Possible DarkSky RAT?

Discussion in 'Trojan Defence Suite' started by beetlejuice, Oct 20, 2002.

Thread Status:
Not open for further replies.
  1. beetlejuice

    beetlejuice Registered Member

    Joined:
    Oct 12, 2002
    Posts:
    8,523
    :doubt: Ran a scan with TDS and received the following.
    RegVal Trace: RAT. DarkSky. This is residing in the registry under HKEY_LOCAL_MACHINE\ Software\Microsoft\ Windows\CurrentVersion\Run C:WINDOWS=Taskmon. I have tried to delete it with TDS, but it won't. Is it safe to delete this registry entry manually? The program? Will doing this mess up my computer? :doubt: Any help would be appreciated. Thank You. Steve
     
  2. beetlejuice

    beetlejuice Registered Member

    Joined:
    Oct 12, 2002
    Posts:
    8,523
    o_O After downloading the latest database update 10/20/02 and running a scan, DarkSky doesn't show up.
     
  3. FanJ

    FanJ Guest

    Hi Steve,

    It could have been a fixed false alert. To be sure we have to ask Gavin/Wayne about it.
     
  4. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    18,133
    Location:
    New England
    Steve,

    We've moved you over to the TDS Forum on the thought that this may have been either a false positive, or, that if you do have this on your system, you may use TDS to repair it, anyway.

    Best Wishes,
    LowWaterMark
     
  5. FanJ

    FanJ Guest

    Yes, it was a false positive.

    Quoting Gavin from the private DCS forum:

    "This erroneous entry was only in the database for a short time, as soon as I was notified by one of the early updaters I removed it and this fixed the problem, thanks for letting me know again".

    PS: The error was in 17 october's update and very soon after the same 17-october-update repaired.
     
  6. beetlejuice

    beetlejuice Registered Member

    Joined:
    Oct 12, 2002
    Posts:
    8,523
    :D Thanks too everyone for your assistance and information about this. It had me a little worried. :D
    Steve
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.