Need help? Ask the community or hire an expert.
Go to Avira Answers
Virus:APPL/DomaIQ.306183
Date discovered:12/01/2014
Type:Application
In the wild:No
Reported Infections:Low
Distribution Potential:Low
Damage Potential:Low
Static file:Yes
File size:453.632 Bytes
MD5 checksum:9b21b34077fd47ceb70559b901734819
VDF version:7.11.124.230 - Monday, January 13, 2014
IVDF version:7.11.124.230 - Monday, January 13, 2014

 General Method of propagation:
   • No own spreading routine


Aliases:
   •  Kaspersky: not-a-virus:AdWare.MSIL.DomaIQ.abw
   •  Eset: MSIL/DomaIQ.AV application
     DrWeb: Trojan.PayInt.27

It was previously detected as:
     TR/Kazy.306183.18
     Adware/DomaIQ.3061794


Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows Server 2008
    Windows 7

 Files It copies itself to the following location:
   • %TEMPDIR%\parent.txt



The following files are created:

Non malicious file:
   • %TEMPDIR%\111.txt

%TEMPDIR%\%random character string%.exe Furthermore it gets executed after it was fully created. Further investigation pointed out that this file is malware, too. Detected as: ADWARE/DomaIQ.6144

 Miscellaneous Accesses internet resources:
   • http://track.secdls.com/debug/Version/4_0_6_320/trace/Start
   • http://track.secdls.com/debugMessage/

Description inserted by Andrei Gherman on Tuesday, January 14, 2014
Description updated by Andrei Gherman on Tuesday, January 14, 2014

Back . . . .