Threat Search: 

ThreatExpert's Statistics for Backdoor.Darkmoon [PC Tools]:

Backdoor.Darkmoon [PC Tools] is also known as:
Threat AliasNumber of Incidents
Backdoor.Darkmoon [Symantec]21
Generic Dropper.gi.gen [McAfee]8
VirTool:Win32/VBInject.gen!AN [Microsoft]8
Backdoor:Win32/Poison.M [Microsoft]4
Mal/Generic-A, Mal/EncPk-JU [Sophos]4
Trojan.Win32.Buzus.bxxq [Kaspersky Lab]4
VirTool:Win32/CeeInject.gen!J [Microsoft]4
W32/Patcher [McAfee]4
Win-Trojan/Buzus.18944.AO [AhnLab]4
Backdoor [Ikarus]1
Backdoor.Win32.DarkMoon.BE [Ikarus]1
Backdoor.Win32.Poison [Ikarus]1
Backdoor.Win32.Poison.pg [Kaspersky Lab]1
Backdoor:Win32/Poisonivy.H [Microsoft]1
BackDoor-EKJ [McAfee]1
Constructor.Win32.Bifrose.j [Kaspersky Lab]1
Downloader [Symantec]1
Generic.dx [McAfee]1
Mal/Delf-M [Sophos]1
Mal/Generic-A [Sophos]1
Trojan-Dropper.Win32.Agent.bkxs [Kaspersky Lab]1

Backdoor.Darkmoon [PC Tools] has the following possible countries of origin:
OriginNumber of Incidents
China3
Saudi Arabia1
Sweden1

Backdoor.Darkmoon [PC Tools] is known to be created as:
%System%\dllcache\mspmsnsv.dll
%System%\pe.dll
%System%\regkey.exe
%System%\sens32.dll
%System%\zdfangyu.exe
%Windir%\system32:msnmsgr.exe
c:\windows:system.exe
Notes:
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.