NEWS
PARASITES
SOFTWARE
FORUM
DIRECTORY

 
 
 
 
 
 
  

Remove OKCashBackMall. Description and removal instructions

 
Title: OKCashBackMall
Type: Adware
Severity scale:OKCashBackMall severity is 63  (63 / 100)
 
OKCashBackMall is a malicious adware application that may change your web browser settings and redirect you to their sponsors' websites. Moreover, OKCashBackMall is prone to stealing your personal information and sending it to third party servers for commercial analysis.

If you encounter OKCashBackMall in your system, remove it ASAP.

FORUM:
Discuss OKCashBackMall in
spyware removal forum

Related files: DelZip179.dll, cashbackkorea.dll, cashbacksys.dll, mizane.dll, icons.dll, mizanebar.dll, cashbacksysbar.dll, okcashbackmall.dll, okcashbackmallbar.dll, tmp_1023921881.exe

OKCashBackMall properties:
• Shows commercial adverts

Automatic OKCashBackMall removal:

remover for OKCashBackMall

OKCashBackMall manual removal:

Kill processes:
tmp_1023921881.exe
HELP:
how to kill malicious processes

Delete registry values:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\”dwqblwppx.exe” = “C:\WINDOWS\system32\dwqblw[RANDOM CHARACTERS].exe”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\”dwqblwpvl.exe” = “C:\WINDOWS\system32\dwqblw[RANDOM CHARACTERS].exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7AC1D6D1-B83B-4D77-A916-839F90216BC7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows cashbackkorea Uninstall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows cashbacksys Uninstall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows mizane Uninstall
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\okcashbackmall Uninstall
HKEY_LOCAL_MACHINE\SOFTWARE\cashbackkorea
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\”dwqblwrsq.exe” = “C:\WINDOWS\system32\dwqblw[RANDOM CHARACTERS].exe”
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{1DE525ED-EF71-4119-8C3C-1CE5315ADA74}
HKEY_CLASSES_ROOT\cashbackkorea.cashbackkorea.com
HKEY_CLASSES_ROOT\cashbackkoreabar.cashbackkorea
HKEY_CLASSES_ROOT\cashbacksys.cashbacksys.com
HKEY_CLASSES_ROOT\cashbacksysbar.cashbacksys.com
HKEY_CLASSES_ROOT\mizane.mizane.com
HKEY_CLASSES_ROOT\mizanebar.mizane.com
HKEY_CLASSES_ROOT\okcashbackmall.okcashbackmall.com
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{D04358AE-CE03-4A26-9F02-69C4D3A5267F}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
HKEY_CLASSES_ROOT\CLSID\{1DDE8A86-89D8-4B55-A936-65C40B6A8DD0}
HKEY_CLASSES_ROOT\CLSID\{1DE525ED-EF71-4119-8C3C-1CE5315ADA74}
HKEY_CLASSES_ROOT\CLSID\{4D2D9681-C234-47A3-B499-9CEE26FF54C2}
HKEY_CLASSES_ROOT\CLSID\{7AC1D6D1-B83B-4D77-A916-839F90216BC7}
HKEY_CLASSES_ROOT\CLSID\{D04358AE-CE03-4A26-9F02-69C4D3A5267F}
HKEY_CLASSES_ROOT\okcashbackmallbar.okcashbackmall.com.Bar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DDE8A86-89D8-4B55-A936-65C40B6A8DD0}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D2D9681-C234-47A3-B499-9CEE26FF54C2}
HELP:
how to remove registry entries

Unregister DLLs:
DelZip179.dll, cashbackkorea.dll, cashbacksys.dll, mizane.dll, icons.dll, mizanebar.dll, cashbacksysbar.dll, okcashbackmall.dll, okcashbackmallbar.dll
HELP:
how to unregister malicious DLLs

Delete files:
DelZip179.dll, cashbackkorea.dll, cashbacksys.dll, mizane.dll, icons.dll, mizanebar.dll, cashbacksysbar.dll, okcashbackmall.dll, okcashbackmallbar.dll, tmp_1023921881.exe
HELP:
how to remove harmful files

Other programs to remove OKCashBackMall:

• SUPERAntiSpyware - Review - Download
• CounterSpy - Review - Download
• Windows Defender - Review - Download

Information added: 30/04/08
Information updated: 30/04/08

Additional resources related to OKCashBackMall:

Attention: If you know or you have a website or page about OKCashBackMall removal, feel free to add a link to this list: add url



more resources

Post Comment:

Attention: Use this form only if you have additional information about OKCashBackMall parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.



Enter security code:

Latest spyware news:
Similar parasites:
Latest Spyware Threats: VirusProtect Pro | VirusLocker | SpyCrush | ContraVirus | SpyLocked | SpyDawn | AntiVerminser | SpywareQuake | VirusBurst | AntiVermins | AntiVermeans | Zlob | PopCorn.net | MovieLand | TagASaurus | BraveSentry | VirusBurster | SystemDoctor | VirusRescue | MalwareWipe | SpySheriff | CmdService | Smitfraud | SpywareStrike | WinFixer | WinHound | PestTrap | UnSpyPC
Agreement of Use | Privacy policy | Webmasters | Contact us | RSS Feeds
© 2001-2008 2-spyware.com All Rights Reserved. Reproduction in part or whole without written permission is prohibited. Powered by: eSolutions.