Home Malware Programs Dialers Holystic dialer

Holystic dialer

Posted: March 28, 2006

A dialer that places a file on the desktop an write info into the registry. Even if you remove an executable from your desktop, a dialer is still present.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 hol286519643.exe

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOThol_preload.full.1HKEY_CURRENT_USERsoftwareholistycHKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionmoduleusagec:/winnt/system32/preload.ocxHKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionshareddllsc:winntsystem32preload.ocx
  • The following CLSID's were detected:
    HKEY..\..\{CLSID Path}03c543a1-c090-418f-a1d0-fb96380d601d
Loading...