Quick Links: SpywareGuide Greynets Blog | SpywareGuide Product Database | SpywareGuide Company Database | SpywareGuide Categories
Search SpywareGuide Database & Site
Security Email Alerts & Updates
SpywareGuide powered by FaceTime Security Labs
 
Full Name:
 IpBill.Dialer Websearch   Read More
Type: Dialer
Also Known as: Coulomb Dialer comload Saristar Pornpaq Downloader-BR(McAfee)
Created by: Comload
SG Index: 7 [Explain]
Removal tools: List of products that detect/remove/protect against IpBill.Dialer:
  • Control IM and P2P use, block spyware and other malware: RTGuardian
  • Endpoint Spyware Remediation: Greynet Enterprise Manager
  • IM, P2P control, malware prevention and web filtering in single appliance: Unified Security Gateway
    		•
    Category Description: A program that can secretly change your dialup connection setting so that instead of calling your local internet provider, your PC calls are routed to an expensive 0900 or international phone number.
    Official Description: Comload is an ActiveX control placed on web sites to load and run executable files, notably premium-rate diallers. One of the types of dialler installation used by Coulomb, through ActiveX drive-by-download on porn-related pages.
    Comment: After the control is installed, any web page has the ability to run any executable file on the local machine.
    Information URL: http://www.coulomb.co.uk/
       
    Manual removal: Open the registry (Start->Run->regedit) and remove the following keys:

    HKEY_CLASSES_ROOT\Comload.loader
    HKEY_CLASSES_ROOT\Comload.loader.1
    HKEY_CLASSES_ROOT\Comload.loader2
    HKEY_CLASSES_ROOT\Comload.loader2.1
    HKEY_CLASSES_ROOT\dctl
    HKEY_CLASSES_ROOT\CLSID\{9E1089BC-1AE8-4685-8D77-6721E5C318A8}
    HKEY_CLASSES_ROOT\CLSID\{AD7FAFB0-16D6-40C3-AF27-585D6E6453FD}
    HKEY_CLASSES_ROOT\Interface\{19E91D82-7AD7-419F-866A-58C122DB1459}
    HKEY_CLASSES_ROOT\Interface\{F5F779A9-24E5-4BCD-9AE5-6313D4B5AC24}
    HKEY_CLASSES_ROOT\TypeLib\{266F948A-3DEE-4270-8F55-E79ACCD569FA}
    Then open the System folder (inside the Windows folder, named 'System32' under Windows XP/2000/NT or just 'System' under Windows Me/98/95), and delete the file 'comload.dll'.

    Properties:
  •  Adds other software
  •  Autostarts/Stays Resident
  •  Changes browser
  •  Dials toll numbers
  •  Stealth Tactics
    		•

    Click here to leave feedback for this product
    Help with the BUST!
    Become A Spyspotter!
    Bust the Bad Guys!
    Click here and give us what details you have and let our international research team take it from there. If you desire your report will remain anonymous.
    Recent Blog Posts
  • A Year In Security
  • Youtube Comment Bot Spams In Waves
  • VGA Awards Trailers Used As Bait For Spam Offers
  • Fake Visa Electronic Report Serves Up Zbot Data Stealer
  • Banned Console Owners Beat The System - With Stickers
  • Spot The Hack
  • The Futility Of EULAs
  • Auto Whaler Spears Phishers
  • Fake Porn Grabbers Snag Nothing But Malware
  • Console DDoS Botnets - A Thriving Industry
    • Recent Modifications
    2010-8-31  17lele
    2010-7-1  W32/AIM.552-B
    2010-6-9  Powwabar
    2010-3-11  Email Threats
    2010-3-9  WeBuying
    2010-3-9  HappytoFind
    2010-3-5  PaintBrush
    2010-3-5  Downloader-Tadpu
    2010-3-4  Unclassified Trojans
    2010-3-2  ParisVoyeur
     

    Site EULA | Site Map | Contact Us | About Us | Site and Spyware FAQ | Advertise | RSS Feeds  | Link To Us | SpywareGuide Japan Japanese

    © Copyright 2007, FaceTime Communications, Inc. All rights reserved.