Updated: February 13, 2007 11:42:35 AM
Type: Dialer
Version: 1.15
Publisher: Electronic Group
Risk Impact: High
File Names:
%SYSTEM%\ActiveStripSetup.dll
%SYSTEM%\DialerOffline.dll
%SYSTEM%\GirlControlCom.dll
%PROGRAMFI
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
When Dialer.StripPlayer is installed, it does the following:
- Drops the file %SYSTEM%ActiveStripSetup.dll.
Note: %System% is a variable that refers to the System folder. By default this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
- Connects to the Internet and downloads stripsetup.exe.
- Runs stripsetup.exe and downloads other files.
- Drops the following DLL files:
- %SYSTEM%\DialerOffline.dll
- %SYSTEM%\GirlControlCom.dll.
- Creates %ProgramFiles%\strip-player, which contains various files needed to run the program.
Note: %ProgramFiles% is a variable that refers to the program files folder. By default, this is C:\Program Files.
- Creates the following registry subkeys:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
\{BC23F736-C5BE-47FB-B459-1757933E5DF3
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib
\{357AA41A-B7A8-4632-A27D-5B980B25CF43}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ActiveStripSetup.EGStripDownload
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ActiveStripSetup.EGStripDownload.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database
\Distribution Units\{E3F7205F-2AE0-4BF0-816B-2D24A5F20EC7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage
\C:/WINDOWS/System32/ActiveStripSetup.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID
\{CABD7099-6B04-471D-8371-9FDE9C2E6BEA}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID
\{CEB29DA4-7AFA-4F24-B3CD-17351D590DF0}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
\{1773B696-B019-4FC1-9EED-B1C7F925F56A}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
\{20270406-63AD-4C7E-AE8D-BB632E508ACE}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
\{271D7D74-8E6D-4E6C-86F5-66C064CFB74D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
\{89161220-A3D9-464F-848C-4EBE0546697D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
\{BC23F736-C5BE-47FB-B459-1757933E5DF3}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib
\{357AA41A-B7A8-4632-A27D-5B980B25CF43}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib
\{A8882720-E26C-4073-8B8A-981D32882AF7}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib
\{B0ACF771-F0F7-461F-BEF3-5B1A3BA42F51}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DialerOffline.COMDialer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DialerOffline.COMDialer.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GirlControlCom.GirlCom
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GirlControlCom.GirlCom.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database
\Distribution Units\{E3F7205F-2AE0-4BF0-816B-2D24A5F20EC7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
\Uninstall\Strip-Player
HKEY_ALL_USERS\Software\Microsoft\SystemCertificates\TrustedPublisher
\Certificates\BD8400524261DF1ADBD8860F22C9CE2B97471448
- Modifies the following registry subkey:
HKEY_ALL_USERS\Software\Microsoft\Internet Explorer\Main\ Error Dlg Details Pane Open
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
