virus & trojan - need help.

Discussion in 'malware problems & news' started by Peaches4U, Mar 7, 2004.

Thread Status:
Not open for further replies.
  1. Peaches4U

    Peaches4U Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    5,070
    Location:
    At my computer
    Am using WinXP and ZAP. AVG let me down and did not detect the following two nasties and I only found out I had them in my computer when I downloaded Avast and did a thorough scan of my computer. This is what I have:

    W32Kuang which is a password stealing trojan. And steal my password, that it did but I had it changed when I had problems signing into my OE. It has been found here:

    Win32Kuang2 - imscan.dll
    Win32,Kuang2 - C\Windows\Active Scan\emscan.dll

    Next is Win95:Matyas - cannot find anything on this one but was found here:
    C\Windsos\System32\active scan\pav.sig
    W95:Matyas\System32\Pav.sig

    All of the above are currently in quarantine.

    Both of the above were also found in System Restore, which I disabled and did another follow up scan with Avast and then with Trend Micro.

    What is safe to delete as I do not really understand Avast. There is a whole bunch of other stuff Avast listed as unable to scan - what does it mean?

    Have been up all night with no sleep trying to rid myself of this so that they do not take over my computer. Any help will be very much appreciated. Thank you.
     
  2. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    Hi Peaches4U :)

    According to this link,

    http://www.techsupportforum.com/computer/topic/12964-1.html

    Win95:Matyas is a false positive.

    Hope this helps.

    EDIT- Looks like they both are. ;)


    snowbound
     
  3. Peaches4U

    Peaches4U Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    5,070
    Location:
    At my computer
    Thaniks SB - Okay, so now that I have these quarantined, what do I do with themo_O It probably explains why a Panda scan failed to function properly. However, TrendMicro went full tilt.
     
  4. puff-m-d

    puff-m-d Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    4,449
    Location:
    North Carolina, USA
    Peaches4U,

    Both of those file are legit Panda AV files. If you can restore them from quarantine to their original location, you should. If you can not, you will probably have to reinstall Panda. Be sure you put those files in the Avast exclude list.

    HTH....

    Regards,
    Kent
     
  5. RAMESH

    RAMESH Registered Member

    Joined:
    Mar 9, 2004
    Posts:
    2
    Hi!
    You could try an online scan that is freely available from the net. The address is www.pandasoftware.com/activescan. AFter you have entered this site, you may be asked to register (This is free of charge). Provide your email address and choose a separate password for registering on pandasoftware.com website. Then follow the online instructions till the end and see if this problem of yours is solved. Please let me know if your problem is solved. Ramesh
     
  6. Peaches4U

    Peaches4U Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    5,070
    Location:
    At my computer
    Okay, I restored the files - still trying to figure out where & how to place in the exclude list... maybe tomorrow when my mind is refreshed. Thanks for your help.
     
  7. Peaches4U

    Peaches4U Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    5,070
    Location:
    At my computer
    Thanks Ramesh - I have been using Panda online for quite some time. Obviously, as it turns out I do not have a virus in my computer. Peaches
     
Loading...
Thread Status:
Not open for further replies.