Updated: April 19, 2007 2:15:04 AM
Type: Adware
Risk Impact: Low
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
When Adware.BeSys is executed, it creates the following registry entry so that it runs every time Windows starts:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"BeSys" = "[PATH TO THE ADWARE PROGRAM]"
The risk then attempts to download the file bead.ini in the same directory as the adware program from the following location:
[http://]liveupdate.myim.cn/be/beh[REMOVED]
Note: The file contains the URL list of pop-up ads.
It then displays the pop-up ads.
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
