Spyware free software spyware removal Anti Spyware software free spyware check adware spyware remover anti virus downloadAnti Spyware Software
Spyware Detector - HomeSpyware Detector - PurchaseSpyware Detector - AffiliatesSpyware Detector - Download UpdatesSpyware Detector -FAQSpyware Detector -Contact Us

Home/ Spyware Encyclopedia / PSW.OnLineGames

 PSW.OnLineGames Technical Details
 Category PSW
 Discovered   7/13/2006 11:05:00 AM
 Modified   12/4/2008 2:59:05 PM
 Threat Level Critical
 Category Description
This family of Trojans steals passwords, normally system passwords from victim machines. They search for system files which contain confidential information such as passwords and Internet access telephone numbers and then send this information to an email address coded into the body of the Trojan. The 'master' or user of the illegal program will then retrieve and misuse this information. Most common behavior: 1. Ask for password using fake window 2. Change ICQ, MSN and AOL configuration 3. Get cached Windows passwords
 Notice

Please note that the following information is not controlled or endorsed by Max Secure Software. They are captured automatically in our Research Lab as a result of executing Spyware Files or browsing Internet. Please contact us if you find any information inappropriate for removal. All the work contained in this report is copyrighted and should not be copied without permission from Max Secure Software.

We do not recommend browsing or removing these entries on your own manually. We do not take any warranty against the use or result of the use of this information.
 Summary
The following http urls were started:
• 58.211.7.36/image/logo.jpg?queryid=80004
• wami.3322.org/ip.txt
• zhu.xinwen520.com/ip.html
The hosts file was updated with the following url-to-ip mappings: NA
The following internet connection was established:
58.211.7.36 : 80
218.89.82.69 : 80
121.17.126.52 : 80
 The following Files were created:
 
NameVersionPublisherSignature (MD5)File Size (in KB)
..\0acf8240.dll  8eaa5b15ebc8c7df11e4ebdcf04212f7 
..\1cebda3f.dll  7abbe4fcb775e873194bdcb10a967c69 
..\3ba385b7.dll  b1d52dbe93580e5049e930c353ab7342 
..\a5a3f464.exe  db850a253d5ad7e2d534c708cf0fd0b8 
..\BQSLDL.DLL    
..\GSCPX32R.DET   2560
..\1b7d6bbc.dll  2710817fe03e231cd6e67a4a08c22281 
..\f07dfeb1.dll  c4e3c43de2f07a34b99195756df8b429 
..\3ecbab32.dll  c3446102991b7e13c32d6d6e201470d8 
..\MSINFO\SYSINFO1.DLL2    
..\MSYECP.SYS  7E9C8552A1E9A385B726610F5F8C8F8D12672
..\OSYBOX.DLL    
..\0B53079D.DLL  E04BE136AD26804D9F863FA31B447E93 
..\7AC85652.EXE  4B9CDDD4A868490A6EC5714A5FDF98BC 
..\F74EAE30.DLL  DFD82A12293649B9A3D1D443C73FAE49 
..\ayWTZWTZ1036.dll  9F627673D467DC8911E3695EDBE30A958298
..\09FB08FB.EXE  31B28DD480FB4D30B66D37AB306AE59312916
..\90BA0733.EXE  7CC0625AC1A602C32641250B331D2B19146587
..\E8F447B8.EXE  20C6A5842DD995895DD1112ED32B264431456
..\A16F6637.EXE  A34BFF4ECAF1D6A1DB771001D1F9C7B3131072
..\933D391F.DLL  D1B039F2FFF66FB88E31844F1AC099E2923664
..\06EE933A.EXE1.0.0.01AA8FAB0F63045FB2A66953976FAC249F81920
..\76B8EAA4.DLL  1DAB87710642AEE1E3EE7974C682F3C5536072
..\B8C9E761.EXE  11F324F71CE36985B93A092B0C9D50CE159744
 The following Registry Entries were created:
 
..\Software\Classes\Clsid\{5f24d354-e8fd-410e-8f85-35351ccc9eda}
..\Software\Classes\Clsid\{50940f85-f015-14f1-a05f-f69858ac6d05}
..\Software\Classes\Clsid\{e8a3b193-77e3-4fb3-986d-f4fa4828bafc}
..\Software\Classes\Clsid\{81954fac-1023-154f-895a-1458258ad818}
..\Software\Classes\Clsid\{86674fd8-4fd8-6679-d866-fd867fd86679}
..\Software\Classes\Clsid\{4629ff4f-acdb-5c90-a098-facb3456a264}
..\Software\Classes\Clsid\{5b1aef69-ddae-fdad-dcab-698f026abdb5}
..\Software\Classes\Clsid\{29109876-7619-9101-7012-901938475192}
..\Software\Classes\Clsid\{5e907a48-400e-4ea8-9792-ffae052d59e9}
..\Software\Classes\Clsid\{40117b96-998d-4d80-8f89-5e9dbd9f3460}
..\Software\Classes\Clsid\{50af1289-f140-a140-d012-c1458759fc05}
..\Software\Classes\Clsid\{11f09afd-75ad-4e51-ab43-e09e9351ce16}
..\Software\Classes\Clsid\{dc3d30ae-0380-4151-8934-ee98a34b0370}
..\Software\zcom
..\Software\Microsoft\Windows\CurrentVersion\Run\\"bincdwsa"\"%win%\bincdwsa.exe"
..\Software\Microsoft\Internet Explorer\Extensions\{06926B30-424E-4F1C-8EE3-543CD96573DC}
..\Software\Classes\Clsid\{37AC9076-C898-B098-D098-A18319080973}
..\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37AC9076-C898-B098-D098-A18319080973}
..\Software\Classes\NEWPUSHPUPOPAD.BBLOGC.1
..\System\CurrentControlSet\Services\WINDOWSUPDATA
..\Software\Microsoft\Windows NT\CurrentVersion\Windows\\"APPINIT_DLLS"\"JOLINOS.DLL"
..\Software\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_Dlls"\"msoscqit00.dll"
..\Software\Microsoft\Windows NT\CurrentVersion\Windows\\"APPINIT_DLLS"\"YTFB.DLL"
Recommendation to remove PSW.OnLineGames
Spyware Detector can remove PSW.OnLineGames, and thousands of other Spyware automatically and instantly. Click here to download Spyware Detector and scan for free.
Download Spyware Detector and Scan for FREE
 
Personalized E-mail support by our Research Team. You send an "Export Log" report to us, we then add new definition and you eliminate spyware found on YOUR PC in the next Live Update. So, not only do you benefit but the whole community enjoys the feedback.
Speed up your computer and increase browsing performance by deleting Spyware & Adware
Enjoy continuous protection and security with frequent spyware definition updates so you never have to worry about new threats and outdated software.
Surf the web with confidence knowing your online activities aren't being tracked, and your confidential data is secure from prying eyes.
 
Free Spyware Scan
 Search Threats
Testimonials

Read More
Information Desk
Spyware & Adware Categories we scan
  
List of Spyware &
Adware we remove
Submit a Threat
Submit a threat to be reviewed by our research team

Submit a Threat
Home| About Us| Purchase| Contact Us| FAQ| Privacy Policy
Copyrights© 2003-2008 Max Secure Software. All rights reserved