Win32.Mosuck

German born backdoor Trojan program, Win32.Mosuck, was created in November of 2002 and is written in Visual Basic.  Win32.Mosuck will enter under false pretenses and once the Trojan has entered, Superchachi (the author), will wait at port 1307 to give further commands.  It will wait for Win32.Mosuck to open up a backdoor that will make it easy for Superchachi to enter at his convenience.

AKA:
Backdoor.MoSucker.10
Backdoor.Win32.MoSucker.10
Backdoor.MoSucker.11
Backdoor.Win32.MoSucker.11
Backdoor.MoSucker.21.a
Backdoor.MoSucker.21.b
Backdoor.MoSucker.20.a
Backdoor.MoSucker.20.b
Backdoor.Win32.MoSucker.20.b
Backdoor.MoSucker.30.a
Backdoor.MoSucker.30.b
Backdoor.MoSucker.30.e
[Eset] Win32/MoSucker.C trojan
Win32/MoSucker.B trojan
Win32/MoSucker.20 trojan
[McAfee] BackDoor-EE
BackDoor-EE.svr

Related Files:
[%SYSTEM%]\WEBDL.OCX
[%WINDOWS%]\buxyelbk.dll
[%WINDOWS%]\jthh.exe
[%WINDOWS%]\msnetcfg.exe
[%WINDOWS%]\qirqgs.bin
[%WINDOWS%]\system\svr.exe
[%WINDOWS%]\temp\pkg310.exe
[%WINDOWS%]\temp\pkg332.exe
[%WINDOWS%]\temp\pkg3392.exe
[%WINDOWS%]\unin0686.exe
[%WINDOWS%]\vvuijoe.exe
[%WINDOWS%]\wesapygp.sys
[%WINDOWS%]\winexec32.dli
[%WINDOWS%]\xqwrmthm.sys

Category:
Backdoor Trojan

Recommended Action:
Remove at once.

Manual removal of Win32.Mosuck is risky venture but you can try by ceasing all of the running processes.  Be sure to try to find them because many are hidden.  Then delete all of the remaining files.  If this doesn’t prove successful, you may want to try ZookaWare PC Cleaner.  With ZookaWare PC Cleaner you can receive automatic removal of all spyware at a nominal cost.  ZookaWare PC Cleaner also keeps working for you.  It will run each time you startup Windows to ensure there are no unseen threats.  For safe and reliable protection, try ZookaWare PC Cleaner.

Download Free Scan
ZookaWare runs on Windows Vista, 7, 8 and 10. It has no ads, popups or bundled software and fully uninstalls by clicking Start > All Programs > select ZookaWare and click Uninstall.

Leave a Reply

Your email address will not be published. Required fields are marked *

css.php