Content

Dialer-323

Type
Program
SubType
Dialer
Discovery Date
11/29/2007
Length
Minimum DAT
5175 (11/30/2007)
Updated DAT
5175 (11/30/2007)
Minimum Engine
5.1.00
Description Added
11/29/2007
Description Modified
11/29/2007 5:15 AM (PT)
Risk Assessment
Corporate User
N/A
Home User
N/A

Tab Navigation

Characteristics

McAfee(R) AVERT™ recognizes that this program may have legitimate uses in contexts where an authorized administrator has knowingly installed this application. If you agreed to a license agreement for this, or another bundled application, you may have legal obligations with regard to removing this software, or using the host application without this software. Please contact the software vendor for further information.

See http://vil.nai.com/vil/DATReadme.asp for a list of Program detections added to the DATs.

See http://vil.nai.com/vil/pups/configuration.htm for information about how to enable, disable, and exclude detection of legitimately installed programs.

PUP detection was added to cover for an arguable 32 bit PE file originally called "appunti.exe", having a filesize of 50.688 bytes.

The file is internally compressed with the upx packer

The file was written using the Borland Delphi development tool.

Upon running it immediately opens a gui messagebox displaying what it is/does.

  • Upon execution the following file is displayed:

The application may be used for modem connections to adult websites such as

  • hxxp://appunti.traffic#######.net
  •  IP address: 212.39.##.44

 the exact address is omitted on purpose here.  

 

Symptoms

Method of Infection

Variants

Variants

    N/A

All Information

Overview -

Aliases

  • dialer (ikarw)
  • dialer.gen (panda)
  • dialer.generic (nav)
  • porn-dialer.win32.coneti (avp)
  • w32/dialer.axzw (norman)

Characteristics

Characteristics -

McAfee(R) AVERT™ recognizes that this program may have legitimate uses in contexts where an authorized administrator has knowingly installed this application. If you agreed to a license agreement for this, or another bundled application, you may have legal obligations with regard to removing this software, or using the host application without this software. Please contact the software vendor for further information.

See http://vil.nai.com/vil/DATReadme.asp for a list of Program detections added to the DATs.

See http://vil.nai.com/vil/pups/configuration.htm for information about how to enable, disable, and exclude detection of legitimately installed programs.

PUP detection was added to cover for an arguable 32 bit PE file originally called "appunti.exe", having a filesize of 50.688 bytes.

The file is internally compressed with the upx packer

The file was written using the Borland Delphi development tool.

Upon running it immediately opens a gui messagebox displaying what it is/does.

  • Upon execution the following file is displayed:

The application may be used for modem connections to adult websites such as

  • hxxp://appunti.traffic#######.net
  •  IP address: 212.39.##.44

 the exact address is omitted on purpose here.  

 

Symptoms

Symptoms -

Method of Infection

Method of Infection -

Removal -

Removal -

Instructions on Enabling/Disabling Detection and Removal of Potentially Unwanted Programs

Variants

Variants -

    N/A