Need help? Ask the community or hire an expert.
Go to Avira Answers
Virus:APPL/DomaIQ.306183
Date discovered:13/01/2014
Type:Application
In the wild:No
Reported Infections:Low
Distribution Potential:Low
Damage Potential:Low
Static file:Yes
File size:454.144 Bytes
MD5 checksum:1423ad91e8f9356477dddfbfb8eb9092
VDF version:7.11.125.12
IVDF version:7.11.125.12

 General Method of propagation:
   • No own spreading routine


Aliases:
   •  Kaspersky: not-a-virus:AdWare.MSIL.DomaIQ.abw
   •  Eset: MSIL/DomaIQ.J application
     DrWeb: Trojan.PayInt.30

It was previously detected as:
     Adware/DomaIQ.306183

 Files It copies itself to the following location:
   • %TEMPDIR%\parent.txt



The following files are created:

Non malicious file:
   • %TEMPDIR%\111.txt

%TEMPDIR%\%random character string%.exe Furthermore it gets executed after it was fully created. Further investigation pointed out that this file is malware, too. Detected as: ADWARE/DomaIQ.6144

 Miscellaneous Accesses internet resources:
   • http://track.secdls.com/debug/Version/4_0_6_320/trace/Start
   • http://track.secdls.com/debugMessage/

Description inserted by Andrei Gherman on Tuesday, January 14, 2014
Description updated by Andrei Gherman on Tuesday, January 14, 2014

Back . . . .