Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: A spyware called darkonia?

  1. #1
    Junior Member
    Join Date
    Feb 2007
    Posts
    12

    Default A spyware called darkonia?

    spybot tells me one of my bookmarks has a spyware called darkonia, of which is not in any threat catolouge i've looked through, it says one of my bookmarks has it, so i tried to get rid of the bookmark through spybot, so i went back to the site and bookmarked it again and it game me the same threat message, so what is darkonia and why does it keep appearing even after i delete it with spybot and get the same bookmark again, note: i've had this bookmark over a year and have had no problems with it

  2. #2
    Member of Team Spybot Buster's Avatar
    Join Date
    Oct 2005
    Location
    Bochum/Germany
    Posts
    389

    Default

    Please post your scan results. To do so, right click into the results window and select "Copy results to clipboard". Thanks in advance!
    "The advantage of wisdom is that you can always act the fool. The opposite is quite tough."

    K. Tucholsky

    _______________________________________________________________

    Please help us improve Spybot and download our distributed testing client.

  3. #3
    Junior Member
    Join Date
    Feb 2007
    Posts
    12

    Default

    Darkonia: Bookmark (Internet Explorer: Matt) (Bookmark, nothing done)


    Log: Shutdown: System32\wbem\logs\wbemess.log (Backup file, nothing done)
    C:\WINDOWS\System32\wbem\logs\wbemess.log

    MS Media Player: Anonymous ID (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1957994488-602609370-839522115-1003\Software\Microsoft\MediaPlayer\Preferences\SendUserGUID!=B=0

    MS Direct3D: Most recent application (Registry change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name!=

    MS DirectDraw: Most recent application (Registry change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name!=

    MS DirectInput: Most recent application (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1957994488-602609370-839522115-1003\Software\Microsoft\DirectInput\MostRecentApplication\Name!=

    MS DirectInput: Most recent application ID (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1957994488-602609370-839522115-1003\Software\Microsoft\DirectInput\MostRecentApplication\Id!=

    Windows Explorer: User Assistant history IE (1 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1957994488-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

    Windows Explorer: User Assistant history files (11 files) (Registry key, nothing done)
    HKEY_USERS\S-1-5-21-1957994488-602609370-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

    Windows Media SDK: Computer name (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1957994488-602609370-839522115-1003\Software\Microsoft\Windows Media\WMSDK\General\ComputerName!=ComputerName

    Windows Media SDK: Unique ID (Registry change, nothing done)
    HKEY_USERS\S-1-5-21-1957994488-602609370-839522115-1003\Software\Microsoft\Windows Media\WMSDK\General\UniqueID!={00000000-0000-0000-0000-000000000000}

    Windows Media SDK: Volume serial number (Registry value, nothing done)
    HKEY_USERS\S-1-5-21-1957994488-602609370-839522115-1003\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

    Cookie: Cookie (9) (Cookie, nothing done)


    Cache: Cache (969) (Cache, nothing done)



    --- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

    2005-05-31 blindman.exe (1.0.0.1)
    2005-05-31 SpybotSD.exe (1.4.0.3)
    2005-05-31 TeaTimer.exe (1.4.0.2)
    2006-11-20 unins000.exe (51.41.0.0)
    2005-05-31 Update.exe (1.4.0.0)
    2007-01-02 advcheck.dll (1.2.0.0)
    2005-05-31 aports.dll (2.1.0.0)
    2005-05-31 borlndmm.dll (7.0.4.453)
    2005-05-31 delphimm.dll (7.0.4.453)
    2005-05-31 SDHelper.dll (1.4.0.0)
    2007-01-02 Tools.dll (2.0.1.0)
    2005-05-31 UnzDll.dll (1.73.1.1)
    2005-05-31 ZipDll.dll (1.73.2.0)
    2007-02-02 Includes\Cookies.sbi (*)
    2006-12-08 Includes\Dialer.sbi (*)
    2007-02-02 Includes\DialerC.sbi (*)
    2006-11-24 Includes\Hijackers.sbi (*)
    2007-02-02 Includes\HijackersC.sbi (*)
    2006-10-27 Includes\Keyloggers.sbi (*)
    2007-02-02 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2007-01-12 Includes\Malware.sbi (*)
    2007-02-02 Includes\MalwareC.sbi (*)
    2007-01-19 Includes\PUPS.sbi (*)
    2007-02-02 Includes\PUPSC.sbi (*)
    2007-02-02 Includes\Revision.sbi (*)
    2006-12-08 Includes\Security.sbi (*)
    2007-02-02 Includes\SecurityC.sbi (*)
    2007-02-02 Includes\Spybots.sbi (*)
    2007-02-02 Includes\SpybotsC.sbi (*)
    2005-02-17 Includes\Tracks.uti (*)
    2006-12-08 Includes\Trojans.sbi (*)
    2007-02-02 Includes\TrojansC.sbi (*)

  4. #4
    Junior Member
    Join Date
    Feb 2007
    Posts
    12

    Default

    ok now what?

  5. #5
    Member of Team Spybot Buster's Avatar
    Join Date
    Oct 2005
    Location
    Bochum/Germany
    Posts
    389

    Default

    Did you already download the latest updates, which have been released yesterday?
    "The advantage of wisdom is that you can always act the fool. The opposite is quite tough."

    K. Tucholsky

    _______________________________________________________________

    Please help us improve Spybot and download our distributed testing client.

  6. #6
    Junior Member
    Join Date
    Feb 2007
    Posts
    12

    Default

    yes i did everything is up to date on spybot

  7. #7
    Spybot Advisor Team [Retired] md usa spybot fan's Avatar
    Join Date
    Oct 2005
    Posts
    5,859

    Default

    naraku4656:

    With the latest updates you should have these dates (see items marked in red):

    --- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

    2005-05-31 blindman.exe (1.0.0.1)
    2005-05-31 SpybotSD.exe (1.4.0.3)
    2005-05-31 TeaTimer.exe (1.4.0.2)
    2006-01-16 unins000.exe (51.41.0.0)
    2005-05-31 Update.exe (1.4.0.0)
    2007-01-15 advcheck.dll (1.2.1.0)
    2005-05-31 aports.dll (2.1.0.0)
    2005-05-31 borlndmm.dll (7.0.4.453)
    2005-05-31 delphimm.dll (7.0.4.453)
    2005-05-31 SDHelper.dll (1.4.0.0)
    2007-01-02 Tools.dll (2.0.1.0)
    2005-05-31 UnzDll.dll (1.73.1.1)
    2005-05-31 ZipDll.dll (1.73.2.0)
    2007-02-07 Includes\Cookies.sbi (*)
    2006-12-08 Includes\Dialer.sbi (*)
    2007-02-07 Includes\DialerC.sbi (*)
    2007-02-07 Includes\Hijackers.sbi (*)
    2007-02-07 Includes\HijackersC.sbi (*)
    2006-10-27 Includes\Keyloggers.sbi (*)
    2007-02-07 Includes\KeyloggersC.sbi (*)
    2007-01-12 Includes\Malware.sbi (*)
    2007-02-07 Includes\MalwareC.sbi (*)
    2007-01-19 Includes\PUPS.sbi (*)
    2007-02-07 Includes\PUPSC.sbi (*)
    2007-02-07 Includes\Revision.sbi (*)
    2006-12-08 Includes\Security.sbi (*)
    2007-02-07 Includes\SecurityC.sbi (*)
    2007-02-02 Includes\Spybots.sbi (*)
    2007-02-07 Includes\SpybotsC.sbi (*)
    2005-02-17 Includes\Tracks.uti
    2006-12-08 Includes\Trojans.sbi (*)
    2007-02-07 Includes\TrojansC.sbi (*)

    Getting an answer is one thing, learning is another.


    Microsoft Windows XP Home Edition running on a 2.40GHz IntelŪ PentiumŪ 4 Processor with 512 MB of RAM and a 533 MHz System Bus.

  8. #8
    Junior Member
    Join Date
    Feb 2007
    Posts
    12

    Default

    your right, at the time of the thrid scan (listed on site) no i did not have those updates, i have them now and i still get darkonia

  9. #9
    Junior Member
    Join Date
    Feb 2007
    Posts
    12

    Default

    here is the reposted resultes post updates:

    Darkonia: Bookmark (Internet Explorer: Matt) (Bookmark, nothing done)





    --- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

    2005-05-31 blindman.exe (1.0.0.1)
    2005-05-31 SpybotSD.exe (1.4.0.3)
    2005-05-31 TeaTimer.exe (1.4.0.2)
    2006-11-20 unins000.exe (51.41.0.0)
    2005-05-31 Update.exe (1.4.0.0)
    2007-01-02 advcheck.dll (1.2.0.0)
    2005-05-31 aports.dll (2.1.0.0)
    2005-05-31 borlndmm.dll (7.0.4.453)
    2005-05-31 delphimm.dll (7.0.4.453)
    2005-05-31 SDHelper.dll (1.4.0.0)
    2007-01-02 Tools.dll (2.0.1.0)
    2005-05-31 UnzDll.dll (1.73.1.1)
    2005-05-31 ZipDll.dll (1.73.2.0)
    2007-02-07 Includes\Cookies.sbi (*)
    2006-12-08 Includes\Dialer.sbi (*)
    2007-02-07 Includes\DialerC.sbi (*)
    2007-02-07 Includes\Hijackers.sbi (*)
    2007-02-07 Includes\HijackersC.sbi (*)
    2006-10-27 Includes\Keyloggers.sbi (*)
    2007-02-07 Includes\KeyloggersC.sbi (*)
    2004-11-29 Includes\LSP.sbi (*)
    2007-01-12 Includes\Malware.sbi (*)
    2007-02-07 Includes\MalwareC.sbi (*)
    2007-01-19 Includes\PUPS.sbi (*)
    2007-02-07 Includes\PUPSC.sbi (*)
    2007-02-07 Includes\Revision.sbi (*)
    2006-12-08 Includes\Security.sbi (*)
    2007-02-07 Includes\SecurityC.sbi (*)
    2007-02-02 Includes\Spybots.sbi (*)
    2007-02-07 Includes\SpybotsC.sbi (*)
    2005-02-17 Includes\Tracks.uti (*)
    2006-12-08 Includes\Trojans.sbi (*)
    2007-02-07 Includes\TrojansC.sbi (*)

  10. #10
    Member of Team Spybot Buster's Avatar
    Join Date
    Oct 2005
    Location
    Bochum/Germany
    Posts
    389

    Default

    I guess we found the reason for this detection. A fixed detection file will be released on Wednesday.
    "The advantage of wisdom is that you can always act the fool. The opposite is quite tough."

    K. Tucholsky

    _______________________________________________________________

    Please help us improve Spybot and download our distributed testing client.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •