Categories: Trojan,Downloader
This category includes a variety of Trojans that damage victim machines or
threaten data integrity, or impair the functioning of the victim machine.
Trojans-downloaders downloads and installs new malware or adware on the computer.
[Kaspersky]Trojan-Downloader.Win32.ConHook.aa,Trojan-Downloader.Win32.Agent.anm,Trojan-Downloader.Win32.ConHook.ab,Trojan.Win32.BHO.g,Trojan-Spy.Win32.VBStat.e,Packed.Win32.Klone.k,Trojan.Win32.Agent.agv,Trojan-Dropper.Win32.Agent.bdm,Trojan.Win32.BHO.o,Trojan-Downloader.Win32.ConHook.an,Trojan-Downloader.Win32.ConHook.ah,Trojan-Downloader.Win32.ConHook.bd,Trojan-Spy.Win32.VBStat.h,Trojan.Win32.BHO.bd,AdWare.Win32.Virtumonde.ke,Trojan.Win32.BHO.df,Trojan.Win32.BHO.re,Trojan.Win32.BHO.rd,Trojan.Win32.BHO.rg,AdWare.Win32.Virtumonde.agh,Trojan.Win32.BHO.om,AdWare.Win32.Virtumonde.acp,Trojan.Win32.BHO.oi,Trojan.Win32.BHO.xe,Trojan.Win32.BHO.yi;
[McAfee]Downloader-AWX,Spyware-JuanSearch,New Malware.aj,Generic Spy,Vundo;
[F-Prot]W32/Trojan.WDQ,W32/Trojan.TJZ,W32/Trojan2.HRC;
[Other]TROJ_CONHOOK.AH,Win32/Darksma.B,Win32/Darksma.D,Win32/Darksma.K,W32/VBTroj.DAD,Troj/Counto-Gen,Win32/Darksma.J,Infostealer,W32/Darksma.W,Win32/Darksma.AE,Trojan.Metajuan,W32/VBTroj.DCT,Win32/Darksma.AF,Win32/Darksma.P,Trojan.Vundo,Win32/Darksma.Q,Trojan.Win32.BHO.g,Win32/Darksma.S,Trojan Horse,Trojan.Agent.DM,Troj_Agent.PRX,Win32/Darksma.AO,Win32/Darksma.AM,Win32/Darksma.AL,Win32/Darksma.AH,VirTool:Win32/Obfuscator.C,Win32/Darksma.AP,VirTool.Win32/Obfuscator.C,Win32/Darksma.AI,Troj/ConHook-AC,Win32/Darksma.AQ,Trojan.Duntek,Trojan-Spy.Win32.VBStat.h,Win32/Darksma.BJ,Win32/Darksma.BK,Win32/Darksma.EH,Win32/Darksma.FB,Win32/Darksma.FI,Mal/Generic-A,Win32/Darksma.FX,Win32/Darksma.FW,Vundo.gen49,Win32/Darksma.FY,Win32/Darksma.GB,Win32/Darksma.FZ,Win32/Darksma.GA,Trojan:Win32/Vundo.K,Troj/Virtum-Gen,Win32/Darksma.GD,W32/BHO.ALU,Win32/Darksma.GF,Win32/Darksma.HB,Trojan:Win32/Fanop,Win32/Darksma.HK,Trojan:Win32/Vundo.gen!AVisible Symptoms:
Files in system folders:
[%INTERNET_CACHE%]\Content.IE5\09AFSXA7\ms_s_2[1]
[%INTERNET_CACHE%]\content.ie5\7EXSXPVX\ms_s_2[1]
[%INTERNET_CACHE%]\Content.IE5\NI2QBUZD\drf1175715836[1].htm.exe
[%INTERNET_CACHE%]\Content.IE5\TZWBFB2F\drf1176165403[1].htm.exe
[%PROFILE_TEMP%]\aegwmcsd.dll
[%PROFILE_TEMP%]\AOYKQUQV.0LL
[%PROFILE_TEMP%]\CKWDGTRS.0LL
[%PROFILE_TEMP%]\EEBCSFMT.0LL
[%PROFILE_TEMP%]\hmfgaljq.dll
[%PROFILE_TEMP%]\IMCFOKGB.0LL
[%PROFILE_TEMP%]\irarokhf.dll
[%PROFILE_TEMP%]\LNENKGPH.0LL
[%PROFILE_TEMP%]\ofktirtu.dll
[%PROFILE_TEMP%]\temp.fr????
[%PROFILE_TEMP%]\tmp12.tmp.exe
[%PROFILE_TEMP%]\tmp18B.tmp.exe
[%PROFILE_TEMP%]\tmp1C1.tmp.exe
[%PROFILE_TEMP%]\tmp21.tmp.exe
[%PROFILE_TEMP%]\tmp230.tmp.exe
[%PROFILE_TEMP%]\tmp23C.tmp.exe
[%PROFILE_TEMP%]\tmp23E.tmp.exe
[%PROFILE_TEMP%]\tmp2B.tmp.exe
[%PROFILE_TEMP%]\tmp3C.tmp.exe
[%PROFILE_TEMP%]\tmp3E1.tmp.exe
[%PROFILE_TEMP%]\tmp3E7.tmp.exe
[%PROFILE_TEMP%]\tmp3EF.tmp.exe
[%PROFILE_TEMP%]\tmp4.tmp.dll
[%PROFILE_TEMP%]\tmp4.tmp.exe
[%PROFILE_TEMP%]\tmp5.tmp.exe
[%PROFILE_TEMP%]\tmp55.tmp.exe
[%PROFILE_TEMP%]\tmp58.tmp.exe
[%PROFILE_TEMP%]\tmp87.tmp.exe
[%PROFILE_TEMP%]\tmpA.tmp.exe
[%PROFILE_TEMP%]\tmpAF.tmp.exe
[%PROFILE_TEMP%]\tmpB.tmp.exe
[%PROFILE_TEMP%]\tmpCA.tmp.exe
[%PROFILE_TEMP%]\YPJDRDXF.0LL
[%SYSTEM%]\drmrss.dll
[%SYSTEM%]\dswnit.dll
[%SYSTEM%]\fltmon.dll
[%SYSTEM%]\icaahal.dll
[%SYSTEM%]\icaam32.dll
[%SYSTEM%]\igfPAT.dll
[%SYSTEM%]\kbdock.dll.ren
[%SYSTEM%]\mqsvxx.dll
[%SYSTEM%]\mswiew.dll
[%SYSTEM%]\ssqpn.exe
[%SYSTEM%]\tmp1.tmp.dll
[%SYSTEM%]\tmp10C.tmp.dll
[%SYSTEM%]\tmp11.tmp.dll
[%SYSTEM%]\tmp119.tmp.dll
[%SYSTEM%]\tmp12.tmp.dll
[%SYSTEM%]\tmp142.tmp.dll
[%SYSTEM%]\tmp143.tmp.dll
[%SYSTEM%]\tmp16.tmp.dll
[%SYSTEM%]\tmp167.tmp.dll
[%SYSTEM%]\tmp17.tmp.dll
[%SYSTEM%]\tmp18B.tmp.dll
[%SYSTEM%]\tmp19.tmp.dll
[%SYSTEM%]\tmp1AB.tmp.dll
[%SYSTEM%]\tmp1B9.tmp.dll
[%SYSTEM%]\tmp1C.tmp.dll
[%SYSTEM%]\tmp1D.tmp.dll
[%SYSTEM%]\tmp2.tmp.dll
[%SYSTEM%]\tmp230.tmp.dll
[%SYSTEM%]\tmp23E.tmp.dll
[%SYSTEM%]\tmp296.tmp.dll
[%SYSTEM%]\tmp2B.tmp.dll
[%SYSTEM%]\tmp34.tmp.dll
[%SYSTEM%]\tmp38.tmp.dll
[%SYSTEM%]\tmp3C.tmp.dll
[%SYSTEM%]\tmp3E1.tmp.dll
[%SYSTEM%]\tmp3E7.tmp.dll
[%SYSTEM%]\tmp3EF.tmp.dll
[%SYSTEM%]\tmp4.tmp.dll
[%SYSTEM%]\tmp42.tmp.dll
[%SYSTEM%]\tmp44.tmp.dll
[%SYSTEM%]\tmp4B.tmp.dll
[%SYSTEM%]\tmp5.tmp.dll
[%SYSTEM%]\tmp54.tmp.dll
[%SYSTEM%]\tmp55.tmp.dll
[%SYSTEM%]\tmp59.tmp.dll
[%SYSTEM%]\tmp5E.tmp.dll
[%SYSTEM%]\tmp61.tmp.dll
[%SYSTEM%]\tmp65.tmp.dll
[%SYSTEM%]\tmp68.tmp.dll
[%SYSTEM%]\tmp7.tmp.dll
[%SYSTEM%]\tmp83.tmp.dll
[%SYSTEM%]\tmp87.tmp.dll
[%SYSTEM%]\tmp9.tmp.dll
[%SYSTEM%]\tmp95.tmp.dll
[%SYSTEM%]\tmp9C0.tmp.dll
[%SYSTEM%]\tmpA.tmp.dll
[%SYSTEM%]\tmpA2.tmp.dll
[%SYSTEM%]\tmpAF.tmp.dll
[%SYSTEM%]\tmpB.tmp.dll
[%SYSTEM%]\tmpCA.tmp.dll
[%SYSTEM%]\tmpD.tmp.dll
[%SYSTEM%]\tmpD6.tmp.dll
[%SYSTEM%]\tmpD8.tmp.dll
[%SYSTEM%]\tmpDC.tmp.dll
[%SYSTEM%]\tmpF.tmp.dll
[%SYSTEM%]\tmpFF.tmp.dll
[%SYSTEM%]\WgaTKED.dll
[%SYSTEM%]\wnstssv.exe
[%SYSTEM%]\__c001E9B5.dat
[%DESKTOP%]\tmp12.tmp.exe
[%SYSTEM%]\daxsnp.dll
[%SYSTEM%]\tmp1B2.tmp.dll
[%INTERNET_CACHE%]\Content.IE5\09AFSXA7\ms_s_2[1]
[%INTERNET_CACHE%]\content.ie5\7EXSXPVX\ms_s_2[1]
[%INTERNET_CACHE%]\Content.IE5\NI2QBUZD\drf1175715836[1].htm.exe
[%INTERNET_CACHE%]\Content.IE5\TZWBFB2F\drf1176165403[1].htm.exe
[%PROFILE_TEMP%]\aegwmcsd.dll
[%PROFILE_TEMP%]\AOYKQUQV.0LL
[%PROFILE_TEMP%]\CKWDGTRS.0LL
[%PROFILE_TEMP%]\EEBCSFMT.0LL
[%PROFILE_TEMP%]\hmfgaljq.dll
[%PROFILE_TEMP%]\IMCFOKGB.0LL
[%PROFILE_TEMP%]\irarokhf.dll
[%PROFILE_TEMP%]\LNENKGPH.0LL
[%PROFILE_TEMP%]\ofktirtu.dll
[%PROFILE_TEMP%]\temp.fr????
[%PROFILE_TEMP%]\tmp12.tmp.exe
[%PROFILE_TEMP%]\tmp18B.tmp.exe
[%PROFILE_TEMP%]\tmp1C1.tmp.exe
[%PROFILE_TEMP%]\tmp21.tmp.exe
[%PROFILE_TEMP%]\tmp230.tmp.exe
[%PROFILE_TEMP%]\tmp23C.tmp.exe
[%PROFILE_TEMP%]\tmp23E.tmp.exe
[%PROFILE_TEMP%]\tmp2B.tmp.exe
[%PROFILE_TEMP%]\tmp3C.tmp.exe
[%PROFILE_TEMP%]\tmp3E1.tmp.exe
[%PROFILE_TEMP%]\tmp3E7.tmp.exe
[%PROFILE_TEMP%]\tmp3EF.tmp.exe
[%PROFILE_TEMP%]\tmp4.tmp.dll
[%PROFILE_TEMP%]\tmp4.tmp.exe
[%PROFILE_TEMP%]\tmp5.tmp.exe
[%PROFILE_TEMP%]\tmp55.tmp.exe
[%PROFILE_TEMP%]\tmp58.tmp.exe
[%PROFILE_TEMP%]\tmp87.tmp.exe
[%PROFILE_TEMP%]\tmpA.tmp.exe
[%PROFILE_TEMP%]\tmpAF.tmp.exe
[%PROFILE_TEMP%]\tmpB.tmp.exe
[%PROFILE_TEMP%]\tmpCA.tmp.exe
[%PROFILE_TEMP%]\YPJDRDXF.0LL
[%SYSTEM%]\drmrss.dll
[%SYSTEM%]\dswnit.dll
[%SYSTEM%]\fltmon.dll
[%SYSTEM%]\icaahal.dll
[%SYSTEM%]\icaam32.dll
[%SYSTEM%]\igfPAT.dll
[%SYSTEM%]\kbdock.dll.ren
[%SYSTEM%]\mqsvxx.dll
[%SYSTEM%]\mswiew.dll
[%SYSTEM%]\ssqpn.exe
[%SYSTEM%]\tmp1.tmp.dll
[%SYSTEM%]\tmp10C.tmp.dll
[%SYSTEM%]\tmp11.tmp.dll
[%SYSTEM%]\tmp119.tmp.dll
[%SYSTEM%]\tmp12.tmp.dll
[%SYSTEM%]\tmp142.tmp.dll
[%SYSTEM%]\tmp143.tmp.dll
[%SYSTEM%]\tmp16.tmp.dll
[%SYSTEM%]\tmp167.tmp.dll
[%SYSTEM%]\tmp17.tmp.dll
[%SYSTEM%]\tmp18B.tmp.dll
[%SYSTEM%]\tmp19.tmp.dll
[%SYSTEM%]\tmp1AB.tmp.dll
[%SYSTEM%]\tmp1B9.tmp.dll
[%SYSTEM%]\tmp1C.tmp.dll
[%SYSTEM%]\tmp1D.tmp.dll
[%SYSTEM%]\tmp2.tmp.dll
[%SYSTEM%]\tmp230.tmp.dll
[%SYSTEM%]\tmp23E.tmp.dll
[%SYSTEM%]\tmp296.tmp.dll
[%SYSTEM%]\tmp2B.tmp.dll
[%SYSTEM%]\tmp34.tmp.dll
[%SYSTEM%]\tmp38.tmp.dll
[%SYSTEM%]\tmp3C.tmp.dll
[%SYSTEM%]\tmp3E1.tmp.dll
[%SYSTEM%]\tmp3E7.tmp.dll
[%SYSTEM%]\tmp3EF.tmp.dll
[%SYSTEM%]\tmp4.tmp.dll
[%SYSTEM%]\tmp42.tmp.dll
[%SYSTEM%]\tmp44.tmp.dll
[%SYSTEM%]\tmp4B.tmp.dll
[%SYSTEM%]\tmp5.tmp.dll
[%SYSTEM%]\tmp54.tmp.dll
[%SYSTEM%]\tmp55.tmp.dll
[%SYSTEM%]\tmp59.tmp.dll
[%SYSTEM%]\tmp5E.tmp.dll
[%SYSTEM%]\tmp61.tmp.dll
[%SYSTEM%]\tmp65.tmp.dll
[%SYSTEM%]\tmp68.tmp.dll
[%SYSTEM%]\tmp7.tmp.dll
[%SYSTEM%]\tmp83.tmp.dll
[%SYSTEM%]\tmp87.tmp.dll
[%SYSTEM%]\tmp9.tmp.dll
[%SYSTEM%]\tmp95.tmp.dll
[%SYSTEM%]\tmp9C0.tmp.dll
[%SYSTEM%]\tmpA.tmp.dll
[%SYSTEM%]\tmpA2.tmp.dll
[%SYSTEM%]\tmpAF.tmp.dll
[%SYSTEM%]\tmpB.tmp.dll
[%SYSTEM%]\tmpCA.tmp.dll
[%SYSTEM%]\tmpD.tmp.dll
[%SYSTEM%]\tmpD6.tmp.dll
[%SYSTEM%]\tmpD8.tmp.dll
[%SYSTEM%]\tmpDC.tmp.dll
[%SYSTEM%]\tmpF.tmp.dll
[%SYSTEM%]\tmpFF.tmp.dll
[%SYSTEM%]\WgaTKED.dll
[%SYSTEM%]\wnstssv.exe
[%SYSTEM%]\__c001E9B5.dat
[%DESKTOP%]\tmp12.tmp.exe
[%SYSTEM%]\daxsnp.dll
[%SYSTEM%]\tmp1B2.tmp.dll How to detect Darksma:
Files:
[%INTERNET_CACHE%]\Content.IE5\09AFSXA7\ms_s_2[1]
[%INTERNET_CACHE%]\content.ie5\7EXSXPVX\ms_s_2[1]
[%INTERNET_CACHE%]\Content.IE5\NI2QBUZD\drf1175715836[1].htm.exe
[%INTERNET_CACHE%]\Content.IE5\TZWBFB2F\drf1176165403[1].htm.exe
[%PROFILE_TEMP%]\aegwmcsd.dll
[%PROFILE_TEMP%]\AOYKQUQV.0LL
[%PROFILE_TEMP%]\CKWDGTRS.0LL
[%PROFILE_TEMP%]\EEBCSFMT.0LL
[%PROFILE_TEMP%]\hmfgaljq.dll
[%PROFILE_TEMP%]\IMCFOKGB.0LL
[%PROFILE_TEMP%]\irarokhf.dll
[%PROFILE_TEMP%]\LNENKGPH.0LL
[%PROFILE_TEMP%]\ofktirtu.dll
[%PROFILE_TEMP%]\temp.fr????
[%PROFILE_TEMP%]\tmp12.tmp.exe
[%PROFILE_TEMP%]\tmp18B.tmp.exe
[%PROFILE_TEMP%]\tmp1C1.tmp.exe
[%PROFILE_TEMP%]\tmp21.tmp.exe
[%PROFILE_TEMP%]\tmp230.tmp.exe
[%PROFILE_TEMP%]\tmp23C.tmp.exe
[%PROFILE_TEMP%]\tmp23E.tmp.exe
[%PROFILE_TEMP%]\tmp2B.tmp.exe
[%PROFILE_TEMP%]\tmp3C.tmp.exe
[%PROFILE_TEMP%]\tmp3E1.tmp.exe
[%PROFILE_TEMP%]\tmp3E7.tmp.exe
[%PROFILE_TEMP%]\tmp3EF.tmp.exe
[%PROFILE_TEMP%]\tmp4.tmp.dll
[%PROFILE_TEMP%]\tmp4.tmp.exe
[%PROFILE_TEMP%]\tmp5.tmp.exe
[%PROFILE_TEMP%]\tmp55.tmp.exe
[%PROFILE_TEMP%]\tmp58.tmp.exe
[%PROFILE_TEMP%]\tmp87.tmp.exe
[%PROFILE_TEMP%]\tmpA.tmp.exe
[%PROFILE_TEMP%]\tmpAF.tmp.exe
[%PROFILE_TEMP%]\tmpB.tmp.exe
[%PROFILE_TEMP%]\tmpCA.tmp.exe
[%PROFILE_TEMP%]\YPJDRDXF.0LL
[%SYSTEM%]\drmrss.dll
[%SYSTEM%]\dswnit.dll
[%SYSTEM%]\fltmon.dll
[%SYSTEM%]\icaahal.dll
[%SYSTEM%]\icaam32.dll
[%SYSTEM%]\igfPAT.dll
[%SYSTEM%]\kbdock.dll.ren
[%SYSTEM%]\mqsvxx.dll
[%SYSTEM%]\mswiew.dll
[%SYSTEM%]\ssqpn.exe
[%SYSTEM%]\tmp1.tmp.dll
[%SYSTEM%]\tmp10C.tmp.dll
[%SYSTEM%]\tmp11.tmp.dll
[%SYSTEM%]\tmp119.tmp.dll
[%SYSTEM%]\tmp12.tmp.dll
[%SYSTEM%]\tmp142.tmp.dll
[%SYSTEM%]\tmp143.tmp.dll
[%SYSTEM%]\tmp16.tmp.dll
[%SYSTEM%]\tmp167.tmp.dll
[%SYSTEM%]\tmp17.tmp.dll
[%SYSTEM%]\tmp18B.tmp.dll
[%SYSTEM%]\tmp19.tmp.dll
[%SYSTEM%]\tmp1AB.tmp.dll
[%SYSTEM%]\tmp1B9.tmp.dll
[%SYSTEM%]\tmp1C.tmp.dll
[%SYSTEM%]\tmp1D.tmp.dll
[%SYSTEM%]\tmp2.tmp.dll
[%SYSTEM%]\tmp230.tmp.dll
[%SYSTEM%]\tmp23E.tmp.dll
[%SYSTEM%]\tmp296.tmp.dll
[%SYSTEM%]\tmp2B.tmp.dll
[%SYSTEM%]\tmp34.tmp.dll
[%SYSTEM%]\tmp38.tmp.dll
[%SYSTEM%]\tmp3C.tmp.dll
[%SYSTEM%]\tmp3E1.tmp.dll
[%SYSTEM%]\tmp3E7.tmp.dll
[%SYSTEM%]\tmp3EF.tmp.dll
[%SYSTEM%]\tmp4.tmp.dll
[%SYSTEM%]\tmp42.tmp.dll
[%SYSTEM%]\tmp44.tmp.dll
[%SYSTEM%]\tmp4B.tmp.dll
[%SYSTEM%]\tmp5.tmp.dll
[%SYSTEM%]\tmp54.tmp.dll
[%SYSTEM%]\tmp55.tmp.dll
[%SYSTEM%]\tmp59.tmp.dll
[%SYSTEM%]\tmp5E.tmp.dll
[%SYSTEM%]\tmp61.tmp.dll
[%SYSTEM%]\tmp65.tmp.dll
[%SYSTEM%]\tmp68.tmp.dll
[%SYSTEM%]\tmp7.tmp.dll
[%SYSTEM%]\tmp83.tmp.dll
[%SYSTEM%]\tmp87.tmp.dll
[%SYSTEM%]\tmp9.tmp.dll
[%SYSTEM%]\tmp95.tmp.dll
[%SYSTEM%]\tmp9C0.tmp.dll
[%SYSTEM%]\tmpA.tmp.dll
[%SYSTEM%]\tmpA2.tmp.dll
[%SYSTEM%]\tmpAF.tmp.dll
[%SYSTEM%]\tmpB.tmp.dll
[%SYSTEM%]\tmpCA.tmp.dll
[%SYSTEM%]\tmpD.tmp.dll
[%SYSTEM%]\tmpD6.tmp.dll
[%SYSTEM%]\tmpD8.tmp.dll
[%SYSTEM%]\tmpDC.tmp.dll
[%SYSTEM%]\tmpF.tmp.dll
[%SYSTEM%]\tmpFF.tmp.dll
[%SYSTEM%]\WgaTKED.dll
[%SYSTEM%]\wnstssv.exe
[%SYSTEM%]\__c001E9B5.dat
[%DESKTOP%]\tmp12.tmp.exe
[%SYSTEM%]\daxsnp.dll
[%SYSTEM%]\tmp1B2.tmp.dll
[%INTERNET_CACHE%]\Content.IE5\09AFSXA7\ms_s_2[1]
[%INTERNET_CACHE%]\content.ie5\7EXSXPVX\ms_s_2[1]
[%INTERNET_CACHE%]\Content.IE5\NI2QBUZD\drf1175715836[1].htm.exe
[%INTERNET_CACHE%]\Content.IE5\TZWBFB2F\drf1176165403[1].htm.exe
[%PROFILE_TEMP%]\aegwmcsd.dll
[%PROFILE_TEMP%]\AOYKQUQV.0LL
[%PROFILE_TEMP%]\CKWDGTRS.0LL
[%PROFILE_TEMP%]\EEBCSFMT.0LL
[%PROFILE_TEMP%]\hmfgaljq.dll
[%PROFILE_TEMP%]\IMCFOKGB.0LL
[%PROFILE_TEMP%]\irarokhf.dll
[%PROFILE_TEMP%]\LNENKGPH.0LL
[%PROFILE_TEMP%]\ofktirtu.dll
[%PROFILE_TEMP%]\temp.fr????
[%PROFILE_TEMP%]\tmp12.tmp.exe
[%PROFILE_TEMP%]\tmp18B.tmp.exe
[%PROFILE_TEMP%]\tmp1C1.tmp.exe
[%PROFILE_TEMP%]\tmp21.tmp.exe
[%PROFILE_TEMP%]\tmp230.tmp.exe
[%PROFILE_TEMP%]\tmp23C.tmp.exe
[%PROFILE_TEMP%]\tmp23E.tmp.exe
[%PROFILE_TEMP%]\tmp2B.tmp.exe
[%PROFILE_TEMP%]\tmp3C.tmp.exe
[%PROFILE_TEMP%]\tmp3E1.tmp.exe
[%PROFILE_TEMP%]\tmp3E7.tmp.exe
[%PROFILE_TEMP%]\tmp3EF.tmp.exe
[%PROFILE_TEMP%]\tmp4.tmp.dll
[%PROFILE_TEMP%]\tmp4.tmp.exe
[%PROFILE_TEMP%]\tmp5.tmp.exe
[%PROFILE_TEMP%]\tmp55.tmp.exe
[%PROFILE_TEMP%]\tmp58.tmp.exe
[%PROFILE_TEMP%]\tmp87.tmp.exe
[%PROFILE_TEMP%]\tmpA.tmp.exe
[%PROFILE_TEMP%]\tmpAF.tmp.exe
[%PROFILE_TEMP%]\tmpB.tmp.exe
[%PROFILE_TEMP%]\tmpCA.tmp.exe
[%PROFILE_TEMP%]\YPJDRDXF.0LL
[%SYSTEM%]\drmrss.dll
[%SYSTEM%]\dswnit.dll
[%SYSTEM%]\fltmon.dll
[%SYSTEM%]\icaahal.dll
[%SYSTEM%]\icaam32.dll
[%SYSTEM%]\igfPAT.dll
[%SYSTEM%]\kbdock.dll.ren
[%SYSTEM%]\mqsvxx.dll
[%SYSTEM%]\mswiew.dll
[%SYSTEM%]\ssqpn.exe
[%SYSTEM%]\tmp1.tmp.dll
[%SYSTEM%]\tmp10C.tmp.dll
[%SYSTEM%]\tmp11.tmp.dll
[%SYSTEM%]\tmp119.tmp.dll
[%SYSTEM%]\tmp12.tmp.dll
[%SYSTEM%]\tmp142.tmp.dll
[%SYSTEM%]\tmp143.tmp.dll
[%SYSTEM%]\tmp16.tmp.dll
[%SYSTEM%]\tmp167.tmp.dll
[%SYSTEM%]\tmp17.tmp.dll
[%SYSTEM%]\tmp18B.tmp.dll
[%SYSTEM%]\tmp19.tmp.dll
[%SYSTEM%]\tmp1AB.tmp.dll
[%SYSTEM%]\tmp1B9.tmp.dll
[%SYSTEM%]\tmp1C.tmp.dll
[%SYSTEM%]\tmp1D.tmp.dll
[%SYSTEM%]\tmp2.tmp.dll
[%SYSTEM%]\tmp230.tmp.dll
[%SYSTEM%]\tmp23E.tmp.dll
[%SYSTEM%]\tmp296.tmp.dll
[%SYSTEM%]\tmp2B.tmp.dll
[%SYSTEM%]\tmp34.tmp.dll
[%SYSTEM%]\tmp38.tmp.dll
[%SYSTEM%]\tmp3C.tmp.dll
[%SYSTEM%]\tmp3E1.tmp.dll
[%SYSTEM%]\tmp3E7.tmp.dll
[%SYSTEM%]\tmp3EF.tmp.dll
[%SYSTEM%]\tmp4.tmp.dll
[%SYSTEM%]\tmp42.tmp.dll
[%SYSTEM%]\tmp44.tmp.dll
[%SYSTEM%]\tmp4B.tmp.dll
[%SYSTEM%]\tmp5.tmp.dll
[%SYSTEM%]\tmp54.tmp.dll
[%SYSTEM%]\tmp55.tmp.dll
[%SYSTEM%]\tmp59.tmp.dll
[%SYSTEM%]\tmp5E.tmp.dll
[%SYSTEM%]\tmp61.tmp.dll
[%SYSTEM%]\tmp65.tmp.dll
[%SYSTEM%]\tmp68.tmp.dll
[%SYSTEM%]\tmp7.tmp.dll
[%SYSTEM%]\tmp83.tmp.dll
[%SYSTEM%]\tmp87.tmp.dll
[%SYSTEM%]\tmp9.tmp.dll
[%SYSTEM%]\tmp95.tmp.dll
[%SYSTEM%]\tmp9C0.tmp.dll
[%SYSTEM%]\tmpA.tmp.dll
[%SYSTEM%]\tmpA2.tmp.dll
[%SYSTEM%]\tmpAF.tmp.dll
[%SYSTEM%]\tmpB.tmp.dll
[%SYSTEM%]\tmpCA.tmp.dll
[%SYSTEM%]\tmpD.tmp.dll
[%SYSTEM%]\tmpD6.tmp.dll
[%SYSTEM%]\tmpD8.tmp.dll
[%SYSTEM%]\tmpDC.tmp.dll
[%SYSTEM%]\tmpF.tmp.dll
[%SYSTEM%]\tmpFF.tmp.dll
[%SYSTEM%]\WgaTKED.dll
[%SYSTEM%]\wnstssv.exe
[%SYSTEM%]\__c001E9B5.dat
[%DESKTOP%]\tmp12.tmp.exe
[%SYSTEM%]\daxsnp.dll
[%SYSTEM%]\tmp1B2.tmp.dll
Registry Keys:
HKEY_CLASSES_ROOT\CLSID\{4E86A50B-A7FF-4cae-B8B7-28A13B6D46F0}
HKEY_CLASSES_ROOT\CLSID\{57E218E6-5A80-4f0c-AB25-83598F25D7E9}
HKEY_CLASSES_ROOT\CLSID\{67C55A8D-E808-4caa-9EA7-F77102DE0BB6}
HKEY_CLASSES_ROOT\clsid\{8a06a1a7-9e64-4359-8556-b6ea03d69814}
HKEY_CLASSES_ROOT\CLSID\{E03C740E-BB24-4d3c-B92A-6F84DE1DD99C}
HKEY_CURRENT_USER\software\microsoft\dinf
HKEY_LOCAL_MACHINE\software\microsoft\dfc
HKEY_LOCAL_MACHINE\software\microsoft\dinf
HKEY_LOCAL_MACHINE\software\microsoft\dnident
HKEY_LOCAL_MACHINE\software\microsoft\dstr5
HKEY_LOCAL_MACHINE\software\microsoft\rasap2k
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\\{67c55a8d-e808-4caa-9ea7-f77102de0bb6}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\\{e03c740e-bb24-4d3c-b92a-6f84de1dd99c}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E86A50B-A7FF-4cae-B8B7-28A13B6D46F0}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57E218E6-5A80-4f0c-AB25-83598F25D7E9}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{8a06a1a7-9e64-4359-8556-b6ea03d69814}
HKEY_CLASSES_ROOT\clsid\{10b2e556-744a-40e0-a38f-f501262475be}
HKEY_CLASSES_ROOT\clsid\{1f6581d5-aa53-4b73-a6f9-41420c6b61f1}
HKEY_CLASSES_ROOT\clsid\{4a1e9c5d-55c0-4a57-8868-4a92777bb94e}
HKEY_CLASSES_ROOT\clsid\{4e86a50b-a7ff-4cae-b8b7-28a13b6d46f0}
HKEY_CLASSES_ROOT\clsid\{57e218e6-5a80-4f0c-ab25-83598f25d7e9}
HKEY_CLASSES_ROOT\clsid\{67c55a8d-e808-4caa-9ea7-f77102de0bb6}
HKEY_CLASSES_ROOT\clsid\{6b58f8b9-a209-4b30-a177-d91a7a6e28e6}
HKEY_CLASSES_ROOT\clsid\{797811be-79b2-4909-860a-ac7972b10c83}
HKEY_CLASSES_ROOT\clsid\{816bdd15-b149-4667-b942-1d33f7df7f21}
HKEY_CLASSES_ROOT\clsid\{bad2b22b-a3c3-421c-b591-6703037084e4}
HKEY_CLASSES_ROOT\clsid\{c6039e6c-bde9-4de5-bb40-768caa584fdc}
HKEY_CLASSES_ROOT\clsid\{d38439ec-4a75-42b4-90c2-d810d7778fdd}
HKEY_CLASSES_ROOT\clsid\{e03c740e-bb24-4d3c-b92a-6f84de1dd99c}
HKEY_LOCAL_MACHINE\software\microsoft\jn_tr_0a56a554
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\daxsnp
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{10b2e556-744a-40e0-a38f-f501262475be}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{1f6581d5-aa53-4b73-a6f9-41420c6b61f1}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4a1e9c5d-55c0-4a57-8868-4a92777bb94e}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4e86a50b-a7ff-4cae-b8b7-28a13b6d46f0}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{57e218e6-5a80-4f0c-ab25-83598f25d7e9}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6b58f8b9-a209-4b30-a177-d91a7a6e28e6}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{797811be-79b2-4909-860a-ac7972b10c83}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{816bdd15-b149-4667-b942-1d33f7df7f21}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{bad2b22b-a3c3-421c-b591-6703037084e4}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{c6039e6c-bde9-4de5-bb40-768caa584fdc}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{d38439ec-4a75-42b4-90c2-d810d7778fdd}
Removing Darksma:
You can download trial version of "Exterminate-It" antivirus software here, to check your computer instantly.
Or buy it to remove ALL viruses from your computer.Also Be Aware of the Following Threats:
PopUpDefence BHO Cleaner
Pynix Adware Removal
Dipti Backdoor Information
Removing Anti.MSN Backdoor
No comments:
Post a Comment