Dial/SiteIcon-B

Category: Viruses and Spyware
Type: Trojan Dialer
Prevalence: No Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Dial/SiteIcon-B is a dialer application.

Dial/SiteIcon-B includes functionality to access the internet and communicate with a remote server via HTTP.

When first run Dial/SiteIcon-B copies itself to:

<Program Files>\comsoft\dialers\hotaction_hr\hotaction_hr.exe
<System>\HotAction_hr-uninstall.exe

and creates the following files:

<Desktop>\HotAction_hr.lnk
<User>\Start Menu\HotAction_hr.lnk
<Start Menu\Programs>\HotAction_hr.lnk

The following registry entry is created to run hotaction_hr.exe on startup:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HotAction_hr
<Program Files>\comsoft\dialers\hotaction_hr\hotaction_hr.exe /noconnect

Registry entries are set as follows:

HKCU\Software\Netscape\Netscape Navigator\User Trusted External Applications\<Program Files>\comsoft\dialers\hotaction_hr
hotaction_hr.exe
yes

HKCU\Software\Netscape\Netscape Navigator\Viewers
application/x-cnty
<Program Files>\comsoft\dialers\hotaction_hr\hotaction_hr.exe %1

Registry entries are created under:

HKCU\Software\Comsoft\Dialers\HotAction_hr\
HKCU\Software\Netscape\Netscape Navigator\Suffixes\
HKCU\Software\Netscape\Netscape Navigator\Viewers\
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HotAction_hr\
HKCR\.cnty\
HKCR\MIME\Database\Content Type\application/x-cnty\

Dial/SiteIcon-B provides an uninstall option which can be accessed via the Add or Remove Programs dialog in the Windows Control Panel. The software is listed as "HotAction_hr".