Dialer.Wink Dialer Information
Severe threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild. There exists a high possibility of potential system damage or security flaw. Attacker has complete control over your computer or install new software on your machine.
||Wink is a group of is an adult content dialers.
Some variants of Wink are actual diallers; others have had this function disabled and act as adware. Wink can download and execute arbitrary unsigned code from its controlling server at 184.108.40.206. It also puts an entry in Add/Remove Programs to run a file [variant name]_uninstall.exe in the Windows System folder, which doesnt uninstall the software, but in dialler variants makes the software hide instead of showing itself at startup.
Wink.Party : dialler, program file in filesdialersonline_partyonline_party.exe.
Wink.hot : various diallers: at least hot_swiss, hot_canada and hotsurprise_in have been seen. Program file is in the form dialershot_swisshot_swiss.exe.
Wink.HornyCam : various diallers: at least hornycam_jp has been seen. Program file is in the form comsoftdialershornycam_jphornycam_jp.exe.
Wink.EasyDates : various diallers: at least hornycam_jp has been seen. Program file is in the form comsoftdialerseasydates_jpeasydates_jp.exe.
Wink.UKVideo2 : another dialler, program file dialersukvideo2ukvideo2.exe.
Wink.VideoAction : more diallers: at least videoaction_se has been seen. Program file in the form comsoftdialersvideoaction_sevideoaction_se.exe.
Wink.DateMaker : more diallers: at least datemakerspain and datemakerintl have been seen. Program file in the form dialersdatemakerspaindatemakerspain.exe and so on. Uses registry key HKEY_CLASSES_ROOTdting File instead of WINK file. Detected by Sophos anti-virus as Dial.Datemake and by Panda anti-virus as Trj.Pornspa.
Wink.ASWnk : not a dialler. Opens pop-up ads from fassia.net. Program file is ASWnk.exe in a Program Files folder called primesoft.ASWnk.
Wink.nsdlua : not a dialler. Opens pop-up ads from 0-ol1oiz-xolxii1-oxli10ozl1l1-o-l-11-iizxp-l-0o-oll11iz0oil-ol.com. Program file is dialersnsdluansdlua.exe. This is known to be loaded as a fake pop-up-killer application by stopannoyingpopups.com; exploitation of an IE security hole is suspected here.
Wink.dluca : not a dialler. Program file is msinstalldlu32dlucadluca.exe, hidden in the Windows System folder instead of Program Files.
Wink.infwin : not a dialler. Program file is infwin.exe, hidden in the Windows System folder instead of Program Files.
Wink.win and Wink.win32 : not a dialler. Program file depends on country; at least winde.exe, win32us.exe, win32gb.exe have been seen, in the Windows System folder.
||process: ukvideo2.exe: MD5 Hash: c6a597ee443efcda854...
process: ukvideo2.exe: MD5 Hash: ..
||Dialer - A Trojan software is any software on a user's computer that the user is not aware or intentionally installed. Most Trojan software is designed to perform some sort of actions that could jeopardize the user's security or privacy.
Top Dialer Visited Pages:
Pornosex - 1100 visits
Pornosex.Sesso - 678 visits
Insestious - 179 visits
france.sex.com - Alias: Adultoweb Dialer changes your modem's dial-up settings and attempts to connect to a premium or inter - 166 visits
Dialer.Wink - Alias: AutoSearchBHO, MSInfoSys - 165 visits
BTWebControl - 163 visits
SexyBills - 162 visits
Dialer.Thehun - 160 visits
Coulomb Dialer - 118 visits
Trojan:Win32/Adialer.HT - 94 visits
Random Dialer Pages:
TIBS Premium Rate Dialer
SysWebTelecomInt - Alias: SPONSORadulto, SysWebTelecom