Trojan.Win32.Dialer

· Overview ·
· Origins ·
· Distribution ·
· Operation ·
· Detection and Removal ·
· Research ·

Overview

Category:

Dialer: Software that dials a phone number. Some dialers connect to local Internet Service Providers and are beneficial as configured. Others connect to toll numbers without user awareness or permission.

Trojan: Any program with a hidden intent. Trojans are one of the leading causes of breaking into machines. If you pull down a program from a chat room, new group, or even from unsolicited e-mail, then the program is likely trojaned with some subversive purpose. The word Trojan can be used as a verb: To trojan a program is to add subversive functionality to an existing program. For example, a trojaned login program might be programmed to accept a certain password for any user's account that the hacker can use to log back into the system at any time. Rootkits often contain a suite of such trojaned programs.

Variants:
  • Trojan.Win32.Dialer.ac
  • Trojan.Win32.Dialer.an
  • Trojan.Win32.Dialer.bh
  • Trojan.Win32.Dialer.ck
  • Trojan.Win32.Dialer.cl
  • Trojan.Win32.Dialer.cu
  • Trojan.Win32.Dialer.e
  • Trojan.Win32.Dialer.j
  • Trojan.Win32.Dialer.r
    		•

    Similar Pests:

    		 Dialer · Trojan

    Origins

    Author:

    		 BW Telecom

    Date of Origin:

    		 Variants from January, 2004 to March, 2005

    Distribution

    Prevalence:
  • Trojan.Win32.Dialer.bh: 0.1%
  • Trojan.Win32.Dialer.cl: 0.1%
  • Trojan.Win32.Dialer.e: 0.5%
  • Trojan.Win32.Dialer.j: 1.1%
    • More Info

    Clot Factor:
  • Trojan.Win32.Dialer.bh: < 1

    • The "Clot Factor" is a measure of how much a pest "gums up" a machine by adding registry entries, files, and directories. As more objects are placed in a machine, manual removal becomes more difficult and more error-prone.

    Growth:
  • Trojan.Win32.Dialer.e: Insufficient data to report growth
    		•

    Operation

    Storage Required:
  • Trojan.Win32.Dialer.ac: at least 9 KB
  • Trojan.Win32.Dialer.an: at least 25 KB
  • Trojan.Win32.Dialer.bh: at least 25 KB
  • Trojan.Win32.Dialer.ck: at least 49 KB
  • Trojan.Win32.Dialer.cl: at least 93 KB
  • Trojan.Win32.Dialer.cu: at least 25 KB
  • Trojan.Win32.Dialer.j: at least 13 KB
  • Trojan.Win32.Dialer.r: at least 49 KB
    		•

    Detection and Removal

    Automatic Removal:

    PestPatrol detects this.

    PestPatrol removes this.

    Manual Removal:

    		 Follow these steps to remove Trojan.Win32.Dialer from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake.
    Stop Running Processes:

    Kill these running processes with Task Manager:

    Remove AutoRun Reference:

    Go To the key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run.
    If you find the value HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\diskstart, delete it and reboot the machine immediately.



    Clean Registry:

    Remove these registry items (if present) with RegEdit:

    Remove Files:

    Remove these files (if present) with Windows Explorer:

    Remove Directories:

    Remove these directories (if present) with Windows Explorer:

    Research

    File Analyses:

    More Info:
  • AllTheWeb, AltaVista, AOL Search, Ask Jeeves, Google, HotBot, Lycos, LookSmart, MSN, Yahoo!
    		•

    Research By:
  • PestPatrol's Pest Research Center
    		•

    Last Revised:

    		 April 05, 2005