||||
Symantec.com > Security Response > Threats and Risks > Dialer.Desire
PRINT THIS PAGE

Dialer.Desire

Printer Friendly Page

Updated: February 13, 2007 11:34:56 AM
Type: Dialer
Risk Impact: High
File Names: desire.exe,Desire-uninstall.exe
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP


When Dialer.Desire runs, it does the following:
  1. Creates the following folder and subfolders:

    %ProgramFiles\dialers\dialers
    %ProgramFiles\dialers\dialers\desire
    %ProgramFiles\dialers\dialers\subcriptions

    Note: %ProgramFiles% is a variable that refers to the path of the program files folder. By default, this is C:\Program Files.

  2. Copies itself as the following:
    • %ProgramFiles%\dialers\desire\desire.exe
    • %System%\Desire-uninstall.exe

      Note: %System% is a variable. The dialer locates the System folder and copies itself to that location. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).

  3. Adds the value:

    "Desire"="%ProgramFiles%\dialers\desire\desire.exe /<option>"

    to the registry key:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

    so that the dialer runs when you restart Windows.

    Note: <option> can be "noconnect," "savestate," "menu," "uninstall," or "install."

  4. Creates the following new keys and sub keys:

    HKEY_CURRENT_USER\Software\SiteIcons
    HKEY_CURRENT_USER\Software\SiteIcons\Dialers
    HKEY_CURRENT_USER\Software\SiteIcons\Dialers\Desire
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
    Uninstall\Desire
    HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-DESIRE
    HKEY_CLASSES_ROOT\.DESIRE
    HKEY_CLASSES_ROOT\DESIRE File
    HKEY_CLASSES_ROOT\DESIRE File\shell
    HKEY_CLASSES_ROOT\DESIRE File\shell\open
    HKEY_CLASSES_ROOT\DESIRE File\shell\open\command

  5. Adds the value:

    "Default" = "%ProgramFiles%\dialers\desire\desire.exe %1"

    to the registry key:

    HKEY_CLASSES_ROOT\DESIRE File\shell\open\command

  6. Adds the value:

    "application/x-DESIRE" = "%ProgramFiles%\dialers\desire\desire.exe %1"

    to the registry key:

    HKEY_USERS\.DEFAULT\Software\Netscape\Netscape Navigator\Viewers

  7. Creates a shortcut icon on the Windows Desktop and System Tray.

  8. Runs the file, %ProgramFiles\dialers\desire\desire.exe.

  9. Drops a subscription Web page as:

    %ProgramFiles%\dialers\subcriptions\SubsDone.html

  10. When the dialer runs, it opens Internet Explorer and displays the following page:




Search by name
Example: W32.Beagle.AG@mm
Limited Time Offers! Save up to 50%
Windows Vista Security
©1995 - 2009 Symantec Corporation
Site Map|
Legal Notices|
Privacy Policy|
|
Contact Us|
Global Sites|
License Agreements|
RSS