Severity scale:  
  (57/100)

Moses. How to remove? (Uninstall guide)

removal by Jake Doevan - - | Type: Remote Administration Tools
12

A RAT program works by a simple but effective principle: the hacker infects the machine with a “server” program via the e-mail or File and Print Sharing system and can control it, using a “client” on his computer. Originated in September 2001. The functions of a RAT can vary, depending on the needs of the attacker. This program has a “backdoor” function, allowing the intruder to bypass the security. The author of this pest is a hacker called Psyon. The RAT was written in Visual C++ programming language. Several variants (Moses 1.1.5 b, Moses 1.1.5 d, Moses 1.10c, Moses 2.01) appeared from July 2000 to October 2003.

From the publisher:

“Moses – Remote Admin Tool By Psyon for MoDeM

DISCLAIMER: This software is intended for legitimate remote administration needs. It is provided as is, without any support from. MoDeM is not now and will not ever be responsible for any uses of the software.

CONFIGURATION Use the configuration tool config.exe in the zip file. It should be pretty self explanatory. config.exe is a slimmed down version of the Bo2k Config tool. It works, thats all that matters.

VERSIONS

2.0.1 BETA I added a file server, so that you can download files from the host easier. Also I fixed the MSGBOX code that was causing the software to stop if no one clicked OK.

1.1.5 BETA I changed the way that the USERHOST response was being handled. It was preventing the lookup of the host IP properly, so dos consoles were not working right.

1.1.2 BETA I changed the ResolveHost() function. Im pretty positive it was responsible for some errors I was encountering.

1.1.1 BETA Just a few small bug fixes.

1.1.0 BETA I changed the installation process. The old way was not working on all computer. The installer and Moses are actually separate programs now, but they run as one.

1.0.1 BETA I fixed a problem with the initial setup not running on all computers. Also fixed a problem with Moses not connecting to IRC when it did run.

1.0.0 BETA This is the initial release of Moses. It is not very complete. It does have some useful features in it, like the console. Check it out.

COMMANDS

All commands are given by messaging the bot. If you are familiar with IRC than you know what this means, if than stop reading and delete moses! Commands are as follows:

COMMAND – Sends raw IRC commands to the server. USAGE: COMMAND ex: COMMAND PRIVMSG #Moses :Command used!

CONSOLE – Gives you a DOS prompt in a DCC window. This function is extremely buggy and may not work on all computers. Im looking into fixing it. USAGE: CONSOLE

EXECUTE – Executes a specified program or file. USAGE: EXECUTE ex: EXECUTE c:\windows\notepad.exe

HELP – Lists all currently available commands. USAGE: HELP

MSGBOX – Shows a message box on the remote machine. USAGE: MSGBOX ex: MSGBOX Sorry, you are about to be rebooted

QUIT – Makes the bot quit irc and reconnect. USAGE: QUIT [message] ex: QUIT quit requested from Admin

REBOOT – Reboots remote computer. USAGE: REBOOT

SEND – Sends a series of files matching a mask via DCC. It will send one at a time USAGE: SEND ex: SEND c:\windows\*.exe

SERVER – Makes the bot switch IRC servers. USAGE: SERVER

VERSION – Returns current version of Moses. USAGE: VERSION

Psyon”

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software to remove Moses you agree to our privacy policy and agreement of use.
do it now!
Download
Reimage (remover) Happiness
Guarantee
Download
Reimage (remover) Happiness
Guarantee
Compatible with Microsoft Windows Compatible with OS X
What to do if failed?
If you failed to remove infection using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Moses. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manual removal instructions below.

More information about this program can be found in Reimage review.

More information about this program can be found in Reimage review.

Moses manual removal:

Kill processes:
-1705630907.exe,config.exe,installer.exe,lwclient.exe

Unregister DLLs:
[system root]\system\userprof.dll

Delete files:
-1705630907.exe,bo2kcfg.cpp,bo2kcfgdlg.cpp,bo2kcfgdlg.h,cmd_msgbox.c,config.dsp,config.exe,installer.c,installer.exe,installer.rc,license.txt,lwclient.exe,moses.c,moses.def,moses.dsp,moses.dsw,readme.txt,resource.h,stdafx.cpp,stdafx.h,[system root]\system\userprof.dll,vssver.scc

About the author

Jake Doevan
Jake Doevan - Computer technology expert

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Jake Doevan
About the company Esolutions