Search:       

Saturday, 17 May 2008       

Downloader.CashToolbar Spyware/Adware Definition


Name: Downloader.CashToolbar
Category: Trojan Downloader
Alias: Downloader-MY
Advice: Remove
Risk: High Risk High risk threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction. May open up communication ports, use polymorphic tactics, stealth installations, and/or anti-spy counter measures. May use a security flaw in the operating system to gain access to your computer.
Description:

This detection is for a downloading trojan that serves only to download and execute a remote file.

Once executed, it installs itself on the victim machine using deceptive file and folder names:

c:WINNTsystem32driverscd_load.exe
c:WINNTsystem32inetsrvMSCStat.exe

The following Registry hooks are added:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun "CashToolbar" = C:WINNTsystem32inetsrvMSCStat.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun "ClickTheButton" = C:WINNTsystem32driverscd_load.exe

After a delay, the following fake error message is displayed:

"Windows Error: Windows has detected spyware, click OK to remove."

Upon clicking OK, the trojan attempts to download remote files.
Signatures: process: svchost.exe: MD5 Hash: aeedc5c251b79785ad8... process: svchost.exe: MD5 Hash: e0fa3d9f794aaaa7c8f... process: cd_load.exe: MD5 Hash: b7f400e556e56b04826... process: cd_load.exe: MD5 Hash: 553dd729461cef24bd6... process: cd_load.exe: MD5 Hash: 5fca53ad4a905685db3... process: mscstat.exe: MD5 Hash: df7f8bbb39861572c56..
Type: Trojan Downloader - A Trojan software is any software on a user's computer that the user is not aware or intentionally installed. Most Trojan software is designed to perform some sort of actions that could jeopardize the user's security or privacy.


Top Trojan Downloader Visited Pages:
180 Search Boomerang
ABox
Active Delivery
ActiveInstaller
ACXInstall
AdServerNow
Agent.MJ
Agent.MK
Agent.ML
Agent.MN
Agent.SH
Agent.SI
Agent.SJ
Agent.SK
Atmaca Downloader

 

Main Menu
Home
Top Downloads
New Programs
Awards
Submit
Link to us
Spyware Definitions
Viruses Info
Recipes
Jokes
Contact us

Spyware Categories
  Adware
  Adware Bundler
  AOL Exploit
  Backdoor
  Browser Hijacker
  Browser Plug-in
  Commercial Key Logger
  Commercial Remote Control
  Cookie
  Dialer
  E-Mail Flooder
  Hostile ActiveX Control
  ICQ Exploit
  Joke Program
  Key Logger
  Loader
  Low Risk Adware
  Misc
  Nuker
  P2P
  Password Hijacker
  Potential Privacy Risk
  Potentially dangerous utilities/tools
  RAT
  Search Hijacker
  Security Disabler
  Spyware
  Stealth Notifier
  Surveillance
  Toolbar
  Trojan
  Trojan Downloader
  Trojan FTP
  Trojan Telnet
  Viruses
  Worm
 


Partners
Softs Land
Hotel Reservations
Computer Articles
Viruses Info
Free Downloads
Data Recovery Shareware Downloads Free Articles
Cooks Recipes
Download Programs
Windows Drivers
MySpace Generators

Check PageRank

 

 
- Privacy Policy -