Updated: February 13, 2007 11:33:55 AM
Type: Dialer
Publisher: Haldex Ltd
Risk Impact: High
File Names: Dvd.exe,Wininit.ini
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
When Dialer.Haldex is executed, it performs the following actions:
- Drops the file, %Windir%\Wininit.ini.
Note: %Windir% is a variable. The dialer locates the Windows installation folder (by default, this is C:\Windows or C:\Winnt) and copies itself to that location.
- Adds the subkey:
HaldexLtd-od-stnd245
to the registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall
- Adds the value:
"sws.exe" = "C:\Program files\HaldexLtd\stnd245\<filename.exe> -remove"
to the registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
where <filename.exe> is the name of the Dialer.Haldex executable file that was first run on the system.
- Creates the directory, C:\Program Files\HaldexLtd, and copies files into it.
- Creates a link to Dialer.Haldex on the desktop.
- Adds Dialer.Haldex to the Windows Start menu.
- Adds an icon to the system tray.
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
