Infected with Qoologic ?
The Qoologic application creates a backdoor connection between a remote computer and the user's system.
The Qoologic application belongs to the backdoor Trojan software family. Applications from this Trojan software family maintain an open port. This port can be used by remote users to establish a connection between a remote system and the user's computer. The remote system may send instructions to the user's computer using the backdoor connection. It may send instructions such as file upload and download. Backdoor connections also allow the remote user to copy, transfer and modify files. Some backdoor Trojan applications use the user's system to send out spam emails. Remote users search for the contact lists stored on the computer's hard disk. The backdoor Trojan application broadcasts spam emails to the email addresses found on the contact lists.
The Qoologic application allegedly installs a server component on the user's computer and a client component on the remote system. A server component remains inactive until given instructions by a client component. Client components issue requests to the server component using the backdoor connection. The client component of this application sends instructions to the user's system thru an Extensible Mark-up Language or XML configuration file. An XML configuration file allows a user to define specific elements. XML was designed for distribution of structured data. It can also be used for remote system implementation. The XML configuration file for this application contains the detailed instructions to the system.
The XML configuration file determines the instructions such as operating on the system's background. It may also add the value KavSvc to the system's startup registry entries. This modification in the registry entries allow this backdoor Trojan application to be initiated every time the system boots up.
The Qoologic application may be installed on Windows Operating Systems such as Windows NT, Windows XP, Windows 98, Windows 95 and Windows 2000.
Its author is unknown.
No website available.
|Threat Level: Severe Risk|
|Records personal data / keystrokes|
|Hijacks internet browser|
|Allows remote influence|
|Downloads unsolicited files|
|Disables programs / system|
|Makes unauthorized phone calls|
|Exploits a security flaw|
|Floods internet connection|
|Tracks browsing activity with installed applications|
|Tracks browsing activity with cookies|
|Installs without user consent|
|Inadequate uninstall procedures|
|Insufficient privacy disclosure and consent|
|Uses excessive system resources|
|Makes fraudulent claims about spyware detection and removal|
|Performs Silent Updates|
Microsoft is a registered trademark of Microsoft Corporation in the United States and/or other countries.