|
Title: OKCashBackMall
Type: Adware
Remove OKCashBackMall. Removal instructions
Severity scale:
 (63 / 100)
If you encounter OKCashBackMall in your system, remove it ASAP. Related files: DelZip179.dll, cashbackkorea.dll, cashbacksys.dll, mizane.dll, icons.dll, mizanebar.dll, cashbacksysbar.dll, okcashbackmall.dll, okcashbackmallbar.dll, tmp_1023921881.exe OKCashBackMall properties: • Shows commercial adverts Automatic OKCashBackMall removal: 
We are testing STOPzilla's efficiency at removing OKCashBackMall
(2008-04-30 06:11:15)
We are testing Malwarebytes Anti Malware's efficiency at removing OKCashBackMall
(2008-04-30 06:11:15)
We are testing Spyware Doctor's efficiency at removing OKCashBackMall
(2008-04-30 06:11:15)
OKCashBackMall manual removal:Kill processes:tmp_1023921881.exe Delete registry values: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\?€?dwqblwppx.exe?€? = ?€?C:\WINDOWS\system32\dwqblw[RANDOM CHARACTERS].exe?€? HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\?€?dwqblwpvl.exe?€? = ?€?C:\WINDOWS\system32\dwqblw[RANDOM CHARACTERS].exe?€? HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7AC1D6D1-B83B-4D77-A916-839F90216BC7} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows cashbackkorea Uninstall HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows cashbacksys Uninstall HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows mizane Uninstall HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\okcashbackmall Uninstall HKEY_LOCAL_MACHINE\SOFTWARE\cashbackkorea HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\?€?dwqblwrsq.exe?€? = ?€?C:\WINDOWS\system32\dwqblw[RANDOM CHARACTERS].exe?€? HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{1DE525ED-EF71-4119-8C3C-1CE5315ADA74} HKEY_CLASSES_ROOT\cashbackkorea.cashbackkorea.com HKEY_CLASSES_ROOT\cashbackkoreabar.cashbackkorea HKEY_CLASSES_ROOT\cashbacksys.cashbacksys.com HKEY_CLASSES_ROOT\cashbacksysbar.cashbacksys.com HKEY_CLASSES_ROOT\mizane.mizane.com HKEY_CLASSES_ROOT\mizanebar.mizane.com HKEY_CLASSES_ROOT\okcashbackmall.okcashbackmall.com HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{D04358AE-CE03-4A26-9F02-69C4D3A5267F} HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent HKEY_CLASSES_ROOT\CLSID\{1DDE8A86-89D8-4B55-A936-65C40B6A8DD0} HKEY_CLASSES_ROOT\CLSID\{1DE525ED-EF71-4119-8C3C-1CE5315ADA74} HKEY_CLASSES_ROOT\CLSID\{4D2D9681-C234-47A3-B499-9CEE26FF54C2} HKEY_CLASSES_ROOT\CLSID\{7AC1D6D1-B83B-4D77-A916-839F90216BC7} HKEY_CLASSES_ROOT\CLSID\{D04358AE-CE03-4A26-9F02-69C4D3A5267F} HKEY_CLASSES_ROOT\okcashbackmallbar.okcashbackmall.com.Bar HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DDE8A86-89D8-4B55-A936-65C40B6A8DD0} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D2D9681-C234-47A3-B499-9CEE26FF54C2} Unregister DLLs: DelZip179.dll, cashbackkorea.dll, cashbacksys.dll, mizane.dll, icons.dll, mizanebar.dll, cashbacksysbar.dll, okcashbackmall.dll, okcashbackmallbar.dll Delete files: DelZip179.dll, cashbackkorea.dll, cashbacksys.dll, mizane.dll, icons.dll, mizanebar.dll, cashbacksysbar.dll, okcashbackmall.dll, okcashbackmallbar.dll, tmp_1023921881.exe 
Information added: 2008-04-30 03:34:00
Information updated: 2008-04-30 03:34:00 Additional resources related to OKCashBackMall:Attention: If you know or you have a website or page about OKCashBackMall removal, feel free to add a link to this list: add url |
Latest spyware news:
Subscribe to news
Similar parasites:
|
FORUM:
HELP:
Spreading the knowledge:
It is very hard to fight Computer parasites alone in internet space. If you have a website we would be more than happy if you would help us to spread the knowledge about latest threats. You can help your
visitors to manage their Computer system manually without aditional expences. Knowledge is the power, we just need to spread it.
Post Comment: