| Port No | 1524 |
| Service Name | Kuang2 |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This Trojan virus is a daemon agent of “;Trinoo”; that runs on windows platform. It is a hacking tool that gives a hacker access to a network via a computer. |
| Reference Link | Trinoo Trojan |
| Attack |
SOLUTION : To manually remove this Trojan, disconnect the computer from the network/Internet by logging off or better yet, by physically disconnecting the computer. The reason is, while removing the Trojan, the client or hacker might be currently connected to your computer and might notice your removal efforts. Considering it to be his last chance, the hacker might create more havoc. The next step is to remove or to delete the entry in the registry by executing the REGEDIT.EXE from the Start Menu\ Run, and going to the HKEY_LOCAL_MACHINE\Software\ Microsoft\Windows\CurrentVersion\Run. Next, search for the file SERVICE.EXE (Please be aware not to select the SERVICES.EXE file, which exists on Windows NT and Windows 2000 systems) and delete it. To be sure that this is the actual Trojan file, check the file size if it is 23,145 bytes. Lastly, remove the Trojan in memory by pressing CTRL-ALT-DEL keys “;once,”; then select the “;Service”; task, and end that task. After this your computer is now safe from this Trojan. The latest control patch 660 with engine version 5.000-1119 can detect this Trojan. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.