How to counteract intruders that dial porn sites

The week before last I discussed a class of intruders known interchangeably as Adware, Spyware and Malware. At the end of the column I introduced a particularly insidious subset of these intruders known as ‘dialers’. This week we’ll learn how to deal with dialers. There are a number of choices, depending on how much work you want to do, how adept you are around a computer, and the severity of the threat.

To get the most out of today’s column, I hope you’ll reread that column. Simply click Dennis the Wizard in the left-hand frame on the TTP home page, and then click the column named Adware, Spyware, Malware – Protection vs. the drain on your computer’s resources.

When an intruder is a dialer it usually does the following things:

1. Copies itself into a folder such as C:\Documents and Settings\Administrator\Desktop\.
2. Creates one to several registry entries, such as HKEY_CURRENT_USER\Software\Coulomb HKEY_CURRENT_USER\Software\Coulomb\Hardcore
3. Creates an icon on your desktop.
4. Attempts to dial a porn site, online pharmacy, cheap mortgage site, or similar.
5. It may try to change your home page to a site of the type mentioned above.
6. It may pop-up windows when you’re browsing soliciting your perusing the site(s).

As I’ll show at the end, it’s a lot of work to reverse all these actions.

I recommended you buy Ad-aware Pro to stop the type of intruders mentioned in the Adware column. The best defense is a good offense, it is often said. Ad-aware Pro comes with a companion program called Ad-Watch. Ad-aware identifies intruders and allows you to delete them. Deleting them won’t reverse the registry entries, and may actually cause problems.

Ad-watch does a pretty good job of not allowing them to invade your computer in the first place. So you want to make sure Ad-watch starts automatically every time you boot your computer. Check to see whether Ad-aware is starting Ad-watch on start-up.

Double-click the Ad-aware icon, bringing up the opening screen.

Notice the cursor is on an icon on the top that looks like a corrugated nut. That’s the settings icon. Double click.

The cursor is on ‘Load Ad-watch on Windows start up’. The radio button is checked, indicating that Ad-watch is loaded on start-up. If it’s not, check the radio button.

On my computer there’s a problem, however. Checked on not, Ad-watch is not loaded at start up. If that’s the case on your computer, there’s an easy fix.

Right-click the Ad-watch short-cut icon on your desktop to bring up the context menu. Click copy on the context menu. Your context menu will look different, but Cut, Copy, and Paste will be on it.

Now, right-click the start button on the left hand side of the task pane and select ‘explore all users’. Scroll down to the ‘Startup’ folder and double click.

Click the ‘Paste’ icon on the folder’s toolbar.

And now the Ad-watch short-cut is in the Startup folder. Every time you reboot your computer Ad-watch will try to prevent intruders from invading your computer. There is a cost, however. Scroll up and look again at the ‘Settings’ pane of Ad-aware. Note the panel titled ‘Real Time Accuracy’ with a slider bar set to medium. The higher you move the slider bar, the fewer intruders will get through. But the cost is CPU cycles, as well as other resources. The tighter your defense, the more you’ll slow down your computer. If you set the slider bar to the maximum, your computer would become so slow you’d be hard pressed to do your work.

What about dialers that do get through?

Most of you are probably using broadband now. If you’re not, I suggest you get it. Dialers can’t make expensive phone calls if you have a cable or DSL connection. They can still lead you to porn, cheap mortgage sites, online ‘pharmacies’ and more. All of these will pour more intruders into your computer and email inbox.

In my previous column on Adware I showed you how to get details on an individual item, so I won’t repeat the screen shots here. The details include the risk level. In most cases it’s low. If so, I’d just check the item and delete it. This isn’t the ideal way to remove the dialer, because it doesn’t delete the registry entries. But removing the registry entries is hard and dangerous work. Stay away from the registry unless you really know what you’re doing.

If the risk is greater than low, you’ll have to find a knowledgeable person to remove the registry entries. In a future column I’ll introduce a product that will remove some registry problems automatically.

In the meantime, I recommend that you set Ad-aware to ignore these dialers, so you won’t be faced with them after every scan.

Scroll up again to the Ad-aware opening screen and click Help. Help appears on the icon bar in the left-hand frame.

When you click it your screen will look as follows:

Click the index tab and type in ignore.

Double click ignore and follow the instructions.

There were several topics that extend this train of thought that I wanted to include. However, the column is already too long and I’ve run out of time. See you next week.

Dennis Turner