Dialer.Diver

Dialer.Diver

Updated:
June 20, 2006
Risk Impact:
High
Systems Affected:
Windows

Behavior

Dialer.Diver is a dialer application that can be used to access some services, which are often pornographic in nature, by dialing high-cost numbers using a modem.

Antivirus Protection Dates

  • Initial Rapid Release version October 02, 2014 revision 022
  • Latest Rapid Release version October 02, 2014 revision 022
  • Initial Daily Certified version June 19, 2006
  • Latest Daily Certified version September 28, 2010 revision 036
  • Initial Weekly Certified release date June 21, 2006
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Dialer.Diver is a dialer application that can be used to access some services, which are often pornographic in nature, by dialing high-cost numbers using a modem.

Once Dialer.Diver is executed, it creates the following files:
%System%\pass[RANDOM NUMBER].htm
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Non Cliccare Prive'.lnk
%UserProfile%\Desktop\Non Cliccare Prive'.lnk
%UserProfile%\Favorites\Non Cliccare Prive'.lnk
%UserProfile%\My Documents\Non Cliccare Prive'.lnk
%UserProfile%\Start Menu\Programs\Non Cliccare Prive'.lnk
%UserProfile%\Start Menu\Non Cliccare Prive'.lnk
%UserProfile%\Desktop\ArchivioFilesDivertenti.exe

The security risk then dials preset high-cost numbers using a modem, and sometimes without the knowledge of the user.

It also adds a section called "[Help and Internet]" to the following file:
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk\rasphone.pbk.