Help - I have BackDoor.Afcore.BN Trojan - How do i get rid of it ?

Discussion in 'Trojan Defence Suite' started by assembly, Jul 14, 2004.

Thread Status:
Not open for further replies.
  1. assembly

    assembly Registered Member

    Joined:
    Jul 14, 2004
    Posts:
    2
    Hi,

    I hope you can help, I have the BackDoor.Afcore.BN Trojan, it was picked up by AVG AntiVirus and is 'attached to a file called mll_qio.dll, which AVG cannot remove. I have run "HijackThis" and have a log file but I need advise on which entries to check.

    I regularly run AVG and Spybot and empty the Internet Explore folders

    Please Help,

    Many Thanks,

    Assembly. :'(
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Assembly, You can download TDS3 from here: http://tds.diamondcs.com.au/
    And the latest radius file from here: http://tds.diamondcs.com.au/index.php?page=update

    Install TDS3 Put the radius file in your TDS3 folder - Reboot - In scan options select them all - Move the generic detection slider fully to the right.

    Switch off AVG so that none of it's detection is working

    Do a full system scan - This will take time

    Please report your findings in this thread

    Post your HJT log as described here: https://www.wilderssecurity.com/showthread.php?t=15913

    HTH Pilli
     
  3. assembly

    assembly Registered Member

    Joined:
    Jul 14, 2004
    Posts:
    2
    Philli,

    I Installed TDS3 and put the radius file in my TDS3 folder and rebooted. Now I can't use my PC as it just keeps rebooting. It gets to the desktop, then AVG detects the Trojan horse, then the pc reboots before the boot up has finished. What can I do, how do I start my PC in safe mode ? I'm not an XP expert.

    Assembly.
     
  4. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Last edited: Jul 15, 2004
Thread Status:
Not open for further replies.