| Name: |
IEDisco |
| Category: |
Dialer |
| Advice: |
Remove |
| Risk: |
Severe Risk
Severe threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild. There exists a high possibility of potential system damage or security flaw. Attacker has complete control over your computer or install new software on your machine. |
| Description:
|
IEDisco is a premium dial that tries to kill antivirus and firewall apploications to prevent detection.
IEDisco downloads and installs C:WindowsSysres.exe from a Web site. It then stops the following softwre firewall processes:
SYMPROXYSVC.EXE
SMC.EXE
PERSFW.EXE
AGENTW.EXE
ZONEALARM.EXE
BLACKICE.EXE
IEDisco then Wintrim.exe and stops the following adware/spyware processes:
CMESys.exe
GMT.exe
It then dials randomly generated preium rate numbers.
|
| Signatures:
|
process: dialer.exe: MD5 Hash: 7bc8b9206699875486b...
process: iedisco.exe: MD5 Hash: f177f4cbdc0943efbd1...
process: iedisco.exe: MD5 Hash: .. |
| Type: |
Dialer - A Trojan software is any software on a user's computer that the user is not aware or intentionally installed. Most Trojan software is designed to perform some sort of actions that could jeopardize the user's security or privacy. |
