Tech Support Forum - View Single Post - Malware: Trojan-downloader-zlob

slade1 · 11-11-2008, 04:54 PM

Chemist,

I appoligize for the delay. I subscribed to this thread but I haven't received a email wh2008-07-02 12:26:30 A------- 173,448 C:\Qoobox\Quarantine\C\WINDOWS\system32\wdfproc.dll.vir
2008-11-01 22:12:39 A------- 132 C:\Qoobox\Quarantine\C\Documents and Settings\Josh\My Documents\My Documents.url.vir
2008-11-01 22:12:39 A------- 133 C:\Qoobox\Quarantine\C\Documents and Settings\Josh\My Documents\My Music\My Music.url.vir
2008-11-01 22:12:39 A------- 133 C:\Qoobox\Quarantine\C\Documents and Settings\Josh\My Documents\My Videos\My Video.url.vir
2008-11-01 22:12:39 A------- 135 C:\Qoobox\Quarantine\C\Documents and Settings\Josh\My Documents\My Pictures\My Pictures.url.vir
2008-11-05 23:26:10 A------- 454 C:\Qoobox\Quarantine\catchme.log
2008-11-05 23:26:21 A------- 80,167 C:\Qoobox\Quarantine\C\WINDOWS\system32\_wdfproc_.dll.zip
2008-11-05 23:54:40 A------- 7,055 C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2008-11-06 00:02:33 A------- 2 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-CFSServ.exe.reg.dat
2008-11-06 00:02:33 A------- 2 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-NDSTray.exe.reg.dat
2008-11-06 00:02:33 A------- 2 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-TFncKy.reg.dat
2008-11-06 00:02:53 A------- 1,485 C:\Qoobox\Quarantine\Registry_backups\ShellIconOverlayIdentifiers-{E4000AC4-5E5F-4956-807A-C5854405D64F}.reg.dat
2008-11-06 00:03:49 A------- 150 C:\Qoobox\Quarantine\Registry_backups\HKLM-Explorer_Run-smile.reg.dat
2008-11-06 00:04:38 A------- 340 C:\Qoobox\Quarantine\Registry_backups\SharedTaskScheduler-{7ca07c92-0ab2-4346-b119-a076695d46ed}.reg.dat
en you have replied to it.

11-11-2008, 04:54 PM	#7 (permalink)
slade1 Registered User Join Date: Jul 2008 Posts: 21 OS: microsoft windows xp media center edition	Re: Malware: Trojan-downloader-zlob Chemist, I appoligize for the delay. I subscribed to this thread but I haven't received a email wh2008-07-02 12:26:30 A------- 173,448 C:\Qoobox\Quarantine\C\WINDOWS\system32\wdfproc.dll.vir 2008-11-01 22:12:39 A------- 132 C:\Qoobox\Quarantine\C\Documents and Settings\Josh\My Documents\My Documents.url.vir 2008-11-01 22:12:39 A------- 133 C:\Qoobox\Quarantine\C\Documents and Settings\Josh\My Documents\My Music\My Music.url.vir 2008-11-01 22:12:39 A------- 133 C:\Qoobox\Quarantine\C\Documents and Settings\Josh\My Documents\My Videos\My Video.url.vir 2008-11-01 22:12:39 A------- 135 C:\Qoobox\Quarantine\C\Documents and Settings\Josh\My Documents\My Pictures\My Pictures.url.vir 2008-11-05 23:26:10 A------- 454 C:\Qoobox\Quarantine\catchme.log 2008-11-05 23:26:21 A------- 80,167 C:\Qoobox\Quarantine\C\WINDOWS\system32\_wdfproc_.dll.zip 2008-11-05 23:54:40 A------- 7,055 C:\Qoobox\Quarantine\Registry_backups\tcpip.reg 2008-11-06 00:02:33 A------- 2 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-CFSServ.exe.reg.dat 2008-11-06 00:02:33 A------- 2 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-NDSTray.exe.reg.dat 2008-11-06 00:02:33 A------- 2 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-TFncKy.reg.dat 2008-11-06 00:02:53 A------- 1,485 C:\Qoobox\Quarantine\Registry_backups\ShellIconOverlayIdentifiers-{E4000AC4-5E5F-4956-807A-C5854405D64F}.reg.dat 2008-11-06 00:03:49 A------- 150 C:\Qoobox\Quarantine\Registry_backups\HKLM-Explorer_Run-smile.reg.dat 2008-11-06 00:04:38 A------- 340 C:\Qoobox\Quarantine\Registry_backups\SharedTaskScheduler-{7ca07c92-0ab2-4346-b119-a076695d46ed}.reg.dat en you have replied to it.