Your best source of information and news about Vista hardware, secrets and xp on the internet

Vista ARTICLES TOP 50 Spyware Virus Vista SOFT Vista HELP

backdoor removal

You are currently browsing the articles from MS Windows Vista Compatible Software matching the category backdoor removal.

Manual Removal of W32/Bdoor-ZAR Backdoor Worm

Manual Removal of W32/Bdoor-ZAR Backdoor Worm.
W32/Bdoor-ZAR is a network worm with backdoor functionality for the Windows platform.
The backdoor component accepts commands from remote users.
Other names of W32/Bdoor-ZAR Worm:
This Worm is also known as Worm.Win32.AutoRun.skg, WORM_AUTORUN.CCJ.
Damage Level : High/Medium
Distribution Level: Unknown
No Auto Removal Tool for W32/Bdoor-ZAR Backdoor Worm
Try ProtectorPlus W32/Autorun Worm Removal 1.0
Mirror Link 1
Mirror Link 2
Worm Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
  • %\Windows\System\cfg.exe
  • %\config\cfg.exe [ Runs on Startup ]
  • %\config\s-1-5-21-1482476501-1644491937-682003330-1013\cfg.exe
    • If you have any of these files in running process from task manger, end the process before removal.
    • Note: if task manager is disabled
      Download the following file[ Right click and select "Save Target as" ]
      Click to Download - Enable Registry.reg
    • Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
Backdoor Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
  • Note: If the
...
Click to continue reading "Manual Removal of W32/Bdoor-ZAR Backdoor Worm"

Written by FireFly on January 12th, 2009 with no comments.
Read more articles on cfg.exe and W32/AutoRun.SKG and W/32Bdoor-ZAR and backdoor removal and otherSoftware and manual removal and Windows.

Manual Removal of Backdoor.Graybird Trojan Spyware

Manual Removal of Backdoor.Graybird Trojan Spyware
Other names of Backdoor.Graybird Trojan:
This Trojan is also known as Trojan-Dropper.Win32.Agent.aang.
Damage Level : High/Medium
Distribution Level: Unknown

No Auto Removal Tool for Backdoor.Graybird Trojan Spyware
Worm Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.


The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
  • %AppData%\key folder\filewin.exe
  • %CommonFavorites%\netservice.exe
  • %CommonFavorites%\plug\001.dll
  • %DownloadedProgramFiles%\usbkey.exe
  • %InternetCache%\qq.exe
  • %ProgramFiles%\advanced invisible keylogger\win16sys.dll
  • %ProgramFiles%\bbs.hksxs.com.exe
  • %ProgramFiles%\common files\360safe\qq.com
  • %ProgramFiles%\common files\directdb.com
  • %ProgramFiles%\common files\iugaq.exe
  • %ProgramFiles%\common files\netdde.dll
  • %ProgramFiles%\common files\netdde.exe
  • %ProgramFiles%\common files\netddekey.dll
  • %ProgramFiles%\common files\syskey.dll
  • %ProgramFiles%\common files\system\msadc\nettps.dll
  • %ProgramFiles%\common files\system\msadc\nettps.exe
  • %ProgramFiles%\common files\system\msasp32.exe
  • %ProgramFiles%\common files\system\nvcpl.exe
  • %ProgramFiles%\common files\system\services.exe
  • %ProgramFiles%\common files\system\svchostsers.com
  • %ProgramFiles%\hacke.cn.exe
  • %ProgramFiles%\hgzserver\adminis.exe
  • %ProgramFiles%\hgzserver\g_server2006.dll
  • %ProgramFiles%\hgzserver\g_server2006key.dll
  • %ProgramFiles%\hgzserver\hacker.com.cn.exe
  • %ProgramFiles%\hgzserver\shuibai8.exe
  • %ProgramFiles%\hgzuerver\hacker.com.cn.exe
  • %ProgramFiles%\intel\intel.exe
  • %ProgramFiles%\intel\intell.dll
  • %ProgramFiles%\internet explorer\connection wizard\auiyg.exe
  • %ProgramFiles%\internet explorer\connection wizard\svchosi.exe
  • %ProgramFiles%\internet explorer\inexplore.com
  • %ProgramFiles%\internet explorer\svchosi.exe
  • %ProgramFiles%\internet explorer\svchost.dll
  • %ProgramFiles%\internet explorer\svchostkey.dll
  • %ProgramFiles%\internet explorer\update.dll
  • %ProgramFiles%\java\javs.exe
  • %ProgramFiles%\meteors\svchost.dll
  • %ProgramFiles%\meteors\svchost.exe
  • %ProgramFiles%\meteors\svchostkey.dll
  • %ProgramFiles%\outlook express\ghost.exe
  • %ProgramFiles%\personal pc spy\win16sys.dll
  • %ProgramFiles%\qq.exe
  • %ProgramFiles%\rtlcpli.exe
  • %ProgramFiles%\server.exe
  • %ProgramFiles%\windows media player\wowuc.exe
  • %ProgramFiles%\windows nt\accessories\vbs.exe
  • %ProgramFiles%\windowsupdate\svchost.exe
  • %ProgramFiles%\xunjie.cn.exe
  • %System%\_msinfo.exe
  • %System%\_publishing.exe
  • %System%\_usb.exe
  • %System%\0.exe
  • %System%\0309c26e.exe
  • %System%\36dbc900.dll
  • %System%\3800hk.dll
  • %System%\487c0a80.exe
  • %System%\4e17c240.exe
  • %System%\a340d383.exe
  • %System%\alxres061230.exe
  • %System%\anti.dll
  • %System%\appen.exe
  • %System%\applictie.exe
  • %System%\aws.exe
  • %System%\bifrost\server.exe
  • %System%\bluefire.exe
  • %System%\brc_server.exe
  • %System%\btcrackdll.dll
  • %System%\btcrackdllfpga.dll
  • %System%\c2c.dll
  • %System%\ccevtsvc.exe
  • %System%\clipbook.exe
  • %System%\closeapp.exe
  • %System%\cnxcis.dll
  • %System%\comsvcs.exe
  • %System%\cs.exe
  • %System%\cybertv.exe
  • %System%\d249ad80.exe
  • %System%\d249ad80t.exe
  • %System%\dbmssocns.dll
  • %System%\ddos.exe
  • %System%\dhcpserver.dll
  • %System%\dllcache\msyow.exe
  • %System%\dllcache\vba.dll
  • %System%\doskeys.exe
  • %System%\drivers\etc\l68z386i.dll
  • %System%\drivers\lpd.sys
  • %System%\drivers\spoclsv.exe
  • %System%\drivers\spools.exe
  • %System%\drivers\svchost.exe
  • %System%\drivers\system.exe
  • %System%\dxdiag.com
  • %System%\enqueue.exe
  • %System%\expl0rer.exe
  • %System%\fe.exe
  • %System%\frundlll.exe
  • %System%\fservice.exe
  • %System%\hyyk.dll
  • %System%\hz_sys_temtray.dll
  • %System%\iexplqre.exe
If you have any of these files in running process from task manger, end the process before removal.
Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg 

Manually Remove From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to...
Click to continue reading "Manual Removal of Backdoor.Graybird Trojan Spyware"

Written by FireFly on December 18th, 2008 with no comments.
Read more articles on Backdoor.Graybird and backdoor removal and W32/Agent.AANG and manual removal and otherSoftware and Removal and Windows.