« Vista Antivirus 2008
Ultimate Antivirus 2008 »

DyFuCA

No Comments
GoldSparrow By GoldSparrow in Dialers | 33 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

DyFuCA Description

DyFuCA is a porn dialer, which connects to pornographic servers and sites by employing the user’s modem. DyFuCA runs at startup and may be spread through the Internet as an Internet Optimizer Utility. DyFuCA may also install other adware and malware onto the user’s computer. These dials, which run through the user’s phone line, will result in expensive phone rates.

Type: Dialers

How Can You Detect DyFuCA?

 
 

Download SpyHunter’s Detection Scanner
to Detect DyFuCA.

 
 

DyFuCA Technical Report

As new DyFuCA details are reported by our customers and findings from our Threat Research Center, we will update this section.

The following DyFuCA files with its MD5s were created in the system:

File Name File Size MD5
actalert.exe 40480 fe4c6a22c692d8455eecd04ccd477df3
optimize.exe 53120 be4fb4a9bfb765d29da8fa405c87160a

DyFuCA has typically the following processes in memory:

  • actalert[1].exe
  • isetup.exe
  • nem214.dll
  • wsem218.dll
  • isetup.dll
  • nem211.dll
  • update.exe
  • idctup20.exe
  • nem220[1].dll
  • optimize[1].exe
  • actalert.exe
  • nem220.dll
  • wsem216.dll
  • wsem303.dll
  • nem210.dll
  • preinstt.exe
  • goldentiger.exe
  • view-m~1.exe
  • optimize310.exe
  • optimize.exe
  • ssupdate.exe
  • nem219.dll
  • wsem302.dll
  • wsem210.dll
  • iopti130.dll
  • setup.exe
  • comedy.exe

DyFuCA creates the following registry entries:

  • SOFTWAREMicrosoftWindowsCurrentVersionAppManagementARPCacheDyFuCAActiveAlertconnect2party.exe
  • 00000010-6F7D-442C-93E3-4A4827C2E4C8
  • Microsoft\Windows\CurrentVersion\policies\AMeOpt
  • cea206e8-8057-4a04-ace9-ff0d69a92297
  • 0BE10B0D-B4DB-4693-9B1F-9AEAD54D17DC
  • FCI\DyFuCA Active Alert
  • Setup.Player.1
  • FCI\DyFuCA Browser Helper
  • DyFuCA_BH.BHObj.1
  • SOFTWAREMicrosoftWindowsCurrentVersionAppManagementARPCacheDyFuCAconnect2party.exe
  • SOFTWAREMicrosoftWindowsCurrentVersionAppManagementARPCacheDyFuCAActiveAlert
  • Software\Microsoft\Internet Explorer\URLSearchHooks\_CFBFAE00-17A6-11D0-99CB-00C04FD64497
  • Microsoft\Windows\CurrentVersion\App Management\ARPCache\Internet Optimizer
  • dyfuca_bh.sinkobj.1
  • 405FD721-04EF-4EF2-AB96-FB31D32D4643
  • Setup.Player
  • FCI\DyFuCA
  • DyFuCA_BH.BHObj
  • 40B1D454-9CA4-43CC-86AA-CB175EAC52FB
  • SoftwarePoliciesAvenueMedia
  • SOFTWAREMicrosoftWindowsCurrentVersionAppManagementARPCacheDyFuCA
  • 8F4E5661-F99E-4B3E-8D85-0EA71C0748E4
  • Policies\Avenue Media
  • dyfuca_bh.sinkobj
  • Avenue Media
  • 90C9629E-CD32-11D3-BBFB-00105A1F0D68
  • FCI
  • F7F808F0-6F7D-442C-93E3-4A4827C2E4C8
  • 1C01D150-91A4-4DE0-9BF8-A35D1BDF1001

Important Article Disclaimer

ESG Support Center

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Furl
  • StumbleUpon
  • Technorati
  • YahooMyWeb
This entry was posted on 06/8/08 and is filed under Dialers. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Top Malware

Recommended Products

Featured Videos

Poll

How much money have you spent trying to rid your PC of spyware?
View Results

Recent Articles

Top FAQs

Follow Us on Twitter

Archives

Home Sitemap RSS Feed Privacy Policy End User License Agreement Copyright 2003-2010. Enigma Software Group USA, LLC. All Rights Reserved.