[virusinfo] Dial/DialCar-I

• From: "Mike" <mikebike@xxxxxxxxx>
• To: virusinfo@xxxxxxxxxxxxx
• Date: Fri, 17 Jun 2005 13:11:03 -0700

From; Sophos Alert System:

Name: Dial/DialCar-I
Aliases: Dialer-221, Trojan.Win32.Dialer.q
Type: Dialer
Date: 17 June 2005

Sophos has issued protection for Dial/DialCar-I.

At the time of writing, Sophos has received a small number of
reports of this virus from the wild.

Customers using EM Library, Enterprise Console, PureMessage or
any of our Sophos small business solutions will be automatically
protected at their next scheduled update.


Information about Dial/DialCar-I can be found at:
http://www.sophos.com/virusinfo/analyses/dialdialcari.html

Dial/DialCar-I is a dialer application. 
When first run, the application displays a message box containing the following 
text: 
Scegliere "Si" per ricaricare i propri crediti, scegliere "No" per accedere 
direttamente. 
If the user clicks YES to the message box and agrees to install the content 
from the following security warning then the dialer will be run, switching the 
internet connection to a predetermined number. If the user clicks NO, the 
application automatically connects to a predetermined website. 
If the user agrees to install the program, the dialer copies itself to the 
Windows folder as MAPPE.EXE, and creates a link to this file on the Desktop. 
The application may change internet security settings. 

The Dial/DialCar-I virus identity file (IDE) includes detection for:


Troj/PageDrag-A
http://www.sophos.com/virusinfo/analyses/trojpagedraga.html
Troj/QQDragon-F
http://www.sophos.com/virusinfo/analyses/trojqqdragonf.html
Troj/Lineage-R
http://www.sophos.com/virusinfo/analyses/trojlineager.html
Troj/Dulldoor-A
http://www.sophos.com/virusinfo/analyses/trojdulldoora.html

Customers with 3.xx or lower versions of Sophos Anti-Virus, 
who are not running EM Library, can manually download the IDE
for Dial/DialCar-I from:

http://www.sophos.com/downloads/ide/dialca-i.ide

Read about how to use IDE files at
http://www.sophos.com/support/knowledgebase/article/363.html

*********** MIKE"S REPLY SEPARATOR  ***********
Mike ~ It is a good day if I learned something new.
Editor MikesWhatsNews see a sample on my web page
http://www3.telus.net/mikebike
<mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe>
http://www3.telus.net/mikebike/worm_removal.htm
See my Anti-Virus pages  http://virusinfo.hackfix.org/index
<virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe>
A Technical Support Alliance  and OWTA Charter Member 

Other related posts:

• » [virusinfo] Dial/DialCar-I

1. Home
2. virusinfo
3. Archive
4. 06-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---