手工的拿走Backdoor.Graybird特洛伊的Spyware

手工的拿走Backdoor.Graybird特洛伊的Spyware

其它的名為Backdoor.Graybird特洛伊人:
這個特洛伊人也是以是特洛伊人-

Dropper.Win32.Agent.aang.Damage水準而聞名:高度//介質
散發水準:未知

禁止為Backdoor.Graybird特洛伊的Spyware汽車搬遷工具
給手工搬遷指令除蟲
推薦解除安全方式:
怎樣進入開始安全方式:
重新開始你的電腦,反覆敦促F8,當你的銀幕打開的時候,選擇安全方式,敦促進入.

感染檔案能在這些檔案夾和名字中被明白也進來一會兒任務
在搬遷以前結束下列的活躍過程

%AppData%\keyfolder\filewin.exe
%CommonFavorites%\netservice.exe
%CommonFavorites%\plug\001.dll
%DownloadedProgramFiles%賀y.exe
%InternetCache%\qq.exe
%ProgramFiles%\advanced看不見keylogger\win16sys.dll
%ProgramFiles%\bbs.hksxs.com.exe
%ProgramFiles%\commonfiles\360safe\qq.com
%ProgramFiles%\commonfiles\directdb.com
%ProgramFiles%\commonfiles\iugaq.exe
%ProgramFiles%\commonfiles\netdde.dll
%ProgramFiles%\commonfiles\netdde.exe
%ProgramFiles%\commonfiles\netddekey.dll
%ProgramFiles%\commonfiles\syskey.dll
%ProgramFiles%\commonfiles\system\msadc\nettps.dll
%ProgramFiles%\commonfiles\system\msadc\nettps.exe
%ProgramFiles%\commonfiles\system\msasp32.exe
%ProgramFiles%\commonfiles\system\nvcpl.exe
%ProgramFiles%\commonfiles\system\services.exe
%ProgramFiles%\commonfiles\system\svchostsers.com
%ProgramFiles%\hacke.cn.exe
%ProgramFiles%\hgzserver\adminis.exe
%ProgramFiles%\hgzserver\g_server2006.dll
%ProgramFiles%\hgzserver\g_server2006key.dll
%ProgramFiles%\hgzserver\hacker.com.cn.exe
%ProgramFiles%\hgzserver\shuibai8.exe
%ProgramFiles%\hgzuerver\hacker.com.cn.exe
%ProgramFiles%\intel\intel.exe
%ProgramFiles%\intel\intell.dll
%ProgramFiles%\internetexplorer\connection wizard\auiyg.exe
%ProgramFiles%\internetexplorer\connection wizard\svchosi.exe
%ProgramFiles%\internetexplorer\inexplore.com
%ProgramFiles%\internetexplorer\svchosi.exe
%ProgramFiles%\internetexplorer\svchost.dll
%ProgramFiles%\internetexplorer\svchostkey.dll
%ProgramFiles%\internetexplorer賀e.dll
%ProgramFiles%\java\javs.exe
%ProgramFiles%\meteors\svchost.dll
%ProgramFiles%\meteors\svchost.exe
%ProgramFiles%\meteors\svchostkey.dll
%ProgramFiles%\outlookexpress\ghost.exe
%ProgramFiles%\personal個人電腦spy\win16sys.dll
%ProgramFiles%\qq.exe
%ProgramFiles%\rtlcpli.exe
%ProgramFiles%\server.exe
%ProgramFiles%\windows媒體player\wowuc.exe
%ProgramFiles%\windowsnt\accessories\vbs.exe
%ProgramFiles%\windowsupdate\svchost.exe
%ProgramFiles%\xunjie.cn.exe
%System%\_msinfo.exe
%System%\_publishing.exe
%System%\_usb.exe
%System%\0.exe
%System%\0309c26e.exe
%System%\36dbc900.dll
%System%\3800hk.dll
%System%\487c0a80.exe
%System%\4e17c240.exe
%System%\a340d383.exe
%System%\alxres061230.exe
%System%\anti.dll
%System%\appen.exe
%System%\applictie.exe
%System%\aws.exe
%System%\bifrost\server.exe
%System%\bluefire.exe
%System%\brc_server.exe
%System%\btcrackdll.dll
%System%\btcrackdllfpga.dll
%System%\c2c.dll
%System%\ccevtsvc.exe
%System%\clipbook.exe
%System%\closeapp.exe
%System%\cnxcis.dll
%System%\comsvcs.exe
%System%\cs.exe
%System%\cybertv.exe
%System%\d249ad80.exe
%System%\d249ad80t.exe
%System%\dbmssocns.dll
%System%\ddos.exe
%System%\dhcpserver.dll
%System%\dllcache\msyow.exe
%System%\dllcache\vba.dll
%System%\doskeys.exe
%System%\drivers\etc\l68z386i.dll
%System%\drivers\lpd.sys
%System%\drivers\spoclsv.exe
%System%\drivers\spools.exe
%System%\drivers\svchost.exe
%System%\drivers\system.exe
%System%\dxdiag.com
%System%\enqueue.exe
%System%\expl0rer.exe
%System%\fe.exe
%System%\frundlll.exe
%System%\fservice.exe
%System%\hyyk.dll
%System%\hz_sys_temtray.dll
%System%\iexplqre.exe

如果你在從任務食槽運作過程方面有檔案任何這些,在搬遷以前結束過程.
筆記:如果任務經理是喪失能力的,下載下列的檔案,輕點下載--有助於Registry.reg

手工從登記處移居
輕點出發,跑步,把regedit歸類,尚可發出輕微而急促的聲音.
筆記:如果登記處編輯未能打開,威脅可以已經修改登記處阻礙到登記處編輯的通路.下載和運作這UnHookExec.inf,然後繼續搬遷.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
在正確窗玻璃片中,刪除價值:
"g.exe"="%Windir%\g.exe"
航行向前和刪除下列的亞關鍵:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services
\GrayPigeonServer
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root
\LEGACY_GrayPigeonServer

搜查登記處前面列出病毒檔案名字完全移居
編輯菜單--裁決,在搜索上登記關鍵詞和去除所有的裁決的價值.
離開登記處編輯,