SearchNugget.DNSCatcher Adware Profile
DNSCatcher is a Browser Hijacker program disguised as a search assistant toolbar. It is set to run every time Windows starts, making it hard for some adware removal tools to kill it. It also tries to disable regedit.exe and regedit32.exe to prevent removal. It also opens the installation file for reading in order to prevent it from getting deleted.
It also sets the Internet Explorer browser to “Offline browsing” so it can hijack it. Instead of search results from the normal search engines, it shows its advertised search results from www.maxifind.com. It was created by searchnugget.com, though it can be assumed that it can be transmitted from other sites, and can be bundled with other software.
DNSCatcher should be immediately removed from your computer. Not all spyware removal tools are able to safely and effectively remove it. SpyZooka is able to successfully and consistently remove DNSCatcher.
Also Known As:
Shorty,
AGENT.FD TROJAN,
Adware.Shorty,
Shorty.Gopher,
AdWare.Win32.Maxifiles.j,
Adware/Maxifiles,
dnscatcher.exe,
Adware.W32.Shorty.Gopher
Associated Files:
%CommonProgramFiles%services.exe,
%CommonProgramFiles%system32.dll,
%Temp%version.txt,
%ProgramFiles%Catcher.dll,
%ProgramFiles%gui.exe,
%ProgramFiles%cwebpage.dll,
%ProgramFiles%version.txt,
%ProgramFiles%x.bmp,
%ProgramFiles%*.dat
HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun “DNS” = “%CommonProgramFiles%[FILE NAME].exe”
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem “DisableRegistryTools” = “0”
HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionInternet Settings “GlobalUserOffline” = “0”
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID {11A4CA8C-A8B9-49c2-A6D3-3F64C9EEBAE6}
HKEY_LOCAL_MACHINESOFTWAREClassesInterface {31CA5C07-7F5F-4502-8C77-99A91558ADD0}
HKEY_LOCAL_MACHINESOFTWAREClassesTypeLib {223A26D8-9F91-42F6-8ED3-094B637DE020}
HKEY_LOCAL_MACHINESOFTWAREClassesShorty.Gopher
HKEY_LOCAL_MACHINESOFTWAREClassesShorty.Gopher.1
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects {11A4CA8C-A8B9-49c2-A6D3-3F64C9EEBAE6}
HKEY_CURRENT_USERSoftwareDNS