TechSpot

Win32.MoSucker-052

By carolnewbee
Apr 10, 2008
  1. I was having problems with my internet so I routinely did a boot scan with avast and found a couple files infected with Win32.MoSucker-052. I didn't find much about this trojan on the internet. I have the files in the chest. Will they ineffective there or do I need to remove them or do anything else to get rid of this? My neighbors are having the same internet problems so it must be my provider. I don't think it plays into this mosucker thing. Thanks for any insight you may have.
    Carolnewbee
     
  2. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    Files in Quarantine cannot hurt you, if all of your programs are functioning ok with the files in there then it is definitely a good idea to go ahead and delete them.

    Why don't you post a Hijackthis log for us to look at to see if there is anything else suspicious.

    Have you had any symptoms of infection with this one?
     
  3. carolnewbee

    carolnewbee TS Rookie Topic Starter

    No symptoms that I could tell. I was surprised when Avast picked it up. I just wanted to make sure it was my ISP causing the internet problem so I did a boot scan. (It was my ISP's problem). I had run Malwarebytes' Anti-Malware prior to that but that didn't find anything.
     
  4. Blind Dragon

    Blind Dragon TS Evangelist Posts: 3,908

    You aren't running Firewall Software. Please download and install one of these first!

    Use a Firewall - It is very important that you use a Firewall on your computer. If you use the Windows Firewall you might think that's enough but it only controls inbound traffic. Simply using a Firewall in its default configuration can lower your risk greatly. Here are some firewalls which are free for personal use and most commonly used:
    Comodo
    Kerio
    Online Armor
    Zonealarm



    Update your Java Runtime Environment
    • First try going to Start -> Control Panel -> double click Java
    • Select the Update Tab at the top of the Java console
    • Click the Check for Updates button at the bottom
    • If it finds the newer version (Java 6 Update 5) Follow the on screen instructions
    • After it installs the newest version Go back to Control Panel -> Add/remove programs
    • Uninstall any older versions of Java

    If for some reason you couldn't update through the above instructions.
    • Click the following link
      Java Runtime Environment 6 Update 5
    • The 4th option down is the one you want (click Download)
    • Check the box to agree to terms of service
    • Check the box for your operating system and click 'Download selected'at the bottom
    • After the install Go to Start-> Control Panel-> add/remove programs (Programs and features), and uninstall any old versions
    • Navigate to C:\programfiles\Java -> delete any subfolders except the jre1.6.0_05 folder




    Remove bad HijackThis entries
    • Run HijackThis
    • Click on the System Scan Only button
    • Put a check beside all of the items listed below (if present):


      R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile - {D5233FCD-D258-4903-89B8-FB1568E7413D} - mscoree.dll (file missing)
      O9 - Extra button: Attach Web page to ACT! contact - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing)
      O9 - Extra 'Tools' menuitem: Attach Web page to ACT! contact... - {6F431AC3-364A-478b-BBDB-89C7CE1B18F6} - mscoree.dll (file missing)
      O15 - Trusted Zone: http://www.pogo.com
    • Close all open windows and browsers/email, etc...
    • Click on the "Fix Checked" button
    • When completed, close the application.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...