TopSearch

Description:	Adware
Risk Level:	High
Date of First Occurence:	Monday, April 14, 2008
Software Developer:	Altnet, Inc.
Brief Info:	Topsearch acts as a search engine. It can supply advertising content to KaZaA or Grokster users.
Removal:	This threat can be removed using "Spyware Terminator"

RIMUOVI SPYWARE »

Geographical Distribution of Threat "TopSearch"

Threat Info

View All

Detected Items

Detected Files: %PROGRAMFILES%\topsearch\uninstall.exe MD5: BE9FBBD887D69964097FE3E3587606D2 Size:36708 %PROGRAMFILES%\topsearch\ls_update.exe MD5: A0CA65623FCA02C2E1CA3B820A77F56B Size:230141 MD5: 4E9F3AAEC4E0EF02789CC6D2FCAB6FE0 Size:255933 MD5: 4257883F805637667337B71862595EA3 Size:255895 MD5: 145F20378050C4090D9416F088A66895 Size:255972 %PROGRAMFILES%\topsearch\topsearch.exe MD5: 41F2234210E0C7581E61AF2AE16B96D9 Size:307200 MD5: 6B3123728DCDE4F90BC30EFC5884B841 Size:307200 %PROGRAMFILES%\topsearch\topsearch.dll MD5: 58E03A0C41B99696E4F4ED3A40033EC8 Size:180224 %PROGRAMFILES%\Altnet\Points Manager\sysdetect.dll MD5: AF230559AD044F6F7079E4C56502E1CA Size:29824 %PROGRAMFILES%\Altnet\Download Manager\asmend.exe MD5: DAF76E800763C23582129FD76E98A303 Size:40960 MD5: 2FD74D129766B0BE50C8D3BA2B1BC0DF Size:36864 %PROGRAMFILES%\Altnet\Download Manager\altnetuninstall.exe MD5: 279FCEA6AC148659569F5B3B166F09B8 Size:45056 MD5: 06E0995C18BA522C888A7A8D0F6C719D Size:26624 MD5: BE08EC40B899F5D15F59F4BD8993EEFB Size:45056 %PROGRAMFILES%\Altnet\Download Manager\admfdi.dll MD5: 9AD6C75AEE71C0CEE1D46E680FD5DF93 Size:46856 MD5: 916FABA21C160D241F5AE10FB41EDB5A Size:46856 MD5: 18DB730790EC7D2379FF540F7CFCDCA8 Size:46856 MD5: A24487E3D8CEA0F6B298508609E8EB8E Size:46360 MD5: BE3FA8D9B065006401CDC7671150F678 Size:46544 %PROGRAMFILES%\Altnet\Download Manager\admdloader.dll MD5: 7F149DB09C3DDD309387C8BC7D331B12 Size:96008 MD5: F1FFA2E83192303DB09E949899620D2F Size:96008 MD5: 8C626C0C516A36FC5E10700447C07DDE Size:96008 MD5: F6750DBEDE77DAE06F7F0F7CCF9FF746 Size:95512 MD5: 2E3DBF4A7FE3C5B1DB4E5C97C894BD45 Size:95696 %PROGRAMFILES%\Altnet\Download Manager\adm25.dll MD5: 258336A58701E59B1CCC3AD6D0A243E3 Size:157448 MD5: F1E3B06A0A3AE6EE7CDD7B4D2AF70E86 Size:157448 MD5: 6946176F310D67B573BD719888E24CD3 Size:157448 MD5: 56A4060ADE0359DBC26FBE037844ED55 Size:156952 MD5: 4A0297BD21199D371D81015B864B3DE9 Size:157136 %PROGRAMFILES%\Altnet\Download Manager\adm4.dll MD5: EFFE89F47E29198AB5F4F70C49E65A38 Size:128776 MD5: 728B90ED63BA8449FAEE618C93EEB4C6 Size:128776 MD5: A44DB37C77B37CF7593BA1B45E4B7D57 Size:128776 MD5: DC691E24822B888150CE31A451D1A70F Size:107800 MD5: AE5D78EFE61A78FF9EE5529F1F29FAF6 Size:107984 %PROGRAMFILES%\Altnet\Points Manager\Points Manager.exe MD5: 0E95F5C926CD23ABA02CA226CEE9884B Size:336896 MD5: A1B83CEBBDC4A8D719598B16F72A53B3 Size:336896 %PROGRAMFILES%\Altnet\Download Manager\adm4005.exe MD5: 4DC51797136FFD6354818C45C8112CC0 Size:145160 %PROGRAMFILES%\Altnet\Download Manager\dman4.exe MD5: 5E1D93E3425F0BA72D054701DCF9F43C Size:114688 %PROGRAMFILES%\Altnet\Download Manager\dman4.dll MD5: 596991A57CC4549CC957B1847431396F Size:119936 %PROGRAMFILES%\Altnet\Download Manager\dman25.dll MD5: A99F288098756BF3D66A6A5D1B714C26 Size:103552 %PROGRAMFILES%\Altnet\Download Manager\bdeinstallprogress4.dll MD5: AE37D76062ADFDFFD6B7DBDB47C8D0D6 Size:181376 %PROGRAMFILES%\Altnet\Download Manager\bdefdi.dll MD5: 3006048BB2409CEA27962ECD28C2E642 Size:50304 %PROGRAMFILES%\Altnet\Download Manager\bdedownloader.dll MD5: 7D65AC57F7F3DF16F80AFF4FD4DB951E Size:95360 %PROGRAMFILES%\Altnet\Download Manager\bdedata2.dll MD5: BE7CBC94EF3F08489DD7C870B4B937BB Size:42112 %PROGRAMFILES%\Altnet\Download Manager\asmps.dll MD5: C4B0BACED3E21B09C3E948D483FC0EFE Size:38000 MD5: 36416CB237539674CD526FB9BD810812 Size:38344 %PROGRAMFILES%\Altnet\Download Manager\asm.exe MD5: E5D7F5C05B0474CB4CB984062190746F Size:322048 MD5: 16E8203A952551B1AF5F3F7DE5A657E8 Size:330240 %PROGRAMFILES%\Altnet\Download Manager\adm.exe MD5: 37E37340EA22CAC658D4507A77BAA1F4 Size:128280 %PROGRAMFILES%\altnet\points manager\points manager.exe MD5: A92F965D7FAA74AA05A6AF0BD49EDCFC Size:336896 %PROGRAMFILES%\Altnet\Download Manager\admprog.dll MD5: 76025AACFB2C2202927B3232CEB6B4FD Size:132560 %PROGRAMFILES%\Altnet\Download Manager\admdata.dll MD5: D4A74E55C26A26BAE62CB4F3DAA9E614 Size:42448 %PROGRAMFILES%\Altnet\Download Manager\altinst2.dll MD5: E13344F8277BC9C5606B58072299F1F0 Size:6866 MD5: 290B6162578EEE6A35D7397EBE7ADC68 Size:6866 %PROGRAMFILES%\Altnet\Download Manager\altinst1.dll MD5: C24E028A1DEF601875FC3B98E25408CE Size:6171 MD5: 99A86236891702399B209F546FD5A660 Size:6171
Detected Files with variable Filenames: MD5: 7EB46F425675E6D0FC515479C856DFDA Size: 182024 %WINDIR%\temp\altnet\admprog.dll %PROGRAMFILES%\Altnet\Download Manager\admprog.dll MD5: F818683E9BA2DA5EDDCAACC06C026582 Size: 42760 %WINDIR%\temp\altnet\admdata.dll %PROGRAMFILES%\Altnet\Download Manager\admdata.dll MD5: 6E79E0078900CE9E67640EFF53B3ADC6 Size: 38344 %PROGRAMFILES%\Altnet\Download Manager\asmps.dll %PROGRAMFILES%\Altnet\Download Manager\asmps.dll.ren MD5: 83426E89C430BAE34C54C145EC31DE59 Size: 182024 %WINDIR%\temp\altnet\admprog.dll %PROGRAMFILES%\Altnet\Download Manager\admprog.dll MD5: DCA0F8556588F427C667ADCB772071C8 Size: 42760 %WINDIR%\temp\altnet\admdata.dll %PROGRAMFILES%\Altnet\Download Manager\admdata.dll MD5: A5C86BE603C1BC45D75C4082F68EF13B Size: 145160 %PROGRAMFILES%\Altnet\Download Manager\adm4005.exe %PROGRAMFILES%\Altnet\Download Manager\adm4005.exe.ren MD5: B3513D21AB05924D8C93A1F03BA21F00 Size: 182024 %PROGRAMFILES%\Altnet\Download Manager\admprog.dll %WINDIR%\temp\altnet\admprog.dll MD5: 319517CD80564C41503323214B32CD7C Size: 42760 %PROGRAMFILES%\Altnet\Download Manager\admdata.dll %WINDIR%\temp\altnet\admdata.dll MD5: 86626523B878487033BD7B8DF116C026 Size: 176128 %WINDIR%\temp\altnet\admprog.dll %WINDIR%\temp\altnet\admprog.dll.ren MD5: 2A98A8BAF73D0E17E527EFE3B1EF3C9B Size: 42448 %WINDIR%\temp\altnet\admdata.dll %WINDIR%\temp\altnet\admdata.dll.ren MD5: F0047F89D17BFBE095954536241AD2CB Size: 132376 %WINDIR%\temp\altnet\admprog.dll %PROGRAMFILES%\Altnet\Download Manager\admprog.dll MD5: DD996A8ADEE4748CB4CA953A3065D23A Size: 42264 %WINDIR%\temp\altnet\admdata.dll %PROGRAMFILES%\Altnet\Download Manager\admdata.dll

Detecting items list:

Files by Name %PROGRAMFILES%\Altnet\Download Manager\asm.exe %PROGRAMFILES%\Altnet\Download Manager\Points Manager.exe %PROGRAMFILES%\altnet\download manager\adm*.exe %PROGRAMFILES%\altnet\download manager\altnetuninstall.exe %windir%\temp\altnet\pmexe.cab %windir%\temp\altnet\pmfiles.cab %windir%\temp\altnet\adm*.exe %windir%\temp\altnet\setup.exe %windir%\temp\altnet\admdata.dll %windir%\temp\altnet\admdloader.dll %windir%\temp\altnet\admfdi.dll %windir%\temp\altnet\admprog.dll %windir%\temp\altnet\atl.dll %windir%\temp\altnet\msvcirt.dll %PROGRAMFILES%\altnet\Points Manager\points Manager.exe %PROGRAMFILES%\altnet\Points Manager\sysdetect.dll %PROGRAMFILES%\topsearch\topsearch.dll %PROGRAMFILES%\topsearch\topsearch.exe %PROGRAMFILES%\Altnet\Download Manager\asmend.exe %PROGRAMFILES%\Altnet\Download Manager\asmps.dll %TEMP%\asmfiles.cab
Files by Directories %PROGRAMFILES%\Altnet %START_PROGRAMS%\Altnet %windir%\temp\altnet %PROGRAMFILES%\topsearch %PROGRAMFILES%\grokster\topsearch.dll
Files by CLSID or Name CLSID=DEF37997-D9C9-4A4B-BF3C-88F99EACEEC2 CLSID=1D3BCE37-7834-4579-8169-E67681420A98 CLSID=C15B7EA2-A360-43E8-A591-5FAEDC7C4E1D CLSID=9BBCF06C-DCD7-495D-80DF-CDD5399D0FF8 CLSID=E813099D-5529-47F4-9B37-4AFAFCB00A43 CLSID=9d4548ce-92fd-4c6c-ae7f-3dbe3bc763d8 CLSID=bff4f684-677e-44f4-8c74-1d575c950e10
Registry Keys HKLM\SOFTWARE\Altnet HKCR\ADM.ADM HKCR\ADM.ADM.1 HKCR\ADM25.ADM25 HKCR\ADM25.ADM25.1 HKCR\ADM4.ADM4 HKCR\ADM4.ADM4.1 HKCR\AppID\adm.EXE HKCR\AppID\Altnet Signing Module.EXE HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TopSearch HKLM\SOFTWARE\TopMoxie\TopSearch
Registry Values HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=TopSearch

« Go to Software Database

Cerca nel nostro database dei software

Sfoglia il database dei software

Ultimissime notizie sui Malware

23. settembre 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Notizie sui vecchi malware »