Spyware.DOASearch Spyware Definition - Spyware Spywares, Adwares, Viruses Reviews and Info

Main Menu

Categories

Adware
Adware Bundler
AOL Exploit
Backdoor
Browser Hijacker
Browser Plug-in
Commercial Key Logger
Commercial Remote Control
Cookie
Dialer
E-Mail Flooder
Hostile ActiveX Control
ICQ Exploit
Joke Program
Key Logger
Loader
Low Risk Adware
Misc
Nuker
P2P
Password Hijacker
Potential Privacy Risk
Potentially Dangerous Tools
RAT
Search Hijacker
Security Disabler
Spyware
Stealth Notifier
Surveillance
Toolbar
Trojan
Trojan Downloader
Trojan FTP
Trojan Telnet
Viruses
Worm

Spyware.DOASearch Spyware Information

Name:	Spyware.DOASearch
Category:	Spyware
Advice:	Remove
Risk:	Elevated Risk Elevated threats are usually threats that fall into the range of adware in which data about a user's habits are tracked and sent back to a server for analysis without your consent or knowledge.
Description:	Spyware.DOASearch is a Trojan dropper that when executed modifies the configurations of Internet Explorer. When the file to dropper executes copy the following archives: %system%Services{clsid}svchost.dll %system%Services{clsid}svchost.exe %system%Services{clsid}svchost32.dll Where { clsid } is a generated value randomly and that is used like a folder within the registry of the system In addition it creates the following entrance in the registry to be able to execute itself in each resumption of the system: HKEY_LOCAL_MACHINESoftwareMicrosoft Windows CurrentVersionRun "Service Host "=" %system%Services { clsid}svchost.exe Also it modifies the following entrance in the registry: HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMain Start Page "=" HTTP :// daosearch.com Next svchost32.dll installs the file, this file is loaded whenever a process is executed, if the navigating Web is executed this is united to the process and can make unloadings of updates of the troyano, to show emergent messages (popup)
Signatures:	process: svchost.exe: MD5 Hash: 359430d258f55a2f25a... process: ms3.exe: MD5 Hash: a9f58c1f31e5408b032... process: ms4.exe: MD5 Hash: 72d8b85e0b956f8ad5a... process: mszx23.exe: MD5 Hash: a9f58c1f31e5408b032... process: security.exe: MD5 Hash: 67a323ad7b30648c269... process: svchost.exe: MD5 Hash: 756305639039ab4661a... process: dkload.exe: MD5 Hash: cd95c37eadbbb1c015f... process: svchost.exe: MD5 Hash: ad30bd685e21aa131ea... process: ms1.exe: MD5 Hash: b1c9f7ec2911770c41c... process: dkload.exe: MD5 Hash: 4639249b089353b648d... process: security.exe: MD5 Hash: ca0a69944f5b712d401... process: security.exe: MD5 Hash: 045a7ce9f10d74d128d..
Type:	Spyware - Spyware's primary purpose is to collect demographic and usage information from your computer, usually for advertising purposes. Spyware usually that 'sneaks' onto a system or performs other activities hidden to the user. Spyware programs are usually bundled as a hidden component and downloaded from the Internet. These modules are almost always installed on the system secretively and try to run secretively as well.

Top Spyware Visited Pages:

IEPlugin - Alias: IMIServer IEPlugin, Webplugin, BHO3Lib, ExplWWW, IExpl, MimarSinan, Win Server, winobject, TrojanDow - 84 visits
webHancer - Alias: Customer Companion, Webhancer Customer Companion, SpeedRank - 53 visits
Spyware.SearchAssistant - Alias: Troj/StartPa-EI - 50 visits
PowerReg Scheduler - 46 visits
007.msnnames - Alias: access.ocx, jokes.ocx, StopLiteCtrl, StopLite, 007installer - 44 visits
Aureate - Alias: Aureate Spy, Radiate - 39 visits
VX2.LocalNRD - Alias: LocalNRD - 38 visits
CWS.Cassandra - 37 visits
C2.Lop - Alias: C2 Media, Lop, LopAdvert, MP3Search, MpAdvert, TrojanClicker.Win32.Rotarran - 35 visits
Stealth Web Page Recorder v. 1.1 - 32 visits

Random Spyware Pages:

StartSurfing
00Sub7_20
Unclassified.Spyware.103
Axexx CHM
Spyware.SERVPacK2 - Alias: SERV PacK2, r34r
Spytech shadow
Transponder.Bolger
ATPartners
MDS Search Booster
INetBar

� 2006-2008 spyware32.com - Privacy Policy