MoneyTree Dialer Definition - Dialer Spywares, Adwares, Viruses Reviews and Info

Main Menu

Categories

Adware
Adware Bundler
AOL Exploit
Backdoor
Browser Hijacker
Browser Plug-in
Commercial Key Logger
Commercial Remote Control
Cookie
Dialer
E-Mail Flooder
Hostile ActiveX Control
ICQ Exploit
Joke Program
Key Logger
Loader
Low Risk Adware
Misc
Nuker
P2P
Password Hijacker
Potential Privacy Risk
Potentially Dangerous Tools
RAT
Search Hijacker
Security Disabler
Spyware
Stealth Notifier
Surveillance
Toolbar
Trojan
Trojan Downloader
Trojan FTP
Trojan Telnet
Viruses
Worm

MoneyTree Dialer Information

Name:	MoneyTree
Category:	Dialer
Advice:	Remove
Risk:	Severe Risk Severe threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild. There exists a high possibility of potential system damage or security flaw. Attacker has complete control over your computer or install new software on your machine.
Description:	MoneyTree is an ActiveX control used to download premium-rate dialers, generally for porn sites. Each time MoneyTree is run, on system startup, it tries to connect to a pornographic website. MonyeTree is loaded by ActiveX drive-by-download in pages operated by mtree (domains such as mtreexxx.nl), which are often redirected to by pop-up advertisements, 404 pages at porn hosts and misspelled domains. MonyeTree may also install a Browser helper Object (BHO). MonyeTree may also use direct EXE file downloads to distribute the same dialers; this process does not leave an ActiveX control loaded. MoneyTree variants: MoneyTree/NSUpdate: installs nsupdate.dll and NSupd9x.inf in the Downloaded Program Files folder. MoneyTree/NSLite: installs nslite.dll and nslite.inf in the Downloaded Program Files folder. MoneyTree/UniDist: installs UniDist.ocx and UniDist.inf in the Downloaded Program Files folder. MoneyTree/MultiDist: installs MulDist.ocx and MulDist.inf in the Downloaded Program Files folder. MoneyTree/DyFuCA: installs dyfuca.ocx and dyfuca.inf in the Downloaded Program Files folder. This variant typically installs the InternetOptimizer parasite. The DyFuCA variant typically installs the InternetOptimizer threat which is an error page hijacker for Internet Explorer.
Signatures:	process: actalert.exe: MD5 Hash: 57899f0656b3b9e5564... process: optimize.exe: MD5 Hash: 271693dcdd4500acb37... process: actalert.exe: MD5 Hash: 7745965901e3315b9f3... process: actalert.exe: MD5 Hash: 737afb4e4064c51094b... process: optimize.exe: MD5 Hash: 40f6c65132438a90a74... process: stmtdlr.exe: MD5 Hash: cea6d2afa1604f51b56... process: stmtdlr.exe: MD5 Hash: a8b9124ed3b08a28b07... process: view_sex_now.exe: MD5 Hash: 1852579af4fe7792a08... process: stmtdlr.exe: MD5 Hash: ... process: optimize.exe: MD5 Hash: ... process: optimize[1].exe: MD5 Hash: ..
Type:	Dialer - A Trojan software is any software on a user's computer that the user is not aware or intentionally installed. Most Trojan software is designed to perform some sort of actions that could jeopardize the user's security or privacy.

Top Dialer Visited Pages:

Pornosex.Sesso - 386 visits
Pornosex - 299 visits
Trojan:Win32/Adialer.HT - 48 visits
Nocreditcard Sex Dialer - 46 visits
BTWebControl - 46 visits
Central24 - 39 visits
Dialer.Thehun - 39 visits
TIBS Premium Rate Dialer - 38 visits
SexyBills - 37 visits
Dialer.Wink - Alias: AutoSearchBHO, MSInfoSys - 35 visits

Random Dialer Pages:

Eros Dialer
SexMansion.com
Sendman
Dialer.DirectPlugin - Alias: DirectPlugin
RAS Dialer
Dialer.CCAccess
RedLabel Porn Dialer ScreenSaver
podrnodzone
ActiveX Dialer Offshoreclicks
Dialer.Thehun

� 2006-2008 spyware32.com - Privacy Policy