Home / Spyware Encyclopedia / Backdoor.DarkMoon << Back

Recommendation to Automatically remove Backdoor.DarkMoon


Our products can remove Backdoor.DarkMoon and thousands of other Virus and Spyware automatically and instantly.

Backdoor.DarkMoon Details


  • Category Backdoor
  • Discovered 2/14/2008 10:47:00 AM
  • Modified 10/11/2024 3:28:28 PM
  • Threat Level Critical
  • Category Description
    A Backdoor is a software program that gives an attacker unauthorized access to a machine and the means for remotely controlling the machine without the user's knowledge. A Backdoor compromises system integrity by making changes to the system that allow it to be used by the attacker for malicious purposes unknown to the user.

The following Files were created:
VALUEFILESIZECOMPANYNAMEVERSIONSIGNATUREDate
A011794B.EXE 528384TeamSpeak Systems2.0.33.78e347f74633336432587fb0ec1f9cedb 
FA270CF2.EXE 528384TeamSpeak Systems2.0.33.73cfa33140876893278ea8d140a9d2ad8 
lodcst.exe 101376shml1.0.0.1180d5a045e390f4166496083c630edfd 
ddade024.exe 2448896b e a v___ (beaving) (c)2.0.32.60fb996dd92446676a545b927895bfe5a5 
F8241736.EXE 137379  fe954377cefb83ad264e5eb4c50aa49d 
080b8965.exe 38026  fbf13cbcf6bc78ed1036aa16828282d7 
90060cac.exe 198852  efdc9d09623ab5f9b161d0d637bf7420 
adaa630d.exe 48263  ecdd6d22159a42c871bb372d3e8766dc 
405420C5.DLL 163840  ec8b9da5c922539a305c664fd1ec33e6 
9dbac685.exe 95425  e86ce81fcb6fe8c490fe049445360fe1 

The following Registry Entries were created:
..\System\CurrentControlSet\Enum\root\legacy_ntndis\(Default)
..\Software\Microsoft\Windows\CurrentVersion\Run\\"EXPLORER"\"0000.EXE"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"EXPLORER"\"EXPL0RER.EXE"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"Microsoft"\"%WIN%\@@@\darwin305.EXE"
..\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\"%WIN.SYS32.DRIVERS%\ntndis.exe"\"%WIN.SYS32.DRIVERS%\ntndis.exe:*:Enabled:Control"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"Microsoft"\"Microsoft.EXE"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"Microsoft"\"%WIN%\@@@\WIN32.EXE"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"Microsoft"\"%WIN%\ton\winnap.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"wscntfy"\"wscntfy.exe"
..\Software\Microsoft\active setup\installed components\{05055098-745f-7747-0503-040604010702}\(Default)

Notice
Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically by tools in our malware Research Lab as a result of executing Spyware Files or browsing Internet in virtual environment. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Antivirus. We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.

Home / Malware Encyclopedia << Back

Max Total Security can detect & quarantine this Malware


Useful Links

Copyright © 2022 Max Secure Software. All rights reserved.