Dialers dial to predefined numbers to connect to certain sites. Many users run dialers without knowing that some of these programs actually dial long distance numbers or connect to pay-per-call sites in any browser; and that they are being charged for the calls. Dialers are often offered as programs for accessing adult sites.
It drops the following files:
It uses sets of strings, which may lead to host file modification, downloading, sending of information, and other possibly malicious routines:
It drops the following files:
- %Desktop%\XXX ACCESS.LNK
- %Program Files%\GIB\dat\12599.gib
- %Program Files%\GIB\dat\12599.ico
- %Program Files%\GIB\EZ_1-2-3.EXE
- %Start Menu%\Programs\XXX ACCESS.LNK
- %Start Menu%\XXX ACCESS.LNK
- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\MICROSOFT\Network\CONNECTIONS\Pbk\rasphone.pbk
- HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\Windows\CURRENTVERSION\ uninstall\XXX Access
DisplayName = "XXX Access" - HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\Windows\CURRENTVERSION\
uninstall\XXX Access
UninstallString = "%Program Files%\GIB\EZ_1-2-3.EXE uninstall 12599"
- %folder where it is located%\376f62ee-b5ce-4c85-b72b-dee56b483e92.exe
It uses sets of strings, which may lead to host file modification, downloading, sending of information, and other possibly malicious routines:
- Could not launch web browser.
- Please send and e-mail to support@chargit.com and reference Error #LB%d
- dist02.tdial.com
- E-mail pport@chargit.com a.u.b. voor hulp.
- http://www.{BLOCKED}ith.com
- http://www.ith.com/members/
- Please E-Mail pport@chargit.com for assistance.
- Please send an email tosupport@chargit.com referencing error #DF1 for assistance.
- Please send an email to support@chargit.com referencing error #DF2 for assistance.
- Por favor envia e-mail pport@chargit.com para ayuda.
0 comments:
Post a Comment