Malware Info: Boxed Trojan

Removing Boxed
Categories: Trojan,Backdoor,Downloader
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Backdoors are the most dangerous type of Trojans and the most popular.
Backdoors open infected machines to external control via Internet.
Often the backdoor will not be visible in the log of active programs.
The downloader either launches the new malware or registers it to enable autorun
according to the local operating system requirements.

Boxed Also known as:


[Kaspersky]Trojan-Downlaoder.Win32.Agent.ajd,Trojan-Proxy.Win32.Horst.av,Backdoor.Win32.Robobot.ay,Trojan-Proxy.Win32.Horst.dt,Trojan-Proxy.win32.Horst.cs,Trojan-Proxy.Win32.Horst.dw,Trojan-Proxy.Win32.Horst.ks,Trojan-Proxy.Win32.Horst.kq,Trojan-Proxy.Win32.Horst.kx,Trojan-Proxy.Win32.Horst.kn,Trojan-Proxy.Win32.Horst.kr,Trojan-Proxy.Win32.horst.kp,Trojan-Proxy.win32.Horst.kq,Trojan-Proxy.Win32.Horst.km,Backdoor.Win32.IRCBot.xq,Trojan-Proxy.Win32.Horst.ky,Trojan-Downloader.Win32.Small.ecs,Trojan-Proxy.Win32.Horst.te,TrojanDownloader.Agent.aii,Trojan-Proxy.Win32.Horst.pj,Trojan-Proxy.Win32.Horst.vw,Trojan-Downloader.Win32.Agent.aii,Trojan-Downloader.Win32.Horst.al,Trojan-Proxy.Win32.Horst.ww;
[McAfee]BackDoor-CMQ,DDoS-Boxed,Proxy-Horst.gen,BackDoor-CMQ.dldr,Spam-Loot,Proxy-Horst;
[F-Prot]W32/Methodbod.gen;
[Other]Win32/Boxed.CC,Trojan.Lootseek.AV,Win32.Boxed.CB,Win32/Boxed.CI,Trojan-Proxy.Win32.Horst.ds,Downloader,Win32/Boxed.CJ,Backdoor.Trojan,Win32/Boxed.BJ,Backdoor.Sdbot,Win32/Boxed.CL,Win32/Boxed.CK,Win32.Boxed.CY,Win32/Boxed.CF,Win32/Boxed.CH,Win32/Boxed.FP,Win32/Boxed.CX,Win32/Boxed.FL,Trojan.Webus,Win32.Boxed.GA,Win32.Boxed.GB,Win32.Boxed.FX,Win32/Boxed.CV,Win32/Boxed.EV,Trojan.Lookseek.AV,Win32/Boxed.FN,Win32/Boxed.FO,Win32.Boxed.EW,Win32.Boxed.FQ,Trojan.Lootseek.av,Win32.Boxed.FS,Win32.Boxed.FU,Win32.Boxed.FV,Win32.Boxed.FY,Win32.Boxed.FZ,Win32.Boxed.GD,Win32/Boxed.GE,W32/DLoader.BKQE,Win32/Boxed.IH,Win32/Boxed!generic,WIn32/Boxed!generic,Win32/Boxed.JV,TrojanProxy:Win32/Horst.gen,W32/Horst.gen27,BKDR_MEDBOT.CK,Troj/Horst-Gen

Visible Symptoms:
Files in system folders:

 
[%PROFILE_TEMP%]\12exhdd.7.exe
[%PROFILE_TEMP%]\12exssd32.5.exe
[%PROFILE_TEMP%]\14exmodul32c.1.exe
[%PROFILE_TEMP%]\15exssd32.5.exe
[%PROFILE_TEMP%]\17exmodul32c.1.exe
[%PROFILE_TEMP%]\18exhdd.7.exe
[%PROFILE_TEMP%]\18exssd32.d.exe
[%PROFILE_TEMP%]\1exhdd.8.exe
[%PROFILE_TEMP%]\2.mhdd.exe
[%PROFILE_TEMP%]\21exhdd.8.exe
[%PROFILE_TEMP%]\27exmodul32c.1.exe
[%PROFILE_TEMP%]\2exmodul32c.1.exe
[%PROFILE_TEMP%]\31exhdd.8.exe
[%PROFILE_TEMP%]\33exssd32.5.exe
[%PROFILE_TEMP%]\33exssd32.d.exe
[%PROFILE_TEMP%]\35exinjs.8.exe
[%PROFILE_TEMP%]\36exinjs.8.exe
[%PROFILE_TEMP%]\39exhdd.8.exe
[%PROFILE_TEMP%]\39exinjs.f.exe
[%PROFILE_TEMP%]\40exhdd.8.exe
[%PROFILE_TEMP%]\42exmodul32c.1.exe
[%PROFILE_TEMP%]\44exssd32.5.exe
[%PROFILE_TEMP%]\46exmodul32c.1.exe
[%PROFILE_TEMP%]\49exmodul32c.1.exe
[%PROFILE_TEMP%]\4exinjs.3.exe
[%PROFILE_TEMP%]\4exssd32.5.exe
[%PROFILE_TEMP%]\50exinjs.8.exe
[%PROFILE_TEMP%]\51exmodul32c.1.exe
[%PROFILE_TEMP%]\53exhdd.8.exe
[%PROFILE_TEMP%]\56exhdd.8.exe
[%PROFILE_TEMP%]\56exhdd.f.exe
[%PROFILE_TEMP%]\56exinjs.8.exe
[%PROFILE_TEMP%]\57exmodul32c.1.exe
[%PROFILE_TEMP%]\57exssd32.5.exe
[%PROFILE_TEMP%]\60exinjs.8.exe
[%PROFILE_TEMP%]\61exhdd.7.exe
[%PROFILE_TEMP%]\62exinjs.8.exe
[%PROFILE_TEMP%]\63exmodul32c.1.exe
[%PROFILE_TEMP%]\64exmodul32c.1.exe
[%PROFILE_TEMP%]\67exhdd.8.exe
[%PROFILE_TEMP%]\68exinjs.8.exe
[%PROFILE_TEMP%]\68exmodul32c.1.exe
[%PROFILE_TEMP%]\6exssd32.5.exe
[%PROFILE_TEMP%]\72exinjs.8.exe
[%PROFILE_TEMP%]\72exmodul32c.1.exe
[%PROFILE_TEMP%]\73exhdd.7.exe
[%PROFILE_TEMP%]\75exssd32.8.exe
[%PROFILE_TEMP%]\76exhdd.8.exe
[%PROFILE_TEMP%]\82exhdd.7.exe
[%PROFILE_TEMP%]\90ex2.mhdd.exe
[%PROFILE_TEMP%]\90exmodul32c.1.exe
[%PROFILE_TEMP%]\93exssd32.5.exe
[%PROFILE_TEMP%]\94exhdd.7.exe
[%PROFILE_TEMP%]\95exhdd.7.exe
[%PROFILE_TEMP%]\95exhdd.8.exe
[%PROFILE_TEMP%]\96exmodul32c.1.exe
[%PROFILE_TEMP%]\97ex2.mhdd.exe
[%PROFILE_TEMP%]\97exinjs.8.exe
[%PROFILE_TEMP%]\98exmodul32c.1.exe
[%PROFILE_TEMP%]\hdd.7.exe
[%PROFILE_TEMP%]\hdd.8.exe
[%PROFILE_TEMP%]\injs5.exe
[%PROFILE_TEMP%]\modul32c.1.exe
[%PROFILE_TEMP%]\ssd32.5.exe
[%PROFILE_TEMP%]\ssd32.d.exe
[%PROFILE_TEMP%]\ssd32b.exe
[%PROFILE_TEMP%]\ssd32c.exe
[%PROFILE_TEMP%]\ssd32e.exe
[%SYSTEM%]\nvsvcd.exe
[%WINDOWS%]\system\smss.exe
[%PROFILE_TEMP%]\12exhdd.7.exe
[%PROFILE_TEMP%]\12exssd32.5.exe
[%PROFILE_TEMP%]\14exmodul32c.1.exe
[%PROFILE_TEMP%]\15exssd32.5.exe
[%PROFILE_TEMP%]\17exmodul32c.1.exe
[%PROFILE_TEMP%]\18exhdd.7.exe
[%PROFILE_TEMP%]\18exssd32.d.exe
[%PROFILE_TEMP%]\1exhdd.8.exe
[%PROFILE_TEMP%]\2.mhdd.exe
[%PROFILE_TEMP%]\21exhdd.8.exe
[%PROFILE_TEMP%]\27exmodul32c.1.exe
[%PROFILE_TEMP%]\2exmodul32c.1.exe
[%PROFILE_TEMP%]\31exhdd.8.exe
[%PROFILE_TEMP%]\33exssd32.5.exe
[%PROFILE_TEMP%]\33exssd32.d.exe
[%PROFILE_TEMP%]\35exinjs.8.exe
[%PROFILE_TEMP%]\36exinjs.8.exe
[%PROFILE_TEMP%]\39exhdd.8.exe
[%PROFILE_TEMP%]\39exinjs.f.exe
[%PROFILE_TEMP%]\40exhdd.8.exe
[%PROFILE_TEMP%]\42exmodul32c.1.exe
[%PROFILE_TEMP%]\44exssd32.5.exe
[%PROFILE_TEMP%]\46exmodul32c.1.exe
[%PROFILE_TEMP%]\49exmodul32c.1.exe
[%PROFILE_TEMP%]\4exinjs.3.exe
[%PROFILE_TEMP%]\4exssd32.5.exe
[%PROFILE_TEMP%]\50exinjs.8.exe
[%PROFILE_TEMP%]\51exmodul32c.1.exe
[%PROFILE_TEMP%]\53exhdd.8.exe
[%PROFILE_TEMP%]\56exhdd.8.exe
[%PROFILE_TEMP%]\56exhdd.f.exe
[%PROFILE_TEMP%]\56exinjs.8.exe
[%PROFILE_TEMP%]\57exmodul32c.1.exe
[%PROFILE_TEMP%]\57exssd32.5.exe
[%PROFILE_TEMP%]\60exinjs.8.exe
[%PROFILE_TEMP%]\61exhdd.7.exe
[%PROFILE_TEMP%]\62exinjs.8.exe
[%PROFILE_TEMP%]\63exmodul32c.1.exe
[%PROFILE_TEMP%]\64exmodul32c.1.exe
[%PROFILE_TEMP%]\67exhdd.8.exe
[%PROFILE_TEMP%]\68exinjs.8.exe
[%PROFILE_TEMP%]\68exmodul32c.1.exe
[%PROFILE_TEMP%]\6exssd32.5.exe
[%PROFILE_TEMP%]\72exinjs.8.exe
[%PROFILE_TEMP%]\72exmodul32c.1.exe
[%PROFILE_TEMP%]\73exhdd.7.exe
[%PROFILE_TEMP%]\75exssd32.8.exe
[%PROFILE_TEMP%]\76exhdd.8.exe
[%PROFILE_TEMP%]\82exhdd.7.exe
[%PROFILE_TEMP%]\90ex2.mhdd.exe
[%PROFILE_TEMP%]\90exmodul32c.1.exe
[%PROFILE_TEMP%]\93exssd32.5.exe
[%PROFILE_TEMP%]\94exhdd.7.exe
[%PROFILE_TEMP%]\95exhdd.7.exe
[%PROFILE_TEMP%]\95exhdd.8.exe
[%PROFILE_TEMP%]\96exmodul32c.1.exe
[%PROFILE_TEMP%]\97ex2.mhdd.exe
[%PROFILE_TEMP%]\97exinjs.8.exe
[%PROFILE_TEMP%]\98exmodul32c.1.exe
[%PROFILE_TEMP%]\hdd.7.exe
[%PROFILE_TEMP%]\hdd.8.exe
[%PROFILE_TEMP%]\injs5.exe
[%PROFILE_TEMP%]\modul32c.1.exe
[%PROFILE_TEMP%]\ssd32.5.exe
[%PROFILE_TEMP%]\ssd32.d.exe
[%PROFILE_TEMP%]\ssd32b.exe
[%PROFILE_TEMP%]\ssd32c.exe
[%PROFILE_TEMP%]\ssd32e.exe
[%SYSTEM%]\nvsvcd.exe
[%WINDOWS%]\system\smss.exe

How to detect Boxed:

Files: [%PROFILE_TEMP%]\12exhdd.7.exe [%PROFILE_TEMP%]\12exssd32.5.exe [%PROFILE_TEMP%]\14exmodul32c.1.exe [%PROFILE_TEMP%]\15exssd32.5.exe [%PROFILE_TEMP%]\17exmodul32c.1.exe [%PROFILE_TEMP%]\18exhdd.7.exe [%PROFILE_TEMP%]\18exssd32.d.exe [%PROFILE_TEMP%]\1exhdd.8.exe [%PROFILE_TEMP%]\2.mhdd.exe [%PROFILE_TEMP%]\21exhdd.8.exe [%PROFILE_TEMP%]\27exmodul32c.1.exe [%PROFILE_TEMP%]\2exmodul32c.1.exe [%PROFILE_TEMP%]\31exhdd.8.exe [%PROFILE_TEMP%]\33exssd32.5.exe [%PROFILE_TEMP%]\33exssd32.d.exe [%PROFILE_TEMP%]\35exinjs.8.exe [%PROFILE_TEMP%]\36exinjs.8.exe [%PROFILE_TEMP%]\39exhdd.8.exe [%PROFILE_TEMP%]\39exinjs.f.exe [%PROFILE_TEMP%]\40exhdd.8.exe [%PROFILE_TEMP%]\42exmodul32c.1.exe [%PROFILE_TEMP%]\44exssd32.5.exe [%PROFILE_TEMP%]\46exmodul32c.1.exe [%PROFILE_TEMP%]\49exmodul32c.1.exe [%PROFILE_TEMP%]\4exinjs.3.exe [%PROFILE_TEMP%]\4exssd32.5.exe [%PROFILE_TEMP%]\50exinjs.8.exe [%PROFILE_TEMP%]\51exmodul32c.1.exe [%PROFILE_TEMP%]\53exhdd.8.exe [%PROFILE_TEMP%]\56exhdd.8.exe [%PROFILE_TEMP%]\56exhdd.f.exe [%PROFILE_TEMP%]\56exinjs.8.exe [%PROFILE_TEMP%]\57exmodul32c.1.exe [%PROFILE_TEMP%]\57exssd32.5.exe [%PROFILE_TEMP%]\60exinjs.8.exe [%PROFILE_TEMP%]\61exhdd.7.exe [%PROFILE_TEMP%]\62exinjs.8.exe [%PROFILE_TEMP%]\63exmodul32c.1.exe [%PROFILE_TEMP%]\64exmodul32c.1.exe [%PROFILE_TEMP%]\67exhdd.8.exe [%PROFILE_TEMP%]\68exinjs.8.exe [%PROFILE_TEMP%]\68exmodul32c.1.exe [%PROFILE_TEMP%]\6exssd32.5.exe [%PROFILE_TEMP%]\72exinjs.8.exe [%PROFILE_TEMP%]\72exmodul32c.1.exe [%PROFILE_TEMP%]\73exhdd.7.exe [%PROFILE_TEMP%]\75exssd32.8.exe [%PROFILE_TEMP%]\76exhdd.8.exe [%PROFILE_TEMP%]\82exhdd.7.exe [%PROFILE_TEMP%]\90ex2.mhdd.exe [%PROFILE_TEMP%]\90exmodul32c.1.exe [%PROFILE_TEMP%]\93exssd32.5.exe [%PROFILE_TEMP%]\94exhdd.7.exe [%PROFILE_TEMP%]\95exhdd.7.exe [%PROFILE_TEMP%]\95exhdd.8.exe [%PROFILE_TEMP%]\96exmodul32c.1.exe [%PROFILE_TEMP%]\97ex2.mhdd.exe [%PROFILE_TEMP%]\97exinjs.8.exe [%PROFILE_TEMP%]\98exmodul32c.1.exe [%PROFILE_TEMP%]\hdd.7.exe [%PROFILE_TEMP%]\hdd.8.exe [%PROFILE_TEMP%]\injs5.exe [%PROFILE_TEMP%]\modul32c.1.exe [%PROFILE_TEMP%]\ssd32.5.exe [%PROFILE_TEMP%]\ssd32.d.exe [%PROFILE_TEMP%]\ssd32b.exe [%PROFILE_TEMP%]\ssd32c.exe [%PROFILE_TEMP%]\ssd32e.exe [%SYSTEM%]\nvsvcd.exe [%WINDOWS%]\system\smss.exe [%PROFILE_TEMP%]\12exhdd.7.exe [%PROFILE_TEMP%]\12exssd32.5.exe [%PROFILE_TEMP%]\14exmodul32c.1.exe [%PROFILE_TEMP%]\15exssd32.5.exe [%PROFILE_TEMP%]\17exmodul32c.1.exe [%PROFILE_TEMP%]\18exhdd.7.exe [%PROFILE_TEMP%]\18exssd32.d.exe [%PROFILE_TEMP%]\1exhdd.8.exe [%PROFILE_TEMP%]\2.mhdd.exe [%PROFILE_TEMP%]\21exhdd.8.exe [%PROFILE_TEMP%]\27exmodul32c.1.exe [%PROFILE_TEMP%]\2exmodul32c.1.exe [%PROFILE_TEMP%]\31exhdd.8.exe [%PROFILE_TEMP%]\33exssd32.5.exe [%PROFILE_TEMP%]\33exssd32.d.exe [%PROFILE_TEMP%]\35exinjs.8.exe [%PROFILE_TEMP%]\36exinjs.8.exe [%PROFILE_TEMP%]\39exhdd.8.exe [%PROFILE_TEMP%]\39exinjs.f.exe [%PROFILE_TEMP%]\40exhdd.8.exe [%PROFILE_TEMP%]\42exmodul32c.1.exe [%PROFILE_TEMP%]\44exssd32.5.exe [%PROFILE_TEMP%]\46exmodul32c.1.exe [%PROFILE_TEMP%]\49exmodul32c.1.exe [%PROFILE_TEMP%]\4exinjs.3.exe [%PROFILE_TEMP%]\4exssd32.5.exe [%PROFILE_TEMP%]\50exinjs.8.exe [%PROFILE_TEMP%]\51exmodul32c.1.exe [%PROFILE_TEMP%]\53exhdd.8.exe [%PROFILE_TEMP%]\56exhdd.8.exe [%PROFILE_TEMP%]\56exhdd.f.exe [%PROFILE_TEMP%]\56exinjs.8.exe [%PROFILE_TEMP%]\57exmodul32c.1.exe [%PROFILE_TEMP%]\57exssd32.5.exe [%PROFILE_TEMP%]\60exinjs.8.exe [%PROFILE_TEMP%]\61exhdd.7.exe [%PROFILE_TEMP%]\62exinjs.8.exe [%PROFILE_TEMP%]\63exmodul32c.1.exe [%PROFILE_TEMP%]\64exmodul32c.1.exe [%PROFILE_TEMP%]\67exhdd.8.exe [%PROFILE_TEMP%]\68exinjs.8.exe [%PROFILE_TEMP%]\68exmodul32c.1.exe [%PROFILE_TEMP%]\6exssd32.5.exe [%PROFILE_TEMP%]\72exinjs.8.exe [%PROFILE_TEMP%]\72exmodul32c.1.exe [%PROFILE_TEMP%]\73exhdd.7.exe [%PROFILE_TEMP%]\75exssd32.8.exe [%PROFILE_TEMP%]\76exhdd.8.exe [%PROFILE_TEMP%]\82exhdd.7.exe [%PROFILE_TEMP%]\90ex2.mhdd.exe [%PROFILE_TEMP%]\90exmodul32c.1.exe [%PROFILE_TEMP%]\93exssd32.5.exe [%PROFILE_TEMP%]\94exhdd.7.exe [%PROFILE_TEMP%]\95exhdd.7.exe [%PROFILE_TEMP%]\95exhdd.8.exe [%PROFILE_TEMP%]\96exmodul32c.1.exe [%PROFILE_TEMP%]\97ex2.mhdd.exe [%PROFILE_TEMP%]\97exinjs.8.exe [%PROFILE_TEMP%]\98exmodul32c.1.exe [%PROFILE_TEMP%]\hdd.7.exe [%PROFILE_TEMP%]\hdd.8.exe [%PROFILE_TEMP%]\injs5.exe [%PROFILE_TEMP%]\modul32c.1.exe [%PROFILE_TEMP%]\ssd32.5.exe [%PROFILE_TEMP%]\ssd32.d.exe [%PROFILE_TEMP%]\ssd32b.exe [%PROFILE_TEMP%]\ssd32c.exe [%PROFILE_TEMP%]\ssd32e.exe [%SYSTEM%]\nvsvcd.exe [%WINDOWS%]\system\smss.exe

Folders: [%PROFILE_TEMP%]\edonkey

Registry Values: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run HKEY_LOCAL_MACHINE\system\currentcontrolset\services\windows log

Removing Boxed:

You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.

Or buy it to remove ALL viruses from your computer.

Also Be Aware of the Following Threats:

Malware Info

Blog Archive

About Me

Monday, November 10, 2008

Boxed Trojan

How to detect Boxed:

Removing Boxed:

No comments: