Need help? Ask the community or hire an expert.
Go to Avira Answers
Date discovered:13/01/2014
In the wild:No
Reported Infections:Low
Distribution Potential:Low
Damage Potential:Low
Static file:Yes
File size:454.144 Bytes
MD5 checksum:1423ad91e8f9356477dddfbfb8eb9092
VDF version:
IVDF version:

 General Method of propagation:
   • No own spreading routine

   •  Kaspersky: not-a-virus:AdWare.MSIL.DomaIQ.abw
   •  Eset: MSIL/DomaIQ.J application
   •  DrWeb: Trojan.PayInt.30

It was previously detected as:
   •  Adware/DomaIQ.306183

 Files It copies itself to the following location:
   • %TEMPDIR%\parent.txt

The following files are created:

– Non malicious file:
   • %TEMPDIR%\111.txt

%TEMPDIR%\%random character string%.exe Furthermore it gets executed after it was fully created. Further investigation pointed out that this file is malware, too. Detected as: ADWARE/DomaIQ.6144

 Miscellaneous Accesses internet resources:

Description inserted by Andrei Gherman on Tuesday, January 14, 2014
Description updated by Andrei Gherman on Tuesday, January 14, 2014

Back . . . .