Tech Support Forum - View Single Post

tybomb · 12-10-2008, 04:27 PM

That one worked. A lot of this stuff may be related to QQ which is a popular Chinese chat program I had to install. Unfortunatly it comes bundled with tons of crap. I don't think this new trojan is related to QQ though.
I think scrax.dll is related to QQ but I have no clue about the rest.

2007-02-13 16:12:43 A------- 106,496 C:\Qoobox\Quarantine\C\WINDOWS\system32\scrax.dll.vir
2008-11-23 04:27:41 A------- 136 C:\Qoobox\Quarantine\C\WINDOWS\system32\mxp.dll.vir
2008-12-03 19:07:20 A------- 324 C:\Qoobox\Quarantine\catchme.log
2008-12-03 19:15:25 A------- 8,197 C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2008-12-03 19:16:18 A------- 0 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-CFSServ.exe.reg.dat
2008-12-03 19:16:18 A------- 0 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-NDSTray.exe.reg.dat
2008-12-03 19:16:18 A------- 0 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-TFncKy.reg.dat
2008-12-03 19:16:35 A------- 332 C:\Qoobox\Quarantine\Registry_backups\Notify-WgaLogon.reg.dat
2008-12-09 07:21:34 A------- 220 C:\Qoobox\Quarantine\catchme.txt
2008-12-09 07:26:03 A------- 1,014 C:\Qoobox\Quarantine\Registry_backups\Legacy_AQQAMK.reg.dat
2008-12-09 07:26:03 A------- 1,050 C:\Qoobox\Quarantine\Registry_backups\Legacy_HWDORVTQI.reg.dat
2008-12-09 07:26:04 A------- 846 C:\Qoobox\Quarantine\Registry_backups\Legacy_VZUXJBFOZUVLW.reg.dat
2008-12-09 07:26:04 A------- 1,988 C:\Qoobox\Quarantine\Registry_backups\Service_aqqamk.reg.dat
2008-12-09 07:26:04 A------- 2,012 C:\Qoobox\Quarantine\Registry_backups\Service_hwdorvtqi.reg.dat
2008-12-09 07:26:04 A------- 2,814 C:\Qoobox\Quarantine\Registry_backups\Service_VZUXJBFOZUVLW.reg.dat

12-10-2008, 04:27 PM	#9 (permalink)
tybomb Registered User Join Date: Dec 2006 Posts: 10 OS: XP	Re: Downloader.Agent.APKO and Crypt.AXH That one worked. A lot of this stuff may be related to QQ which is a popular Chinese chat program I had to install. Unfortunatly it comes bundled with tons of crap. I don't think this new trojan is related to QQ though. I think scrax.dll is related to QQ but I have no clue about the rest. 2007-02-13 16:12:43 A------- 106,496 C:\Qoobox\Quarantine\C\WINDOWS\system32\scrax.dll.vir 2008-11-23 04:27:41 A------- 136 C:\Qoobox\Quarantine\C\WINDOWS\system32\mxp.dll.vir 2008-12-03 19:07:20 A------- 324 C:\Qoobox\Quarantine\catchme.log 2008-12-03 19:15:25 A------- 8,197 C:\Qoobox\Quarantine\Registry_backups\tcpip.reg 2008-12-03 19:16:18 A------- 0 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-CFSServ.exe.reg.dat 2008-12-03 19:16:18 A------- 0 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-NDSTray.exe.reg.dat 2008-12-03 19:16:18 A------- 0 C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-TFncKy.reg.dat 2008-12-03 19:16:35 A------- 332 C:\Qoobox\Quarantine\Registry_backups\Notify-WgaLogon.reg.dat 2008-12-09 07:21:34 A------- 220 C:\Qoobox\Quarantine\catchme.txt 2008-12-09 07:26:03 A------- 1,014 C:\Qoobox\Quarantine\Registry_backups\Legacy_AQQAMK.reg.dat 2008-12-09 07:26:03 A------- 1,050 C:\Qoobox\Quarantine\Registry_backups\Legacy_HWDORVTQI.reg.dat 2008-12-09 07:26:04 A------- 846 C:\Qoobox\Quarantine\Registry_backups\Legacy_VZUXJBFOZUVLW.reg.dat 2008-12-09 07:26:04 A------- 1,988 C:\Qoobox\Quarantine\Registry_backups\Service_aqqamk.reg.dat 2008-12-09 07:26:04 A------- 2,012 C:\Qoobox\Quarantine\Registry_backups\Service_hwdorvtqi.reg.dat 2008-12-09 07:26:04 A------- 2,814 C:\Qoobox\Quarantine\Registry_backups\Service_VZUXJBFOZUVLW.reg.dat