Re: Kuang2 Virus/Trojan - Does ANYONE KNOW HOW TO REMOVE?
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 09/19/04
- Next message: PeterJ: "Import of back-up encryption certificate does not work"
- Previous message: Will: "IE ActiveX and Windows Explorer Problem."
- In reply to: TexasJac: "Re: Kuang2 Virus/Trojan - Does ANYONE KNOW HOW TO REMOVE?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 19 Sep 2004 17:28:30 -0400
If it's inbound -- you don't have it. It is looking for a peer.
Dave
"TexasJac" <TexasJac@discussions.microsoft.com> wrote in message
news:03A12D83-103F-431C-A617-69C443AF925C@microsoft.com...
| Thanks. I followed your instructions. It says I'm clean.
|
| McAfee Firewall Plus is still showing port activity on Port 17300 "Kuang2
| The Virus XXX" but nothing about having blocked the attempt.
|
| I believe this is an inbound probe and all the other ports state:
| "The firewall has blocked an attempt to access this port."
|
| I'm still not sure if I have it or not.
|
| Jac
| "David H. Lipman" wrote:
|
| > There are anti virus News Groups specifically for this type of discussion.
| >
| > microsoft.public.scripting.virus.discussion
| > microsoft.public.security.virus
| > alt.comp.virus
| > alt.comp.anti-virus
| >
| > Are you using McAfee's FireWall ? Your post isn't clear. It is possible that the
FireWall
| > is is providing a False Positive declaration.
| >
| > Read map's reply, it is apropos. I don't know who told you to or why you tried Stinger
| > becuase it does NOT target the Kuang virus so that was COMPLETELY worthless.
| >
| > Your post indicates you used the McAfee Command Line Scanner. If you were infected, it
| > surely woould have found it !.
| >
| > Follow the below instructions, if the Kuang is NOT detected than you are misinterpreting
| > something and you are clean.
| >
| > 1) Download the following two items...
| >
| > Trend Sysclean Package
| > http://www.trendmicro.com/download/dcs.asp
| >
| > Latest Trend signature files.
| > http://www.trendmicro.com/download/pattern.asp
| >
| > 2) If you are using WinME or WinXP, disable System Restore
| > http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
| > 3) Reboot your PC into Safe Mode
| > 4) Using the Trend Sysclean utility, perform a Full Scan of your platform and
| > clean/delete any infectors found
| > 5) Restart your PC and perform a "final" Full Scan of your platform
| > 6) If you are using WinME or WinXP,Re-enable System Restore and re-apply any
| > System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB),
| > 7) Reboot your PC.
| > 8) If you are using WinME or WinXP, create a new Restore point
| > 9) Please report back your results
| >
| > Dave
| >
| >
| >
| >
| >
| >
| > "TexasJac" <TexasJac@discussions.microsoft.com> wrote in message
| > news:B5D8B6BE-34B6-43A3-9761-3CA04796BD4A@microsoft.com...
| > | I have the most current versions of McAfee VirusScan Online and Personal
| > | Firewall Plus. Virus Scan DOES NOT detect this virus, but Firewall lists it
| > | in the top port activity when I click "test my firewall".
| > |
| > | I have been trying for about 17 hours straight to get rid of it without any
| > | success. I have used the directions at McAfee.com support to boot to the
| > | command prompt and use SCAN / ADL / CLEAN ALL / REPORT REPORT.TXT
| > | The report showed everything was clean.
| > |
| > | I used this after using the following:
| > |
| > | housecall
| > | symantec online scan
| > | panda online scan
| > | AVERT Stinger
| > | CCleaner
| > | Ad-Aware SE w/ the Ad-Aware VX2 Cleaner Plug-In for it
| > | Spybot
| > | Spyware Blaster
| > | CWShredder
| > | Kill2me
| > | about:Buster
| > | HSRemove
| > |
| > | found at http://forums.majorgeeks.com/archive/index.php/t-35407
| > |
| > |
| > |
| >
| >
| >
- Next message: PeterJ: "Import of back-up encryption certificate does not work"
- Previous message: Will: "IE ActiveX and Windows Explorer Problem."
- In reply to: TexasJac: "Re: Kuang2 Virus/Trojan - Does ANYONE KNOW HOW TO REMOVE?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
