Possible DarkSky RAT?

Discussion in 'Trojan Defence Suite' started by beetlejuice, Oct 20, 2002.

Thread Status:
Not open for further replies.
  1. beetlejuice

    beetlejuice Registered Member

    Joined:
    Oct 12, 2002
    Posts:
    8,523
    :doubt: Ran a scan with TDS and received the following.
    RegVal Trace: RAT. DarkSky. This is residing in the registry under HKEY_LOCAL_MACHINE\ Software\Microsoft\ Windows\CurrentVersion\Run C:WINDOWS=Taskmon. I have tried to delete it with TDS, but it won't. Is it safe to delete this registry entry manually? The program? Will doing this mess up my computer? :doubt: Any help would be appreciated. Thank You. Steve
     
  2. beetlejuice

    beetlejuice Registered Member

    Joined:
    Oct 12, 2002
    Posts:
    8,523
    o_O After downloading the latest database update 10/20/02 and running a scan, DarkSky doesn't show up.
     
  3. FanJ

    FanJ Guest

    Hi Steve,

    It could have been a fixed false alert. To be sure we have to ask Gavin/Wayne about it.
     
  4. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,877
    Location:
    New England
    Steve,

    We've moved you over to the TDS Forum on the thought that this may have been either a false positive, or, that if you do have this on your system, you may use TDS to repair it, anyway.

    Best Wishes,
    LowWaterMark
     
  5. FanJ

    FanJ Guest

    Yes, it was a false positive.

    Quoting Gavin from the private DCS forum:

    "This erroneous entry was only in the database for a short time, as soon as I was notified by one of the early updaters I removed it and this fixed the problem, thanks for letting me know again".

    PS: The error was in 17 october's update and very soon after the same 17-october-update repaired.
     
  6. beetlejuice

    beetlejuice Registered Member

    Joined:
    Oct 12, 2002
    Posts:
    8,523
    :D Thanks too everyone for your assistance and information about this. It had me a little worried. :D
    Steve
     
Thread Status:
Not open for further replies.