In our work, we often find advertisements popping up in the lower right corner. What is this? We found that the downloaded 360, what 360 has such a magical old advertisement that people can't stop, and there is no option to close it. What we found was focus information, um, focus information? Close in various tweets. Why is it still there? In this day and age, you can hardly stop these softwares from stealing everything, because you don't have that much time, but I want to clean it up completely.
Through screening, it is found that when advertisements pop up, one is sesvcr.exe, and some may be sesvc.exe.
You felt lucky from the first step. You know something about computers. Well, delete it, so as not to bother me again. Next time you start the browser, it will pop up again later. . Look at the catalogue, hmm. . Automatically rebuilt this file, so awesome?
You find that after deletion, as long as you use 360 security browser or 360 security guard again, a local file of the program will be created. Can we clear it? The answer is no, it will be regenerated after cleaning, even if you crush it with 360.
Second, analysis
We found that it was deleted and reinstalled, so we simply didn't delete it. Can we ban it from being visited?
Third, the operation
1, disable sesvcr.exe.
Use the search tool software or the system's own search to search the location of sesvcr.exe/sesvc.exe. and enter its directory.
For example:
C: \ users \ XXX \ appdata \ roaming \ 360safe \ softmgr (XXX here stands for your computer user name, Zhang San, Li Si and so on. . Usually in the SoftMgr folder.
The simplest method is as follows:
On the sesvcr file-right-click-Properties-Security tab
Some directories may be: C: \ XXX \ Safe360IE \ 360SE6 \ Application \ Components \
The program is C: \ XXX \ Safe360IE \ 360SE6 \ Application \ Components \ SESVC \ Sevcr.exe.
The next step is as shown in the figure: change the folder C: \ Users \ XXX \ Appdata \ Roaming \ 360Safe \ Softmgr and sesvcr.exe in it to the name of their own account. We know that during the operation of this folder and the programs in it, some computer states may be written into the top administrator's authority, which cannot be directly deleted and created, prompting to refuse. The following are the states in which permissions need to be revoked to your login account. Using 360 itself can only be forcibly deleted, and it is very troublesome to rebuild the program after a while.
See the figure for details. Right-click the property, as does the SoftMgr folder.
When choosing your own account, you will be prompted to check any subfolder, inherit the parent authority, etc., and then confirm the application. It may not take effect then. After the restart, the permissions of this file will return to your account, and then the core. After changing the permissions, this folder and service program will be owned by your account. Then modify the permissions without creating or deleting anything. Remember to restart the computer, otherwise it may not take effect.
Next, create an empty txt document in the SoftMgr folder, change the file name to sesvcr.exe, and make it impossible for anyone to change the permissions. All information will be written as rejected and the property will be read-only. Maybe it will solve the problem.
At the same time, if you want to guarantee the super administrator rights of Windows, you can set all users' rights to the directory to deny. Reject everything, even the right to read data.
1, get the super administrator rights of Windows.
2. All users are forbidden to visit sesvcr.exe.
Note: "Group or User Name" needs to be clicked in turn. Otherwise, there may be fish escaping from the net.
You're finished. Restart the computer again.
This is written by other netizens. If the advertisement doesn't bother you anymore, you don't have to do it again. If not, use super administrator privileges.
2. Get the super administrator rights of Windows.
1, get the super administrator rights of Windows.
2. All users are forbidden to visit sesvcr.exe.
(1) Create a new text file "Get Administrator Permission". Txt "and write it.
Windows registry editor version 5.00
[HKEY _ Class _ Root \ * \ Shell \ Operation Mode]
@ = "Administrator takes ownership"
"Non-working directory" = ""
[HKEY _ Class _ Root \ *\ Shell \ Run Mode \ Command]
@ = " cmd . exe/c takeown/f \ " % 1 \ " & amp; & ampicacls \ " % 1 \ "/grant administrator s:F "
" isolated command " = " cmd . exe/c takeown/f \ " % 1 \ " & amp; & ampicacls \ " % 1 \ "/grant administrator s:F "
[HKEY _ Class _ Root \exefile\shell\runas2]
@ = "Administrator takes ownership"
"Non-working directory" = ""
[HKEY _ class _ ROOT \ exefile \ shell \ runas 2 \ command]
@ = " cmd . exe/c takeown/f \ " % 1 \ " & amp; & ampicacls \ " % 1 \ "/grant administrator s:F "
" isolated command " = " cmd . exe/c takeown/f \ " % 1 \ " & amp; & ampicacls \ " % 1 \ "/grant administrator s:F "
[HKEY _ Class _ Root \ Directory \ Shell \ Operation Mode]
@ = "Administrator takes ownership"
"Non-working directory" = ""
[HKEY _ Class _ Root \ Directory \ Shell \ Operation Mode \ Command]
@ = " cmd . exe/c takeown/f \ " % 1 \ "/r/d y & amp; & ampicacls \ " % 1 \ "/grant administrator s:F/t "
" isolated command " = " cmd . exe/c takeown/f \ " % 1 \ "/r/d y & amp; & ampicacls \ " % 1 \ "/grant administrator s:F/t "
(2) modify the suffix ". Txt "to". Register "
Get super administrator permissions, Baidu Baidu, a lot, check scripts.
Double-click the import registry to get super administrator rights for Windows, and then perform the previous operations.
Since then, 360 has no ability to start this program (sesvc.exe).