|
|
#1
November 20th, 2002, 11:44 AM
|
|||
|
|||
bo427543-z.exe trojan
I am using "the cleaner" to stop this program (bo427543-z.exe) from running, (it says it is a kuang trojan, but cannot remove it) but I can't find any info on what is copying the file. I am using win98, and I have searched my registry for keys Kuang is known to use, but found none. Anyone that could help me, please e-mail or post. Thanks.
|
|
#2
November 20th, 2002, 11:58 AM
|
||||
|
||||
|
Re:bo427543-z.exe trojan
Hi Akuen,
Can you see if this is the one? http://www3.ca.com/virusinfo/Virus.asp?ID=9787 If this does not provide enough info to remove the trojan, please go to our downloads-section: http://www.wilders.org/downloads.htm and download startuplist.zip Unzip and run the program and copy and paste the results in your next post. If there is anything in there you donīt want the world to know about, youīre welcome to mail or IM it to me. Regards, Pieter
__________________
Regards, Pieter Itīs nice to be important, but itīs more important to be nice. Remove & Prevent spyware It's human to make mistakes. It's even more so to blame the computer for it. |
|
#3
November 20th, 2002, 12:21 PM
|
|||
|
|||
|
Re:bo427543-z.exe trojan
Thank you for responding so quickly. I could not find that registry entry either, so I have sent you my startuplist file via email.
|
|
#4
November 20th, 2002, 12:44 PM
|
||||
|
||||
|
Re:bo427543-z.exe trojan
Well, it wasnīt that trojan. I know that much.
Does Trojan Hunter recognize that file at all? What Iīd like you to do first: Go to Internet Options > Temp. Internet Files > Settings > Show Objects, and examine all ActiveX objects you see there. Right-click them to see the properties. Remove everything that wasnīt put there by Microsoft, Macromedia or Outpost. Then look for this file C:\WINDOWS\WININIT.INI and remove this entry: [rename] C:\WINDOWS\BO4275~1.TCF=C:\WINDOWS\BO4275~1.EXE Next take a look in Config screen > Add/remove software if there are entries left of Newdotnet aka New.Net and remove these if present (donīt think so, just to make sure) Then go back to our downloads section and grab a copy of Adaware or Spybot S&D (preferably both) and let these programs clean your computer of the remnants of spy-ware. After rebooting you should be able to remove the file. That should do the trick  Pieter
__________________
Regards, Pieter Itīs nice to be important, but itīs more important to be nice. Remove & Prevent spyware It's human to make mistakes. It's even more so to blame the computer for it. |
|
#5
November 22nd, 2002, 05:06 AM
|
||||
|
||||
|
Re:bo427543-z.exe trojan
It might be that this is Kuang the virus, an extremely nasty specimen. Please email a copy to us at submit@diamondcs.com.au , and you will need a virus scanner to remove a viral infection (appends itself to lots of files)
Actually the best way to remove Kuang the virus is with the Kuang client, connecting to yourself and then uninstalling the RAT/Virus.. this might be the way to go, I cannot provide you with this but I'm sure someone else can  |
|
#6
November 22nd, 2002, 05:14 AM
|
||||
|
||||
|
Re:bo427543-z.exe trojan
Quote:
Agreed - as goes for many nasties like these  Quote:
Most probably - nevertheless, and for the record: no URLs to malware sites allowed over on this board. Anyone inclined, please use PM. regards. paul
__________________
01110010 01100101 01100111 01100001 01110010 01100100 01110011 00100000 01110000 01100001 01110101 01101100 |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
