YHGames - No Fun, No Games

| | Comments (0)

Do you think the following website is all sweetness and light?

http://blog.spywareguide.com/upload/2007/10/yhgames0-thumb.jpg
Click to Enlarge

.....well, now that you mention it....

http://blog.spywareguide.com/upload/2007/10/yhgames00-thumb.jpg
Click to Enlarge

....whoops. Still, it's worth noting that, as with so many of these infection files, you DO sometimes get a few chances to redeem yourself before everything goes pear shaped:

http://blog.spywareguide.com/upload/2007/10/yhgames000-thumb.jpg
Click to Enlarge

Mind you, this would be a pretty boring blog entry if we did the sensible thing and failed to run the executable, right? Run it, run it, I hear you cry.

Well, okay then, just for you I'll run it...this is what ends up in your System32 Folder:

yhgames0000.jpg

One of the files made reference to IFRAMES inside the code - never a good sign:

yhgames00000.jpg

The page mentioned wasn't available during testing, so it could have been trying to load pretty much anything at all, from dubious advert to rogue executable. Who knows. What we do know, is that when everything is done and dusted, you're left with references to Browser Helper Objects:

yhgames0000000.jpg

...Winsock Layer hijacks...

yhgames00000000.jpg

...and a rogue service:

yhgames000000000.jpg

....that's a lot of hoop jumping to monitor what websites you're visiting, but oh well.

YHGames - no fun, no games.

Leave a comment

About this Entry

This page contains a single entry by Christopher Boyd published on October 30, 2007 8:31 AM.

Bang the Gong was the previous entry in this blog.

Myspace Spammers Just Aren't Trying Anymore is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.