Threat Information for "TrafficAdvance.net Dialer"
| Summary | Top |
- Name: TrafficAdvance.net Dialer
- Aliases:Generic.Dialer.05C335AB, Dialer-687, Trojan.Diamin.bg, Dial/267, Trojan.Win32.Diamin.cm, Dialer-267
- Date Discovered: 2006-08-17
- Protection Added: 2006-08-24
| Description | Top |
-- Ease of Removal 1: Uses running processes 2: Consistent file contents 3: Consistently named 4: Creates new registry entries with consistent data -- Privacy Risks/Security Changes 1: Attempts to dial a phone number -- Damage/Intrusion/Annoyance 1: Changes browser home page 2: Autoruns at startup without an option to be disabled 3: Creates other user visible icons [SPYWARE ONLY] 4: Creates taskbar notification area icons [SPYWARE ONLY] 5: Creates third-party icons on desktop [SPYWARE ONLY] 6: Displays targeted popup advertisements [SPYWARE ONLY] -- Propagation/Saturation 1: Creates new files 2: Infects by Active-X Control
| Technical Details | Top |
- Added Directory/File:
FilePath: %USERDESKTOP%\Passepartout.lnk - Added Directory/File:
FilePath: %USERPROGRAMS%\FASTTRACK - Added Directory/File:
FilePath: %USERPROGRAMS%\FASTTRACK\Passepartout Disinstalla.lnk - Added Directory/File:
FilePath: %WINDIR%\Passepartout.exe - Added Directory/File:
FilePath: %WINDIR%\Downloaded Program Files\CONFLICT*\*.exe* chkSum MD5: 91db30b0525168f09bfeae0fafa10e64 - Added Directory/File:
FilePath: %USERPROGRAMS%\FASTTRACK\Passepartout.lnk - Added Registry Key:
Key: HKCU\Software\FASTTRACK - Added Registry Data:
Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\Passepartout.exe - Added Registry Data:
Key: HKCU\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %WINDIR%\Passepartout.exe
