dialer?

Discussion in 'other anti-malware software' started by connor321, Mar 4, 2004.

Thread Status:
Not open for further replies.
  1. connor321

    connor321 Guest

    Today, my dad told me to quit looking at porn because he got the phone bill and it has charges of $120 on it. Under Phone Called on the phone bill it says SAOTOME. He says it is an international porn website. First of all, I haven't been looking at porn sites! Second, I did a google search for SAOTOME and it returned nothing. I dont want to go to SAOTOME.com to actually see if this is a site or not. Would this constitute a dialer? How did I get infected? Will ZoneAlarm give me sufficient protection against this in the future? This supposedly happened on January 10, which is before I installed ZoneAlarm and AVG. Is there any way to despute this with the phone company?
     
  2. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Isn't SAOTOME japanese? Anyway, I'm not sure if you can get the phone company to do anything about it but I do know ZA and AVG won't protect you against dialers. I would suggest to unplug you phone from you computer. :) That's the same thing I told my brother in law. He think he has a dialer also. omeone else should be around shortly to help you in this more that I can. I just know from readin TDS does find dialers and so does Trojan Hunter. Both have a free trial. :)
     
  3. ShotgunGirl

    ShotgunGirl Guest

    São Tomé . Africa {offshore}

    Its a dialer. This type of hijacking could happen to anyone so please don't feel bad.
    Instead remove the Dialer. Try Spyblaster.
    If that does not world try a trial version of a good trogan remover . If that does not work you may want to consider a re-format which is alot cheaper than your phone bill

    Tighten your setting in Internet Explorer to help prevent this in the future.
    Have the phone company block the phone number. .
     
  4. ShotgunGirl

    ShotgunGirl Guest

    "Domain name registry for the Sao Tome domain, .st. "Anybody in the world can register a .ST domain. Although the .ST domain is the country code top-level domain for Sao Tome and Principe, any corporation or individual in the world can register a domain ending with {>.ST<} "

    Countless other countries use this server.
    Japan, NZ, Sweden, etc.
     
  5. ShotgunGirl

    ShotgunGirl Guest

    Alittle correction in order regarding my last post: "people" in those listed countries use that domain. Not the "country" inself.
     
  6. sig

    sig Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    716
    you might want to take a look at this document for some info about dialers and fwiw it says you should dispute the charge. http://216.239.53.104/search?q=cache:154ytSMRF_EJ:www.scscc.com/bkk/Dialers%2520at%2520Bay,%2520How%2520to%2520Keep%2520the.pdf+dialers%2Bspyware&hl=en&ie=UTF-8

    See if you can get an evaluation copy of TDS antitrojan (there's a support forum here for it if you have any questions), update it from the site, and run a scan to see if you can clean up your machine.

    Also, get, update and run SpyBot Search and Destroy, an antispyware app. Perhaps also Adaware, a similar app. Both free.

    You can get info about and recommendations for antispyware and antitrojan apps from the Wilders site: http://www.wilders.org/index.htm They also provide links to the apps so you can find them easily on the net.

    As the document I linked to indicated, allowing ActiveX enabled in the internet zone is a common way of getting dialers (although perhaps downloading questionable files might be another way as with all malware). I would however go further than the paper does and suggest that even allowing ActiveX controls to be downloaded and run that are marked "safe" or 'signed" is not a good idea. I have mine set to prompt and use sparely. Some people find it a bit of a pain, but the alternative is to disable them entirely and put really trusted sites in IE's trusted zone where the settings are less restrictive. This alternative actually is a better alternative from a safety point of view.

    Tighten up your browser settings and use SpywareBlaster which should block a lot of stuff in the future for prevention. SpywareGuard is another free app from the same author that helps against spyware. There is a support forum here also for those two apps.
     
Thread Status:
Not open for further replies.