1. Join Now

    AVForums.com uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Computers making unwanted telephone calls

Discussion in 'Desktop & Laptop Computers Forum' started by Comer, Sep 8, 2004.

  1. Comer

    Comer
    Active Member

    Joined:
    Sep 21, 2001
    Messages:
    1,365
    Products Owned:
    1
    Products Wanted:
    0
    Trophy Points:
    51
    Location:
    Ireland
    Ratings:
    +82
    Three people have returned to work this year with stories of international calls on their phone bills that they did not make. One was for €400!!! :eek: It seems that their computers are making these calls. My understanding has always been that this happens because a person clicks YES to a download when accessing a (usually porn) website. This downloads a dialer which charges at a premium rate. One of the three people who have been caught insists that neither they nor anybody else in the house accessed porn. I wonder should I be sceptical of this because if it is true then it would seem that these dialers can get in completely undetected and that should give anyboby with a dialup connection major reason to worry

    My questions are:
    1. Can this happen if a person does not visit porn sites or does not click Yes to any downloads?
    2. How can we protect against this (if the answer to 1 is "Yes")
    3. If a PC has been infected, will lavasoft adware get rid of the problem (I ran it on a PC that was infected and it seemed to find a few dialers
    4. Can it happen with a broadband connection

    I'm sure that from this post it's obvious that I really don't fully understand what's going on here so any help greatly appreciated

    Conor
     
  2. buzlightyear

    buzlightyear
    Active Member

    Joined:
    Oct 8, 2002
    Messages:
    945
    Products Owned:
    1
    Products Wanted:
    0
    Trophy Points:
    46
    Location:
    London
    Ratings:
    +116
    Its not only porn sites that have these loaders. The best way is to set your internet Security setting to a high level. The settings below would stop diallers and Spyware/Adware getting onto your machine, The annoying part of this setup is that alot of normal site requite Active X. And you will be asked if you wish to allow the site to use active x.
    Mostly it is part to user error and saying yes to things, but if your settings are low then they can just download in the background.
    Daillers dont really affect Broadband. And spybot/adaware will get rid of Ad programs but you will also need to have a upto date virus checker as well because some of them replicate once deleted as the writers have put code into the windows registry,


    NET Framework-reliant components
    · Run components not signed with Authenticode (Disable)
    · Run components signed with Authenticode (Prompt)
    ActiveX controls and plug-ins
    · Download signed ActiveX controls (Prompt)
    · Download unsigned ActiveX controls (Disable)
    · Initialize and script ActiveX controls not marked as safe (Disable)
    · Run ActiveX controls and plug-ins (Enabled) (This actually refers to Java and Flash, not ActiveX)
    · Script ActiveX controls marked safe for scripting (Prompt)
    Miscellaneous
    · Access data sources across domains (Disable)
    · Drag and drop or copy and paste files (Prompt)
    · Installation of desktop items (Prompt)
    · Launching programs and files in an IFRAME (Prompt)
    · Navigate sub-frames across different domains (Prompt)
    · Software channel permissions (High safety)
    · Userdata persistance (Disable)
    Scripting
    · Allow paste operations via script (Prompt)
    · Scripting of Java applets (Prompt)


    Hope that helps,
     
  3. KraGorn

    KraGorn
    Active Member

    Joined:
    Aug 30, 2003
    Messages:
    4,740
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    68
    Location:
    Warrington
    Ratings:
    +27
    Just to add to that, as well as not only catching these from porn sites, you don't even need to use a web browser.

    If you use Outlook Express for e-mail you can infected with trojans like this simply by viewing e-mail if your systems aren't patched completely. Usually you'd need to open an attachment to infect yourself, but exploits in the past have been able to execute code simply by the mail appearing in the 'preview' panel.
     
  4. MartinImber

    MartinImber
    Active Member

    Joined:
    Apr 5, 2001
    Messages:
    3,851
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    71
    Location:
    Worcester
    Ratings:
    +21
    Lots of site have this sh!te not just porn - seen it twice in one week!
     
  5. Comer

    Comer
    Active Member

    Joined:
    Sep 21, 2001
    Messages:
    1,365
    Products Owned:
    1
    Products Wanted:
    0
    Trophy Points:
    51
    Location:
    Ireland
    Ratings:
    +82
    Thanks for the info.

    Can I be sure that adware has removed all this Sh?t from the PC or is a complete reformat necessary?

    Conor
     
  6. MartinImber

    MartinImber
    Active Member

    Joined:
    Apr 5, 2001
    Messages:
    3,851
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    71
    Location:
    Worcester
    Ratings:
    +21
    Run Adaware
    Run Spybot S & D
    Run an antivirus

    Download Zonealarm

    SHould be fine then
     
  7. KraGorn

    KraGorn
    Active Member

    Joined:
    Aug 30, 2003
    Messages:
    4,740
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    68
    Location:
    Warrington
    Ratings:
    +27
    Why ZoneAlarm? What action does a rogue dialler take that would trigger ZA?

    IMX Spybot is now the malware-killer of choice, AA seem to be more interested in feature bloat than accuracy of their detection code these days.
     
  8. Gazebo2

    Gazebo2
    Guest

    Products Owned:
    0
    Products Wanted:
    0
    Ratings:
    +0
    This has been discussed in a previous thread - Evil Expensive Diallers

    As I posted there that NEITHER spybot or adaware detected the program on my machine that kept trying to install the dialler (although they may have spotted the dialler once installed - that can be a bit late). I used the alarmingly named but excellent HijackThis to undo all changes made to IE configuration since its first installation.

    Two ways of protecting yourself against diallers are
    a) use broadband
    b) use a different browser and de-installing IE may help in some cases - some of the programs do depend on IE.
     
  9. KraGorn

    KraGorn
    Active Member

    Joined:
    Aug 30, 2003
    Messages:
    4,740
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    68
    Location:
    Warrington
    Ratings:
    +27
    IE isn't uninstallable, at best you can hide it but it's still there and used by Outlook Express etc.

    However, switching to Firefox, or Opera if you want to give money to someone :), is indeed the best way to avoid pests like these and drive-by installs in general.
     
  10. mjn

    mjn
    Distinguished Member

    Joined:
    May 24, 2001
    Messages:
    17,592
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    166
    Location:
    Herts, England
    Ratings:
    +4,510
    IE can actually be un-installed, i have the instructions somewhere.....
     
  11. LTJ

    LTJ
    Guest

    Products Owned:
    0
    Products Wanted:
    0
    Ratings:
    +0
    Comer. I run lava soft free adaware I also obtained wincleaner ultrto clear out caches and broken registery links> I turn off system restore run win ultra cleaner and then adaware. These of course are free but there are more thorough versions. I'll have to check my phone bill. That bloody kazaar has a lot to answer for, my teenage kids keep loading the damn thing.
     
  12. Gazebo2

    Gazebo2
    Guest

    Products Owned:
    0
    Products Wanted:
    0
    Ratings:
    +0
    KraGorn, i agree that you cannot un-install IE using XP control panel facilities - only remove user access to it.

    However it is possible to uninstall IE from XP using products such as XPlite. According to their website the only components that depend on IE are Macromedia Shockwave Flash & Windows Update Manager, not Outlook Express. But of course if you are going to uninstall IE, you would best get rid of Outlook Express too.

    If XPlite can do it, I suspect that you can do it manually if you know how to switch off the file protection and the registry keys to update.
     
  13. djchapple

    djchapple
    Standard Member

    Joined:
    Oct 10, 2004
    Messages:
    85
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    8
    Location:
    St Neots
    Ratings:
    +0
    One point to add to gazebo2's suggestion - use Broadband.

    Broadband is not safe if you have a dial up modem attached and set up to use as a back-up for broadband. The modem could still be used to dial out.
     
  14. witty_name

    witty_name
    Guest

    Products Owned:
    0
    Products Wanted:
    0
    Ratings:
    +0
    wouldn't another solution be to simply unplug your computer from the telephone socket when you're not on the internet?!
     
  15. bk_man

    bk_man
    Guest

    Products Owned:
    0
    Products Wanted:
    0
    Ratings:
    +0
    I have a hardware solution which would prevent this, it will save you loads of money... contact me...
     
  16. Crocodile

    Crocodile
    Distinguished Member

    Joined:
    Nov 4, 2002
    Messages:
    15,143
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    166
    Ratings:
    +4,450
    BT have a free download here. It can't prevent hijacking but it does monitor the number your modem is dialling. If it tries to dial a number that you haven't previously approved, it launches a popup asking you to confirm. Should work on any analogue line, not just BT.
     

Share This Page

Loading...