Tuesday, January 17, 2006

Download Trial Software EZ Antivirus

C:\Windows\Systems\MaxD64.Exe is Win32.sillentcaller.V"Trojan
Analisa gue trojan ini karena sering akses Adult site or situs porno, gue udah pake spyboot software buat anti spam juga scan pakai Norton tapi pas proses scan ke Win system PC langsung Hang, masuk ke Panda Online gitu juga padahal trojan ini ga bahaya banget..detail nya bisa lihat dibawah..
Nach gue inget dan coba download anti Virus EZ dari CA Centre solution.
Versi Trial tapi lumayan jika mendadak butuh untuk remove virus. Software ini langsung mendelete virus bukan Quarantine yang di temukan pada proses scan tidak seperti Panda Antivirus yang hanya bisa scan dan detect tapi tidak bisa delete.

Untuk Mendownload versi trial hanya perlu registrasti dan kita akan mendapat confiramasi by email.
Instruksi selanjutnya lihat di email kita atau di web site

Description Published: Monday, June 27, 2005
Description Modified: Thursday, October 06, 2005

Threat Assessment
Overall Risk: Very Low

Very Low
Wild: Low

Low
Destructiveness: Low
Low
Pervasiveness: None
None

Characteristics

Type: Trojan
Category: Win32
Also known as Dialer-263 (McAfee), W32/Agent.DUU (Norman), W32/Dialer (Norman), Win32/Dialer.10528!Trojan, TROJ_DIALER.BP (Trend), Win32/Dialer.NAD (F-Secure), Dial/Dialer-F (Sophos), Dial/Dialer-U (Sophos), Win32/Dilya!Trojan, TROJ_DILYA.A, W32/Dilya.A (F-Secure), Troj/Dilya-A (Sophos), Troj/Dloader-OH (Sophos), Dialer-gen (McAfee), Dialer-Generic (McAfee), W32/Padish.A (Norman), Win32/Padish.A!Dialer!Trojan, W32/Padish.A@dial (F-Secure), Win32/Qdial.6608!Trojan, Win32/Qdial.8520!Trojan, QDial15 (McAfee), Dialer-RAS.ae.gen (McAfee), Dialer-RAS.cl.gen (McAfee), Dialer-RAS.dk.gen (McAfee), Win32/SilentCaller!Trojan, Win32/SilentCaller.30278!Trojan, Win32.SilentCaller.A, Win32/SilentCaller.A.Trojan, Win32.SilentCaller.B, Win32/SilentCaller.B!Trojan, Win32.SilentCaller.C, Win32/SilentCaller.C!Trojan, Win32.SilentCaller.D, Win32.SilentCaller.E, Win32/Silentcaller.E!Trojan, Win32.SilentCaller.F, Win32/SilentCaller.F!Trojan, Win32.SilentCaller.G, Win32.SilentCaller.H, Win32.SilentCaller.I, Win32.SilentCaller.J, Win32.SilentCaller.K, Win32/SilentCaller.K!Trojan, Win32.SilentCaller.L, Win32/SilentCaller.L!Trojan, Win32.SilentCaller.M, Win32.SilentCaller.N, Win32.SilentCaller.O, Win32.SilentCaller.V, Dial/TlfLic-C (Sophos), Unknown Dialer (Pest Patrol), Trojan-Downloader.Win32.Agent.no (Kaspersky), Trojan.Win32.Dialer.a (Kaspersky), Trojan.Win32.Dialer.ay (Kaspersky), Trojan.Win32.Dialer.ht (Kaspersky), Trojan.Win32.Dilya (Kaspersky)


Immediate Protection Info

This threat is detected by the latest signature updates

Download Signature Files Download Signature Files
Scan For Viruses Scan For Viruses
Cleaning Utilities Cleaning Utilities
Submit a Virus Sample Submit a Virus Sample

Description

Silentcaller is a family of trojan dialling applications, which install a new entry into the affected computer's RAS phonebook. They then either dial this new connection and open a web page using Internet Explorer, or exit and allow the new server to be dialled when the user next connects to the Internet. Newer variants are able to use the default web browser as well as Internet Explorer to display URLs.

Some variants try to entice the user into visiting a pornographic web site, while others just allow the user to surf the web, with all their traffic directed through the writer's servers, and potentially being monitored for sensitive information.

While installing, some variants query a remote server at a specified address to get a current dial-up phone number, while others contain a pre-configured dial-up number. One of the more common phone numbers currently points to a location in Austria (needless to say, for most users on the Internet, this might be a very expensive phone call).

Some variants of this family may also include a URL monitor which is dropped as a .DLL in the %System% folder.

Some variants do not install themselves on the local machine, relying intsead on other malware to drop and execute them. Other variants commonly copy themselves into the %Windows% or %System% folders of the affected machine.

Note: '%System%' and '%Windows%' are variable locations. The malware determines the location of these folders by querying the operating system. The default installation location for the System directory for Windows 2000 and NT is C:\Winnt\System32; for 95,98 and ME is C:\Windows\System; and for XP is C:\Windows\System32.The default installation location for the Windows directory for Windows 2000 and NT is C:\Winnt; for 95,98 and ME is C:\Windows; and for XP is C:\Windows.

Analysis by Paul Taylor
Posted by Unknown at Tuesday, January 17, 2006

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)