trojan - backdoor mosucker BO - won't go

  Ellie 23:05 18 Nov 03
Locked

I have Windows ME, AVG, ZoneAlarm and have managed to pick up BackDoor Mosucker BO, AVG spotted it but can't get rid of it. It says that 2 files are infected:no1 C:\windows\hlvhmaf.bin which it says is an AVG update file , i can delete this but it reappears no2 C:\windows\msc0nfigP{2}.com{3} (NBthe 0 in config is a zero). There are references to this file in the registry and in msconfig and in system.ini, even with these references removed I can't delete the file from windows directory. Disabling msc0fig in the real msconfig has no effect as soon as i restart the machine I get a red screen announcing it's presence and it's back again.
Anyone got any suggestions or am I going to have to reformat.

  VoG II 23:10 18 Nov 03
  Ellie 23:17 18 Nov 03

Thanks VoG
I've already been there and tried it, I can't delete msc0nfig{2}.com{3} from the hard drive it says access denied.

  VoG II 23:22 18 Nov 03

Try in Safe Mode. Reboot then keep tappng the F8 key just before the Windows screen loads. Then select Safe Mode from the menu that should appear.

Good luck.

  Ellie 23:28 18 Nov 03

Sorry I've tried that too

  rent-a-cop 00:10 19 Nov 03

why not try a free online scan from click here

  ahales42 00:55 19 Nov 03

why should i trust Trendmicro?

  ahales42 01:02 19 Nov 03

search for file netstat.old and delete it. then disable system restore and then run AVG.

  hugh-265156 01:04 19 Nov 03

i havnt had much experience with nasties myself but have got rid of two.

both required me to disable system restore in xp(i think me has this too)

untick everything in msconfig

run an avg scan in safe mode then delete it.

  rent-a-cop 04:23 19 Nov 03

trendmicro are the makers of the software pccillin and are one of the largest antivirus companies out there. I would trust them more than the smaller and less effective avg.

  Jester2K II 07:19 19 Nov 03

I've replaced PC- Cillin on countless PCs with AVG due to the onwer knowing the PC has a virus, and i know it has a virus but PC-Cillin can't / won't find it....

Never had a complaint about AVG.

Have you removed this line from system.ini [boot] shell=unin0686.exe


More info from PestPatrol click here


See also click here

This thread is now locked and can not be replied to.

What is Amazon Go and will it come to the UK? The store without checkouts or queues

1995-2015: How technology has changed the world in 20 years

Hands-on with the Star Wars fighting drones you can fly yourself

iPhone 9 and beyond: 32 amazing future smartphone developments - graphene, supercapacitor…