SearchNugget.DNSCatcher Adware Profile

DNSCatcher is a Browser Hijacker program disguised as a search assistant toolbar.  It is set to run every time Windows starts, making it hard for some adware removal tools to kill it.  It also tries to disable regedit.exe and regedit32.exe to prevent removal.  It also opens the installation file for reading in order to prevent it from getting deleted.

It also sets the Internet Explorer browser to “Offline browsing” so it can hijack it.  Instead of search results from the normal search engines, it shows its advertised search results from www.maxifind.com.  It was created by searchnugget.com, though it can be assumed that it can be transmitted from other sites, and can be bundled with other software.

DNSCatcher should be immediately removed from your computer.  Not all spyware removal tools are able to safely and effectively remove it.  SpyZooka is able to successfully and consistently remove DNSCatcher.

Also Known As:

Shorty,
AGENT.FD TROJAN,
Adware.Shorty,
Shorty.Gopher,
AdWare.Win32.Maxifiles.j,
Adware/Maxifiles,
dnscatcher.exe,
Adware.W32.Shorty.Gopher

Associated Files:

%CommonProgramFiles%services.exe,
%CommonProgramFiles%system32.dll,
%Temp%version.txt,
%ProgramFiles%Catcher.dll,
%ProgramFiles%gui.exe,
%ProgramFiles%cwebpage.dll,
%ProgramFiles%version.txt,
%ProgramFiles%x.bmp,
%ProgramFiles%*.dat

HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun “DNS” = “%CommonProgramFiles%[FILE NAME].exe”

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem “DisableRegistryTools” = “0”

HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionInternet Settings “GlobalUserOffline” = “0”

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID {11A4CA8C-A8B9-49c2-A6D3-3F64C9EEBAE6}

HKEY_LOCAL_MACHINESOFTWAREClassesInterface {31CA5C07-7F5F-4502-8C77-99A91558ADD0}

HKEY_LOCAL_MACHINESOFTWAREClassesTypeLib {223A26D8-9F91-42F6-8ED3-094B637DE020}

HKEY_LOCAL_MACHINESOFTWAREClassesShorty.Gopher

HKEY_LOCAL_MACHINESOFTWAREClassesShorty.Gopher.1

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects {11A4CA8C-A8B9-49c2-A6D3-3F64C9EEBAE6}

HKEY_CURRENT_USERSoftwareDNS

Download Free Scan

Leave a Reply

Your email address will not be published. Required fields are marked *

Products

Contact

css.php