Aliases: Trojan.Win32.Makecall, Trojan:Win32/Makecall
Variants: Trojan:Win32/Makecall.I

Classification: Malware
Category: Trojan Horse

Status: Inactive
Spreading: Slow
Geographical info: N/A
Removal: Hard
Platform: W32
Discovered: 01 Apr 2003
Damage: Low

Characteristics: Using the Visual Basic programming language, this malware was designed by its malicious author to make use of the electronic Bulletin Board System service as a transport mechanism for the delivery of its intended payload. Since the W32.Makecall.Trojan relies mostly on dialup connections, its presence in an infected computer system results in exorbitant telephone bills for the computer user. The most significant sign of its presence in any machine is its executable file.

More details about W32.Makecall.Trojan

Upon execution of the W32.Makecall.Trojan in a vulnerable computer system it will immediately create an executable file which it will store in the same directory folder used by legitimate operating system processes. This malware will modify the entries in the Windows Registry by creating a new key value that is associated to its executable file. The W32.Makecall.Trojan uses the key entry to gain automatic startup functionality allowing it to load together with the operating system. Consistent with the characteristics of most Trojan Horses this malware requires the intervention of the computer user to effectively deliver its intended payload. The W32.Makecall.Trojan can be used to lower the security settings of the infected computer system to allow it to connect to remote systems without being blocked.

According to majority of antivirus developers the W32.Makecall.Trojan will attempt to make use of the Remote Access Service of the operating system to log onto electronic Bulletin Board Systems. The address of the targeted systems is hard coded into the body of the W32.Makecall.Trojan malware. The W32.Makecall.Trojan is considered as inactive primarily due to the minimal usage of dialup connections to the Internet. The number of electronic Bulletin Board Systems have also reduced significantly to make a dramatic impact on computing systems. Manual Removal can be done by deleting its executable file from the compromised computer system in Safe Mode.