1. /
  2. Security Response/
  3. Adware.ClickDLoader

Adware.ClickDLoader

Updated:
February 13, 2007 11:38:43 AM
Type:
Adware
Risk Impact:
High
File Names:
Bhui.exe,Services.exe,Arpa.exe
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP

When Adware.ClickDLoader is run, it creates and runs the following files:
    • %Windir%\System32\Bhui.exe: Detected as Download.Adware
    • %Windir%\Services.exe: Detected as Adware.Clickbank
    • %Windir%\System32\Arpa.exe: Detected as Adware.Clickbank

  • When these files run, they attempt to download files from the following domains:
    • hop.clickbank.net
    • purityscan.com
    • searchbarcash.com
    • xxxtoolbar.com
    • ucbill.com
    • mt-download.com

Summary| Technical Details| Removal

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report, Volume 17
Symantec DeepSight Screensaver