Author Topic: W32.Kuang2+ W32.Trojan-gen{UPX!} (Read 14904 times)

Tire · « **on:** August 26, 2003, 03:40:28 PM »

Avast detected at me 2 viruses W32.Kuang2.
What is this the virus?

raman · « **Reply #1 on:** August 26, 2003, 03:53:09 PM »

Let me guess. Avast reports the imscan.dll as infected? If so, it is a false alarm. You may use the boardsearch and search for kuang or Panda.

Tire · « **Reply #2 on:** August 27, 2003, 03:05:29 PM »

................and Win32.Trojan-gen{UPX!}

raman · « **Reply #3 on:** August 27, 2003, 03:09:02 PM »

Can you give us a filename and the folder where is it located?

Tire · « **Reply #4 on:** August 27, 2003, 03:21:48 PM »

C:\Program Files\......\SystemVolume Inf........
D:\..........\SystemVolume

Tire · « **Reply #5 on:** August 27, 2003, 03:24:12 PM »

Every day Avast removes him and is every day!

raman · « **Reply #6 on:** August 27, 2003, 03:35:51 PM »

The whole path and filename would be fine!;)
And what windows do you use.

BTW: You could check the file using this link: http://www.kaspersky.com/remoteviruschk.html

Tire · « **Reply #7 on:** August 27, 2003, 04:03:26 PM »

C;\Documents and Settings\M.... M.............\Ustawienia lokalne\Temporary Internet Files\Content.IE5\WDEFOXQR\favs[1].eml=MIME part]=>MIME part]=>message body] is suspect with Exploit.Iframe.Vulnerability

What is this?

System Windows XP Home Edition SP 1

raman · « **Reply #8 on:** August 27, 2003, 04:17:03 PM »

This means that one of your Emails or an Email you recieved maybe contains code that "forces" unpatched Outlook Versions to automatical execute attachements.

BTW: It is safe to delete all files and folders that are located in the"Content.IE5" folder, if Outlook and the Internetexplorer are closed.

BTW: can you find the filenames (given by Avast) in the registry?

Tire · « **Reply #9 on:** August 27, 2003, 04:52:46 PM »

1/Trojans Win32.Trojan-gen{UPX!} it is already in the quarantine Avast!v.4 HE.
2/C:\Documents and Settings\M.....M....\....I cannot find the file name.
Avast alarms are all the time.

raman · « **Reply #10 on:** August 27, 2003, 04:56:39 PM »

Okay, maybe we need a second opinion here. Use the Link to Bitdefender and/or Trend micro shown on this link: http://www.rokop-security.de/main/onlinescan.php
I just saw that the Bitdefenderlink is in german language. Try this: http://bitdefender.com/scan/licence.php

Tire · « **Reply #11 on:** August 27, 2003, 05:47:57 PM »

OK.Thanks
BitDefender Scanner shows the error in the Polish option.

raman · « **Reply #12 on:** August 27, 2003, 05:50:08 PM »

Please inform us what the other Av-Programm say or maybe find! Thanks

Tire · « **Reply #13 on:** August 27, 2003, 06:20:26 PM »

Avast individually does not know to delete trojan Win32.Trojan-gen{UPX!}.
Does this by BitDefender Antivirus Free and places in the quarantine - Avast
Why?

PS:Norton Antivirus 2003 does not see this trojan

whocares · « **Reply #14 on:** August 27, 2003, 06:26:13 PM »

Hi,
please give us more details...
that means FULL pathnames, filenames and virusnames, found by the different scanners.
and explain your question a bit..
I'm not sure what you mean..

Author Topic: W32.Kuang2+ W32.Trojan-gen{UPX!} (Read 14904 times)

Tire

W32.Kuang2+ W32.Trojan-gen{UPX!}

raman

Re:W32.Kuang2

Tire

Re:W32.Kuang2

raman

Re:W32.Kuang2

Tire

Re:W32.Kuang2

Tire

Re:W32.Kuang2

raman

Re:W32.Kuang2

Tire

Re:W32.Kuang2

raman

Re:W32.Kuang2

Tire

Re:W32.Kuang2

raman

Re:W32.Kuang2

Tire

Re:W32.Kuang2

raman

Re:W32.Kuang2

Tire

Re:W32.Kuang2

whocares

Re:W32.Kuang2