM%]SysPr.prx [%WINDOWS%]plugin1.dat [%WINDOWS%]SysPr.prx [%PROFILE%]Local Settingsotynb.exe [%PROFILE_TEMP%]vndoe.exe [%SYSTEM%]Movesearch.exe [%SYSTEM%]msconf.exe [%SYSTEM%]serier.exe [%SYSTEM%]vndoe.exe [%SYSTEM%]Wintemp.exe [%WINDOWS%]msnmess79.exe

文件夾

[%PROGRAM_FILES%]Bifrost [%PROGRAM_FILES%]Nvidia Mgr

哪些Windows registry keys 和 values是需要刪除的

HKEY_CURRENT_USERsoftwarewget HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components{9b71d88c-c598-4935-c5d1-43aa4db90836} HKEY_LOCAL_MACHINEsoftwarewget HKEY_LOCAL_MACHINEsoftwarexvid HKEY_CURRENT_USERsoftwarebifrost HKEY_CURRENT_USERsoftwarenvidia manager HKEY_CURRENT_USERsoftwareskav HKEY_CURRENT_USERsoftwareskavx HKEY_LOCAL_MACHINEsoftwarebifrost HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components{4535f32f-d292-b784-7926-7419ade0a94b} HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components{df709a68-7856-4acf-2b73-8e9a4693507c} HKEY_LOCAL_MACHINEsoftwaremscrop HKEY_LOCAL_MACHINEsoftwareskav HKEY_LOCAL_MACHINEsoftwareskavx

 

HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun, startkey=[%SYSTEM%]rundf.exe HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun, startkey=[%SYSTEM%]win32.exe HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun, startkey=[%SYSTEM%]winampXP.exe HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun, startkey=[%SYSTEM%]winlog.exe HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun, startkey=[%SYSTEM%]winsystem.exe HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun, startkey=[%SYSTEM%]winupdate.exe HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun, startkey=[%SYSTEM%]ypager.exe HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun, startkey=[%WINDOWS%]svchost.exe HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun, startkey=[%SYSTEM%]win32.exe HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionrun, imjpmilg9.2= HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionrun, sokey= HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionrun, startkey= HKEY_CURRENT_USERsoftwaremscrop, klg= HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components{a5cdf7ec-751b-46aa-ad69-4005fe080de8}, stubpath=[%SYSTEM%]winweb.exe s= HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components{a5cdf7ec-751b-46aa-ad69-4005fe080de9}, stubpath=[%SYSTEM%]winrss.exe s= HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun, sokey= HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun, startkey= HKEY_LOCAL_MACHINEsoftwarenvidia manager, nck=

 

如果你覺得這樣的解毒方式太過複雜，那就付費註冊軟體，就可以輕鬆的解毒了，再不然，最好的方式還是，重灌你的系統，這才是一勞永逸的方式。

 

加入書籤: