bo427543-z.exe trojan

I am using "the cleaner" to stop this program (bo427543-z.exe) from running, (it says it is a kuang trojan, but cannot remove it) but I can't find any info on what is copying the file. I am using win98, and I have searched my registry for keys Kuang is known to use, but found none. Anyone that could help me, please e-mail or post. Thanks.

 

Hi Akuen,

Can you see if this is the one?
http://www3.ca.com/virusinfo/Virus.asp?ID=9787
If this does not provide enough info to remove the trojan, please go to our downloads-section: http://www.wilders.org/downloads.htm and download startuplist.zip
Unzip and run the program and copy and paste the results in your next post. If there is anything in there you don´t want the world to know about, you´re welcome to mail or IM it to me.

Regards,

Pieter

 

Thank you for responding so quickly. I could not find that registry entry either, so I have sent you my startuplist file via email.

 

Well, it wasn´t that trojan. I know that much.
Does Trojan Hunter recognize that file at all?
What I´d like you to do first:
Go to Internet Options > Temp. Internet Files > Settings > Show Objects, and examine all ActiveX objects you see there. Right-click them to see the properties. Remove everything that wasn´t put there by Microsoft, Macromedia or Outpost.
Then look for this file C:\WINDOWS\WININIT.INI and remove this entry:
[rename]
C:\WINDOWS\BO4275~1.TCF=C:\WINDOWS\BO4275~1.EXE
Next take a look in Config screen > Add/remove software if there are entries left of Newdotnet aka New.Net and remove these if present (don´t think so, just to make sure)
Then go back to our downloads section and grab a copy of Adaware or Spybot S&D (preferably both) and let these programs clean your computer of the remnants of spy-ware.
After rebooting you should be able to remove the file.
That should do the trick

Pieter

 

It might be that this is Kuang the virus, an extremely nasty specimen. Please email a copy to us at submit@diamondcs.com.au , and you will need a virus scanner to remove a viral infection (appends itself to lots of files)

Actually the best way to remove Kuang the virus is with the Kuang client, connecting to yourself and then uninstalling the RAT/Virus.. this might be the way to go, I cannot provide you with this but I'm sure someone else can