 |
Home
Articles
Spyware Research
Support
Scan Now
Purchase
F.A.Q.
Top 25 Spyware:
Glossary Latest Detections  |
 |
Trojan/Adware/Toolbar/TrojanDownloader.Win32Alias: MediaLoads or ClipGenie. This is actually an application loaded by DownloadWare which shows any videos or pictures DW has downloaded. However DownloadWare is also now being marketed under both these names as well as its own., TrojanDownloader.Win32.VB.ah, Win32/TrojanDownloader.Realtens.E trojan, Win32.BettInet.F, Adware/DownloadWare, DownloadWare
Description: From the publisher: 'DownloadWare is a download accelerator that features intelligent multipart downloading technology. DownloadWare can create, add, and modify multiple connections for each download based on your current speed and available bandwidth. DownloadWare?s error recovery and download auto-resume capabilities mean that you will receive your files even if your connection is unexpectedly lost. DownloadWare can politely deliver downloaded music, videos, software applications and targeted advertising to your hard drive without slowing down your surfing experience. ' Threat type: Adware - Adware is a software application which displays advertisements on your computer. Advertisements can be displayed through pop-up / pop-under windows, additional bars or toolbars, underlined links or buttons that appear on a computer screen. Adware applications include additional code that delivers the ads. Adware authors earn money when users click on those ads. Occasionally, adware includes code that tracks user's site visits and passes it to third parties without the user's permission or knowledge. Downloader - A Downloader is a software application or part of the program which is designed to retrieve (download) and install additional files from the Internet. Malware programs often include Downloaders which allow the Malware to continually update themselves, thereby eluding detection. Search Hijacker - A Search Hijacker is a software application that takes control of your browser's default search engine. The search results may not necessarily be the best fit as those usually come from paid advertisements, as issued to you by the Hijacker authors. Search hijackers prevent you from changing your browser's default search engine, and they tend to slow down PC performance. Toolbar - A Toolbar is a group of buttons that performs different tasks. Unwanted toolbars are usually installed by adware programs that try to send users to their paying advertisers. Trojan - A Trojans or Trojan Horse is any programs that installs itself secretly, quite often with sinister intent. Once installed, the trojan author (hacker) can gain complete control of the infected PC. Trojans are usually designed to steal sensitive information and/or destroy the system. Trojans can be distributed as unsolicited email attachments, or bundled with freeware and shareware programs. Advice: Remove This is a very high risk threat and should be removed immediately as to prevent harm to your computer or your privacy. Detection: SpyNoMore detects Trojan/Adware/Toolbar/TrojanDownloader.Win32: Yes Threat risk: High Risk  Very dangerous malware. Can log user's keyboard activity and take snapshots of the user's screen. Uses stealth installation and removal is very difficult. Category includes spyware programs, adware programs and trojans. Symptoms:
Running Process Signatures: N/A File Signatures: %PROFILE%\local settings\temporary internet files\content.ie5\m6772vqj\dw[1].exe %WINDOWS%\digital signature 20040714.htm %PROFILE%\local settings\temporary internet files\content.ie5\kdezgtij\dw[2].exe %WINDOWS%\digital signature 20030807.htm %PROFILE%\local settings\temporary internet files\content.ie5\k5yfgler\dw[1].exe %WINDOWS%\downloaded program files\conflict.27\activeinstall.inf %WINDOWS%\digital signature 20040624.htm %PROFILE%\local settings\temporary internet files\content.ie5\4pq7052j\dw[1].exe %WINDOWS%\digital signature 20020802.htm %PROFILE%\local settings\temporary internet files\content.ie5\kdezgtij\dw[1].exe %WINDOWS%\digital signature 20031120.htm %PROFILE%\local settings\temporary internet files\content.ie5\sh2vwp2v\dw[1].exe c:\archivos de programa\downloadware\dw.exe %WINDOWS%\digital signature 20030720.htm %WINDOWS%\downloaded program files\activeinstall.inf %PROFILE%\local settings\temporary internet files\content.ie5\khirgp6n\dw[1].exe %WINDOWS%\downloaded program files\conflict.2\activeinstall.inf %WINDOWS%\digital signature 20020710.htm %PROFILE%\local settings\temporary internet files\content.ie5\o5u7kpqv\dw[1].exe Registered Dll (Dynamic Link Library) Signatures: N/A Folder Signatures: %PROGRAM_FILES%\real-tens %PROGRAM_FILES%\popcorn.net %PROGRAM_FILES%\downloadware %PROGRAM_FILES%\medch %PROGRAM_FILES%\movienetworks %PROGRAM_FILES%\mlh %PROGRAM_FILES%\kfh %PROGRAM_FILES%\downloadware engine Registry Signatures: HKLM\software\classes\typelib\{a8f92c35-530b-4907-922c-ce31d4b6b14a} HKLM\software\classes\interface\{a351d4b1-bf54-41f1-bec0-8a1c4ecd72c7} HKLM\software\classes\clsid\{26e8361f-bce7-4f75-a347-98c88b418322} HKLM\software\classes\interface\{26e8361f-bce7-4f75-a347-98c88b418321} HKLM\software\classes\typelib\{26e8361f-bce7-4f75-a347-98c88b418328} HKLM\software\classes\interface\{dae6416e-491d-11d5-ab93-00d0b760b4eb} HKU\.default\software\downloadware HKLM\software\microsoft\code store database\distribution units\{eb6afdab-e16d-430b-a5ee-0408a12289dc} HKLM\software\classes\typelib\{95b3af07-0e4f-4cdf-acfd-3d4efd9aec0b} HKLM\software\classes\typelib\{dae64161-491d-11d5-ab93-00d0b760b4eb} HKLM\software\classes\interface\{f5f0a448-2bcd-459e-8743-c39154ee1ca8} HKLM\software\classes\interface\{eb29cd69-7020-4d1d-a0be-72130dfba9f7} HKLM\software\classes\clsid\{c6958acd-d866-4349-9f7b-fdb73384f697} HKLM\software\classes\clsid\{9368d063-44be-49b9-bd14-bb9663fd38fc} HKCU\software\pagent HKCR\clsid\{eb6afdab-e16d-430b-a5ee-0408a12289dc} HKLM\software\microgaming HKLM\software\classes\appid\{d6be4255-97c9-4d5c-9801-91dadda92d81} HKLM\software\classes\clsid\{1717a4a5-d63a-4f70-b373-ae4aa46d1236} HKLM\software\downloadware HKLM\software\classes\clsid\{000007ab-7059-463e-bd44-101a1750d732} HKLM\software\classes\interface\{5c40012d-44ca-11d7-8411-0002a5f9d08e} HKLM\software\classes\interface\{c809ee32-c648-459b-9a99-5cb20f61dcfc} HKLM\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/activeinstall2.dll HKCU\software\downloadware HKLM\software\microsoft\windows\currentversion\uninstall\downloadware HKLM\software\classes\btieinscriptconfigproj.btieinscriptconfig HKLM\software\microsoft\windows\currentversion\uninstall\medialoads installer HKU\.default\software\webinstall HKCU\software\medialoads HKLM\software\classes\clsid\{b3be5046-8197-48fb-b89f-7c767316d03c} HKLM\software\classes\typelib\{d6be4255-97c9-4d5c-9801-91dadda92d81} HKLM\software\classes\typelib\{963f349d-8b15-4a3b-ac6a-6e1958b21e20} HKLM\software\mlh HKLM\software\classes\interface\{1eb48aa7-d3fe-4e4c-ac8e-b01594496ac0} HKLM\software\clipgeniep2p HKLM\software\classes\interface\{42bd9965-303d-4cfb-aae0-dcadcb791a55} HKLM\typelib\{963f349d-8b15-4a3b-ac6a-6e1958b21e20} HKLM\software\microsoft\windows\currentversion\uninstall\downloadware engine HKLM\software\classes\clsid\{49de8655-4d15-4536-b67c-2aa6c1106740} HKLM\software\classes\typelib\{53f066f0-a4c0-4f46-83eb-2dfd03f938cf} SpyNoMore Collected Residual File Signatures: N/A
| | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| ||||
|
||||
 |
|
 | ||