Main Menu
Home
Bookmark
Contact Us

Categories
  Adware
  Adware Bundler
  AOL Exploit
  Backdoor
  Browser Hijacker
  Browser Plug-in
  Commercial Key Logger
  Commercial Remote Control
  Cookie
  Dialer
  E-Mail Flooder
  Hostile ActiveX Control
  ICQ Exploit
  Joke Program
  Key Logger
  Loader
  Low Risk Adware
  Misc
  Nuker
  P2P
  Password Hijacker
  Potential Privacy Risk
  Potentially Dangerous Tools
  RAT
  Search Hijacker
  Security Disabler
  Spyware
  Stealth Notifier
  Surveillance
  Toolbar
  Trojan
  Trojan Downloader
  Trojan FTP
  Trojan Telnet
  Viruses
  Worm
 


 
Memory Watcher Adware Information

Name: Memory Watcher
Category: Adware
Alias: - Alias: Kazaa P2P Networking
Advice: Remove
Risk: Elevated Risk Elevated threats are usually threats that fall into the range of adware in which data about a user's habits are tracked and sent back to a server for analysis without your consent or knowledge.
Description: Memory Watcher downloads files to the user's computer, possibly adware which will open pop-up windows.

Memory Watcher uses random file names, which it changes from time to time. It uses random text for registry entries, and changes this text, too. It is fault-tolerant, repairing itself when part of itself is deleted. It sets its file attributes to "system" and "hidden" to make detection and removal harder. And it works as a trickler, downloading more adware, spyware, porn dialers, and the like.

A clear sign of infection is a 14 character long registry value starting with a number, located in 'HKEY_LOCAL_MACHINE SOFTWARE Microsoft Windows CurrentVersion Run'. Another indication of infection is random named processes listed in the Task Manager's process list. Another sign of infections is network connections to rads01.quadrogram.com (66.150.207.200).

Peper Trojan is bundled with MemoryWatcher.
Signatures: process: gnsdk.exe: MD5 Hash: acbcbd932b6e79ee087... process: jxzw8.exe: MD5 Hash: 1ec4e4c7ec852ac62bf... process: memorywatcher.exe: MD5 Hash: 5b3dc1b0d02de710992... process: qcn02z2h.exe: MD5 Hash: fb7112d51df01db8d6e... process: rtgw.exe: MD5 Hash: 931c4a9dec3923b11c1... process: upgradememorywatcher.exe: MD5 Hash: e38d31481301f49b759... process: xdkd.exe: MD5 Hash: effde0674472a7a2d2a... process: lbk7.exe: MD5 Hash: ... process: tgjog.exe: MD5 Hash: ... process: zpuwldj.exe: MD5 Hash: ... process: nauzjgh.exe: MD5 Hash: ... process: xdkd.exe: MD5 Hash: ... process: memorywatcher.exe: MD5 Hash: 1145186b6ae9f49caef... process: wowex32.exe: MD5 Hash: db7ba8e8f0507d59857... process: aqzhage.exe: MD5 Hash: 045601027475acbc789... process: szfpw5ln.exe: MD5 Hash: 3da1b2765313ead2c20... process: rmtpcb55.exe: MD5 Hash: 509e9cda2399893b095... process: lcl7.exe: MD5 Hash: 546e820dc418635e91d... process: tgjog.exe: MD5 Hash: ... process: zpuwldj.exe: MD5 Hash: ... process: nauzjgh.exe: MD5 Hash: ... process: xdkd.exe: MD5 Hash: ... process: lbk7.exe: MD5 Hash: ... process: tcbkls.exe: MD5 Hash: 955742b6357ae768c6e... process: obn6sh0.exe: MD5 Hash: 955742b6357ae768c6e... process: wowex32.exe: MD5 Hash: 6a5f56cb250d6d19748... process: xej7.exe: MD5 Hash: 955742b6357ae768c6e... process: dbhb2.exe: MD5 Hash: 8b6cd710859e4db2014... process: hxg525x7.exe: MD5 Hash: 8b6cd710859e4db2014... process: krwh5f.exe: MD5 Hash: 8b6cd710859e4db2014... process: ldu7d7ta.exe: MD5 Hash: 2c2079c7f7e7dec477d... process: lkyrgy.exe: MD5 Hash: 2c2079c7f7e7dec477d... process: shoxv5.exe: MD5 Hash: 2c2079c7f7e7dec477d... process: trfhn9.exe: MD5 Hash: 2c2079c7f7e7dec477d... process: udbk1t.exe: MD5 Hash: 2c2079c7f7e7dec477d... process: yyxp.exe: MD5 Hash: 2c2079c7f7e7dec477d..
Type: Adware - A Trojan software is any software on a user's computer that the user is not aware or intentionally installed. Most Trojan software is designed to perform some sort of actions that could jeopardize the user's security or privacy.



Top Adware Visited Pages:
Adw.WinSoftware.WinAntiSpyware - 544 visits
ClickSpring.PuritySCAN.Downloader - 399 visits
DMCast - Alias: Desktop Media Cast - 170 visits
RBot.schvost - Alias: WORM_RBOT.CAU - 104 visits
WhenU.SaveNow - Alias: SAVE!, SaveNow, WhenU.SaveNow, WhenUSaveNow - 80 visits
Adw.FreePcScan.SpywareSlayer - 69 visits
Seekmo Search Assistant - 65 visits
ABetterInternet.Transponder.Ceres - Alias: Ceres - 65 visits
HelpExpress - Alias: Adware.HelpExpress - 62 visits
TopRebates.RebateNation - Alias: Adware:WebRebates.D - 55 visits

Random Adware Pages:
DownloadReceiver Raven
Cliks Adware
MultiClicker
Adw.Zenotecnico
Adware.SearchPage
UpSpiralToolbar - Alias: UpSpiral Search Tools, UpSpiralBar
Adw.WinSoftware.WinAntiSpyware
LoveTester - Alias: DomainEye
INetSpeak Websearch - Alias: JaypeeSysBHO, BHO42602, Jaypee Systems, boombar, eBoom, atomwire
Altnet P2P Networking - Alias: Kazaa P2P Networking


 

© 2006-2008 spyware32.com - Privacy Policy