Stopping "dialers" and saving your phone bill

Stopping "Dialers" and Saving Your Phone Bill

Where are all these calls coming from? Your computer?

05 JUN 2004 by Gordon Fecyk, Pan-Am Internet Services

MNITOBA TELECOM SERVICES WARNED CUSTOMERS about "dialer" programs during last week. A "dialer" is a shorthanded name for a certain type of trojan horse application - a piece of software whose authors say does one thing, but instead does something different and usually malicious. In this case, the "dialer" program supposedly provides access to some kind of premium content or perhaps forbidden content, but does so by using your computer's modem and your phone line to dial an overseas phone number and overcharges your phone number's account.

A "dialer" can do its work even if you use some kind of high speed Internet. If you have a modem and your phone line is connected to it, your computer can send and receive faxes, and still connect to other computers through the phone system. This becomes a problem only when you let a malicious application take control of the modem.

MTS provided one of the best pieces of advice I would have ever asked them to give: "Consult a computer expert for advice." Well, I'm a computer expert, so I've been told, so here is some advice. I'll explain how to remove "dialer" programs and how to prevent their reinstallation. These steps follow up on the last two weeks of newsletters that talk about your computer's safety guards, and preventing viruses before the fact.

REMOVE A DIALER by checking which applications your computer launches automatically on startup. Microsoft Windows has more than one place to look, unfortunately, for such settings. They are:

The Startup Group in your Start Menu. Check Start / Programs / Startup. If you find something you don't recognize, you can right-click on it and pick Delete, or you can move it somewhere else so you can put it back later.
The Scheduled Tasks icon can be found in the My Computer window (Win95, Win98, Windows NT 4.0) or in Control Panel (Windows 2000, Windows XP). Look for tasks that launch "On Startup." You can disable a task by Opening it and turning off the "Enabled" check box on the bottom-left. You can re-enable it later, but on Windows NT, Windows 2000 and XP it will ask you for a logon username and password when you do.
The Registry, in two locations: "HKEY_LOCAL_MACHINE" and "HKEY_CURRENT_USER". Editing the Registry directly is dangerous if you don't know what you're doing, so try to find an application to assist you. All versions of Windows since Windows 95 will work with Mike Lin's Startup Control Panel to help you control what starts automatically, but Windows 98 and XP come with MSCONFIG which achieves the same goal. The Windows XP version, in addition to controlling startup items, can also control XP Services - programs that run independently of the user.
If the "dialer" is part of another application and you recognize which one, you should uninstall that application. If not, you can then try a spy ware remover, such as Spybot Search and Destroy. After you let Spybot do its work, test your applications to make sure they still work - an application that stops working after using Spybot is probably your culprit. Spybot also comes with a startup control panel of its own, visible in Advanced mode.

BLOCK DIALERS by using your computer's safety guards, meaning, using a current version of Microsoft Windows as a limited user or as a restricted user. Limited users can't install applications, automatically or otherwise, and that includes "dialer" applications.

A "dialer" can still run as a limited user if you download such an application and run it directly, provided it doesn't need to be installed first. But this involves you, the user, making a consious decision to download and use such an application. Read the application developers' Terms of Use, Privacy Policy and so forth before choosing to use it.

Windows 95 and Windows 98 computers don't have built-in safety guards like Windows 2000 and XP do, but you can still use some basic precautions to block "dialers" and other spy ware. You can use an anti-spyware application like Spybot Search and Destroy which includes extensions to Internet Explorer that automatically block "bad" downloads, but you can also instruct Internet Explorer not to automatically install software on demand:

From Internet Explorer, pick the Tools menu and pick Internet Options,
Click the Advanced tab. A short way down the list, you will find "Install on Demand (Internet Explorer)" and "Install on Demand (other)". Turn both of these features off.
Click OK to save the change.

This disables automatic installation of anything from the Internet. It also disables Windows Update and Office Update, so you'll need to return here to turn "Install On Demand (other)" back on before using them, and turn them back off when you're done.

NEXT WEEK I'll explain how to selectively enable and disable such features as Install On Demand, advertising pop-ups, and so on for individual web sites, domains, companies and so forth. This capability is available in Internet Explorer 5.0 and later, Netscape Navigator 7.0 and later, and other browsers for Microsoft Windows, Macintosh and (in the case of Netscape) Linux and BSD. It may also be available in other web browsers or web browser shells such as America On-Line 9.0.

By default we trust everybody on the Internet. The Internet is a network of people, and like any other network of people there are good people and bad people. No one trusts everyone in the real world, so why should we on the Internet? Next week's newsletter will reintroduce the concept of trust to Internet use.

Return to Newsletter Archive
Return to Newsletter Home Page