Quick Heal Technologies Pvt. Ltd. - Powered By Kayako eSupport

How to protect system from Kido worm...

Article Details

URL:	http://support.quickheal.com/esupport/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=41
Article ID:	41
Created On:	17 Jan 2009 10:36 AM

Answer Symptoms :

Symptom 1 : Getting message as 'Unable to detect Internet connection" / SOCK4, SOCK 5 error, though the system is connected to internet and you can browse on all websites.

Symptom 2 : Unable to open security websites like, www.quickheal.com/microsoft.com and so on.

Solution :

Step 1:
Download and execute the tool from below URL.
http://www.itsecure.co.in/qhKworm.exe

Restart your system, and now check if quickheal.com is getting open. If not, then proceed to step 2.

If this website is getting open, then the problem is solved and no need to follow below steps. Now you can update and register QH without any problem.

Step 2 :

Download below patch and apply it on your Pc.

[version 10.00]

Quick Heal antivirus plus
http://brm.itsecure.co.in/builds/qh2009/avplus/ppl1001.exe

Quick Heal Total Security
http://brm.itsecure.co.in/builds/qh2009/ts/pts1001.exe

Quick Heal Lite
http://brm.itsecure.co.in/builds/qh2009/lite/plt1001.exe

[Version 9.5 - OS Win XP and above]

Quick Heal antivirus plus
http://brm.itsecure.co.in/builds/2008/avplus/ppl951.exe

Quick Heal Total Security
http://brm.itsecure.co.in/builds/2008/ts/pts951.exe

Quick Heal Lite
http://brm.itsecure.co.in/builds/2008/lite/plt951.exe

Step 3:

Execute this file.

Step 4:

Update Quick Heal manually.

# Open Quick update module, by going through Start->Programs->Quick Heal->Quick Update.
# Click on NEXT.
# Select the option, "Download from Quick Heal Internet Center"
# Click on NEXT.

Step 5:

# On completing the update procedure check if the "virus database date" is latest.
If so, then it shows Quick Heal is updated.

Step 6:

Perform scan of your system.

# Open Quick Heal window and perform scan of entire system.

Step 7:
Restart your system.

Step 8:
Apply the Patch provided by Microsoft against this vulnerability:

To apply the patch, please follow the steps given below:

1. Go to the following webpage:
http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx
2. Go to the section "Affected and Non-Affected Software".
3. Click on the appropriate operating system link in the first
column to download the patch.
4. Once the patch is successfully downloaded, apply it.

It is also recommended to run Windows Update and apply latest
patches for the Microsoft Windows Operating System.

Try opening www.quickheal.com and let us know your observations.

If these websites are getting open, then the worm is completely removed from your system. Now reactivate/update Quick Heal to latest update.

You can contact us with your observations at support@quickheal.com with subject of mail as "Feedback for work kido"

Regards,
Quick Heal Team.
support@quickheal.com

Note : http://itsecure.co.in is Quick Heal's website with different name.