Trojanhorse SHeur.BCFG

Velocity micro / E2055
August 20, 2009 at 17:17:58
Specs: Microsoft Windows Vista Home Premium, 3.163 GHz / 3052 MB
Hi - my anti-virus software, AVG, picked up three things this morning, and it won't let me remove them. They are Trojanhorse SHeur.BCFG; Trojanhorse BackDoor.Agent.RND; and Trojanhorse BackDoor.Agent.RNE

Can someone help, please?


See More: Trojanhorse SHeur.BCFG

Report •


#1
August 20, 2009 at 19:22:06
Download and run Kaspersky AVP tool in safe mode: http://devbuilds.kaspersky-labs.com...
Once you download and start the tool in safe mode:
# Check below options:

    * Select all the objects/places to be scanned. 
    * Settings > Customize > Heuristic analyzer > Enable deep rootkit search

# Click Scan
# Fix what it detects
# Zip/Rar Scan log/Summary and upload it to rapidshare.com. Post download link in your next message.

Illustrated tutorial: http://img32.imageshack.us/img32/76...

If I'm helping you and I don't reply within 24 hours send me a PM.


Report •

#2
August 20, 2009 at 19:22:43
You may want to try trojan remover:
http://www.simplysup.com/tremover/d...
It should remove the trojans.

Some HELP in posting on Computing.net plus free progs and instructions Cheers


Report •

#3
August 21, 2009 at 15:28:38
As a AV company employee I dont like such "advices" to install as much AV softwares as possible. In most cases it will make system unstable.

JustSheri1969: Can you tell us why AVG did not removed those viruses? Are those files whitelisted (protected system files which can not be deleted)? And can you tell us exact path of those files?

regards
David (http://www.virus-support.com).


Report •


#4
August 22, 2009 at 05:23:45
Hi David,

I still can't get rid of them. It shows as follows:

C:programdata\webext\winchk.exe
C:programdata\webext\cssys.dll
C:programdata\webext\iusys.dll

Thank you


Report •

#5
August 22, 2009 at 05:25:08
Also, I removed all of the other AV - I am only running BiDefender 2010 right now. Every one of them picked it up, but none could remove it.

Report •

#6
August 22, 2009 at 06:55:29
I disagree with response 3
>>>As a AV company employee I dont like such "advices" to install as much AV softwares as possible. In most cases it will make system unstable.<<<

Sounds fishy to me and I'm really interested in how he suggests removing the problem. By going to the website in his signature just wondering if it isn't a spammer trying to drum up some remote business here on computing.net....

JustSheri1969, I would suggest that if he sends you PM's or e-mails suggesting removing your problems remotely for a fee, post back and let us know. Computing.net is about people helping others for free (no charge at all)

IMO you have to use cleaners to remove problems, as well as manually of course. Good luck

Some HELP in posting on Computing.net plus free progs and instructions Cheers


Report •

#7
August 22, 2009 at 09:54:52
>>I disagree with response 3
Can you tell me why you disagree? Did you ever work in AV business? Any professional skills?

>>>Sounds fishy to me and I'm really interested in how he suggests removing the problem. By going to the website in his signature just wondering if it isn't a spammer trying to drum up some remote business here on computing.net....

Well, I admit that its partially advert, however I never told I will help only for fee.

JustSheri1969: Visit my website (http://www.virus-support.com), join Online chat and ask for David. I will take care of it for FREE.


Report •

#8
August 22, 2009 at 18:47:58
JustSheri1969, all I can say is be careful, the rest is up to you. I have NEVER heard of a commercial site doing anything for free. Don't forget, when he gets on remotely on your PC you will have lots of personal information available for him.
I still feel this person is spamming.

Oh by the way David, No, I have never worked for an AV company but I must say that I have fixed many PC's that pro techs messed up in the past. Nor have I ever gone to another site and tried pulling clients from it. I might have to say that computing.net probably has more skilled people than your SO-CALLED AV site has, and they all volunteer their time at no charge.


Report •


Ask Question