Not this PC fortunately. I noticed on Friday night that my User name had some numbers after it and my password (which just appears as a series of dots) had more dots than usual. As well the number being dialled for internet connection looked different. Fortunately I kept on failing to get a connection as the line was busy but I thought this was odd. I then managed to get a connection but although it allowed me to get on one site I couldn't get on to anymore and the error message kept on coming up Error 403 - Forbidden site.

Rang up Wanadoo technical support who suggested changing all my settings and resetting the defaults which got me onto the internet with the number they gave me to dial up but every time I turned my computer off and went back on again it had reverted to the previous settings that were giving me all the problems.

Eventually Wanadoo worked out that I had a rogue dialler trying to divert my connection to a premium rate line and heavy phone bills to follow. They suggested getting in touch with BT to bar premium rate calls out which I have. Downloading the Wanadoo connection kit which I couldn't and if the problem persisted getting a PC tech to look at it - which is where the FORUM comes in.

Has anyone had a similar problem and how did they overcome it? Can anyone recommend a good PC outlet that can fix this? Any idea how much I am likely to have to pay? I have Windows XP Home edition on my PC. Got some virus software on - tried Norton but it slows everything down so much.

BT have just launched some software that will warn you if your PC starts to dial rogue dialers I saw it in PCZone magazine.

Here is the LINK (http://www.bt.com/btprivacyonline/)

thanks for letting me know about this- has anybody tried it and does it work?

Get yourself a copy of the latest Microsoft Antispyware software (http://www.microsoft.com/downloads/details.aspx?FamilyID=321cd7a2-6a57-4c57-a8bd-dbf62eda9671&displaylang=en&Hash=XJS6KPF) and if your techi enough do a google search for an application called Hijackthis

This should help you sort out the problem.

Tahnks for this - will try this as well. Anyone recommend a good PC outlet that won't rip me off? Are Gemsoft any good?

Well if you go to PC world, make sure you delete any incriminating evidence, you don’t want to end up like Garry Glitter! ;)

You could try that shop on Eccy road (the computer shop or something like that) or pay me £50 and I will come and fix it for ya :D

I've got round this by disabling premium rate numbers being called from my phone line. (The only downside is I can't vote for BB, strictly come dancing, etc, etc, etc ... ah well, no great loss)

Thanks for further replies - I hope the call bar will crack it. Contacted Gemsoft who used to be at Furnival House and they gave me some websites to get free download antivirus software from as well so it looks like I won't need to shell out £50 to serapis as well.

Originally posted by Scat
I've got round this by disabling premium rate numbers being called from my phone line. (The only downside is I can't vote for BB, strictly come dancing, etc, etc, etc ... ah well, no great loss)

Scat banning premium rate numbers on your line wont work whatever modems do differently than standard handsets means they can still ring the numbers so be carefull :)

thanks for the warning about the limitations of rate blocking. Fingers crossed I can get some software that will seek and destroy this virus.

Hello Cranberry :)
Install Stinger (http://vil.nai.com/vil/stinger/) and run it. That might delete the dialler.
Also, go to Add/Remove programs (start ->control panel ->Add/Remove programs) and look for anything that looks out of place and remove it/them. These will normally say something like 'browser helper' in the title.

Originally posted by soupy
Scat banning premium rate numbers on your line wont work whatever modems do differently than standard handsets means they can still ring the numbers so be carefull :)

Are you sure? Is there anywhere I can get some more info on this, cos I thought I was quite safe....

Sorry for the bum advice earlier. Just spoken to BT and the premium rate block is only effective when establishing the initial connection, so once connected it is possible for a rogue dialler to work. Looks like I'll have to add anti-dailup software to my ever increasing litany of security products....

You were trying to help Scat, that's what's important.

I rang Gemsoft in Attercliffe and they recommended SpySweeper software. If you try www.webroot.com you can get a 14 day free trial and a free spy scan.

I tried it last night and it looks like it works but the bl**dy virus I've got is resistant to moving out and it needs a few go's to knock it out.

The b*gger goes by the name of abetterinternet and the cookie is btgrab.

Originally posted by Cranberry


The b*gger goes by the name of abetterinternet and the cookie is btgrab.
If only you'd have told us that in the first place Cranberry :wink:

Full Removal Instructions (http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453076992) :)

Originally posted by vidster
If only you'd have told us that in the first place Cranberry :wink:


It would've helped;).



Originally posted by vidster
Full Removal Instructions (http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453076992) :)


That takes some removing:o.


I'd try the symantec removal tool first:

http://securityresponse.symantec.com/avcenter/venc/data/adware.betterinternet.html:thumbsup:.

Originally posted by sccsux
It would've helped;).






That takes some removing:o.


I'd try the symantec removal tool first:

http://securityresponse.symantec.com/avcenter/venc/data/adware.betterinternet.html:thumbsup:.

I'd jump straight to a HJT scan and prey it worked :o

Originally posted by vidster
I'd jump straight to a HJT scan and prey it worked :o


Why not just re-format:D:hihi:.
BTW. The link to symantec was for cranberry (to make his/her life easier). I should hope you wouldn't need a removal tool (manual removal is always prefered to automated):thumbsup:!




Cranberry: The options mentioned previously will work. This is just a silly post.


Note to the terminally stupid:

Do not try this @ home;).

Originally posted by sccsux


Note to the terminally stupid:

Do not try this @ home;).

:hihi: :hihi: :hihi:

Me not mea culpa vidster, me just didn't know what the hell it was called - sufficient to say that I am on a learning curve as far as combatting these virus malarkeys are concerned - thanks for the info on abetterinternet.

Has anybody got anything on bt grab?

Thanks for chipping in as well sccsux.

Will have a go with different solutions and see which one works first - otherwise it's a case of watch out for another post o forum.

I could only find one referance to BT Grab and that came from Here (http://www.aluriasoftware.com/forum/thread844.html).
It's not much use but i suppose you could try deleting your cookies and see if it comes back.

Scat banning premium rate numbers on your line wont work whatever modems do differently than standard handsets means they can still ring the numbers so be carefull

That is a total crock....

When an analogue modem connects to any number it uses EXACTLY the same method to connect to the remote number as a handset would use.

The number is dialed using either pulse or (more commonly) tone dialling. The call is then passed through telecoms switches based on the numbers that were dialed.

Modern switches are just computers. When you enable premium rate call blocking BT just set up an option so that Premium rate STD's are rerouted to a recorded message if you dial a premium rate number (0898, 09*, etc). That happens regardless of what you use to dial the number, infact... the switch doesn't even know if it's a modem or a handset because they dial in exactly the same manner.

It may be possible (although I would think BT would ban these too..), for you to still be able to ring international premium rate numbers but this would still be possible regardless of wether you used a handset or modem.

Just spoken to BT and the premium rate block is only effective when establishing the initial connection, so once connected it is possible for a rogue dialler to work.

That sounds like they are saying that it's only possible for a dialer to work once it's already connected. If this is the case once the block is put in place and the connection drops the block will be in place.

One thing to remember is that it's extremely unlikely that any dialer would connect for more than 20 minutes at a time without droping the connection and redialing. Connecting for more than 20 minutes would break ICSTIS rules meaning that anybody who got hit with a massive phone bill could quite easily get out of paying for the call (and get a massive fine to boot).

If they were an offshore premium rate provider with an international number than they are quite probably not bothered about ICSTIS rules. Even in this case the call would be terminated as soon as you picked up the phone, turned off/reset your computer or got some line noise. Assuming BT do block international premium rate numbers the next time the modem tried to dial the number it would get the recorded (blocked) message and not connect to the remote access server.

Thanks for the advice and don't fall out among yourselves. The spysweeper stuff seems to be working at the moment.