SearchNugget.DNSCatcher Adware Profile

Title: SearchNugget.DNSCatcher

Also Known as: Shorty.Gopher

Severity scale: 71 (71 / 100)

DNSCatcher is a Browser Hijacker program disguised as a search assistant toolbar.  It is set to run every time Windows starts, making it hard for some adware removal tools to kill it.  It also tries to disable regedit.exe and regedit32.exe to prevent removal.  It also opens the installation file for reading in order to prevent it from getting deleted.

It also sets the Internet Explorer browser to “Offline browsing” so it can hijack it.  Instead of search results from the normal search engines, it shows its advertised search results from www.maxifind.com.  It was created by searchnugget.com, though it can be assumed that it can be transmitted from other sites, and can be bundled with other software.

DNSCatcher should be immediately removed from your computer.  Not all spyware removal tools are able to safely and effectively remove it.  SpyZooka is able to successfully and consistently remove DNSCatcher.

Download SearchNugget.DNSCatcher Remover

Also Known As:

Shorty,
AGENT.FD TROJAN,
Adware.Shorty,
Shorty.Gopher,
AdWare.Win32.Maxifiles.j,
Adware/Maxifiles,
dnscatcher.exe,
Adware.W32.Shorty.Gopher

Associated Files:

%CommonProgramFiles%services.exe,
%CommonProgramFiles%system32.dll,
%Temp%version.txt,
%ProgramFiles%Catcher.dll,
%ProgramFiles%gui.exe,
%ProgramFiles%cwebpage.dll,
%ProgramFiles%version.txt,
%ProgramFiles%x.bmp,
%ProgramFiles%*.dat

HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun “DNS” = “%CommonProgramFiles%[FILE NAME].exe”

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem “DisableRegistryTools” = “0″

HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionInternet Settings “GlobalUserOffline” = “0″

HKEY_LOCAL_MACHINESOFTWAREClassesCLSID {11A4CA8C-A8B9-49c2-A6D3-3F64C9EEBAE6}

HKEY_LOCAL_MACHINESOFTWAREClassesInterface {31CA5C07-7F5F-4502-8C77-99A91558ADD0}

HKEY_LOCAL_MACHINESOFTWAREClassesTypeLib {223A26D8-9F91-42F6-8ED3-094B637DE020}

HKEY_LOCAL_MACHINESOFTWAREClassesShorty.Gopher

HKEY_LOCAL_MACHINESOFTWAREClassesShorty.Gopher.1

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects {11A4CA8C-A8B9-49c2-A6D3-3F64C9EEBAE6}

HKEY_CURRENT_USERSoftwareDNS

Download SearchNugget.DNSCatcher Remover
 

Leave a Reply

Yes Scan My PcFor FREE!

  • AlphaAV

    AlphaAV is a rogue antivirus application that is promoted through Trojan horse programs. They download it and install it secretly, then the user is bombarded with false security alerts and phony scans. The scans will inevitably generate bogus results and then pressure the user into paying to register the useless program.
    If purchased, the user will [...]

  • NetSpy

    Net Spy is known as a keylogger. This means that it records every keystroke made and sends it to a remote users. It is marketed as commercial surveillance software that tracks keystrokes, takes screen shots, and records addresses of various sites visited by the infected computer. Click the button below for a free scan to [...]

  • Acontix

    Acontix is an adware that places itself on your computer and may hack your browser, which causes it to redirect to questionable websites. Acontix displays pornographic and adult content as well as intrusive third-party advertisements. These malicious applications allow the hacker to take control of your PC, and gain access to personal information such as [...]

  • Afcore

    Afcore is a backdoor Trojan that poses a high threat to your computer, as it gives control of the system over to the hacker without your knowledge. Upon installation, Afcore can be instructed to send, receive, and delete files. It can also gather information that is confidential and transfer this information to remote locations. Afcore [...]

© 2010 SpyZooka Blog – Easy Spyware Removal All rights reserved. Powered by Wordpress. Designed by Woo Themes