Spyware.Jgidol

Printer Friendly Page

Updated: September 26, 2006 7:12:50 AM
Type: Adware
Risk Impact: High
Systems Affected: Windows

Behavior

Spyware.Jgidol is a security risk that sends email addresses and user names to a remote host.

Antivirus Protection Dates

  • Initial Rapid Release version October 02, 2014 revision 022
  • Latest Rapid Release version February 01, 2015 revision 020
  • Initial Daily Certified version September 26, 2006
  • Latest Daily Certified version January 26, 2015 revision 023
  • Initial Weekly Certified release date September 27, 2006

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Writeup By: Symantec

Updated: September 26, 2006 7:12:50 AM
Type: Adware
Risk Impact: High
Systems Affected: Windows

Spyware.Jgidol is a security risk that sends email addresses and user names to a remote host.

Once executed, the security risk creates the following file:
%UserProfile%\Desktop\[JAPANESE TEXT].txt

It then sends email to Support@jgidol.com with the user's email address.

The risk modifies the following registry entry to change the start page of Internet Explorer:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Start Page" = "http://jgidol.com/start.php?m=[EMAIL ADDRESS]n=[USERNAME]"

It connects to the jgidol.com domain and plays a movie file.

Writeup By: Symantec