here is an example of remove CWS.Msconfd
1)Running CWShredder in Windows and rebooting after it detected and tried to repair the infectio.
2) Deleting the c:\winnt\system32\msconfd.dll file via Dos using a bootdisk (do not log into windows). You cannot delete this in Windows as it states that the file is in use.
3) Creating an empty text file in its place and making its attributes read only (make sure name is msconfd.dll and it is stored in C:\winnt\system32\).
4) Booting up normally into Windows and running CWShredder.
5) CWShredder finds the trojan and asks to reboot.
6) Once I rebooted I got a few error messages as the trojan tried to reinfect but could not because of the harmless read only msconfd.dll file I created in its location.
7) I then rebooted again and this time when I ran CWShredder it no longer appeared!!!
While doing this whole process I disabled my Internet connection but I do not know if this helped or not. Better to be safe...
Hope that helps you.
1)Running CWShredder in Windows and rebooting after it detected and tried to repair the infectio.
2) Deleting the c:\winnt\system32\msconfd.dll file via Dos using a bootdisk (do not log into windows). You cannot delete this in Windows as it states that the file is in use.
3) Creating an empty text file in its place and making its attributes read only (make sure name is msconfd.dll and it is stored in C:\winnt\system32\).
4) Booting up normally into Windows and running CWShredder.
5) CWShredder finds the trojan and asks to reboot.
6) Once I rebooted I got a few error messages as the trojan tried to reinfect but could not because of the harmless read only msconfd.dll file I created in its location.
7) I then rebooted again and this time when I ran CWShredder it no longer appeared!!!
While doing this whole process I disabled my Internet connection but I do not know if this helped or not. Better to be safe...
Hope that helps you.