A dialer (fraudulent version) is a program that uses computer’s modem to establish a dialup connection over the Internet and make the money from calls. A connection is made by dialing a predetermined phone number and connecting to an international or premium rate local phone numbers. Dialers are capable of making an unauthorized connection and bypassing the local Internet service provider. After performing these activities, victims lose the money by receiving increased phone bills. 

The most of dialers are malicious programs that work in the same manner as regular computer viruses. Therefore, they change system’s essential dialup and networking settings without user's consent and approval. A typical dialer runs on every computer startup and attempts to hide its presence on the system. A parasite doesn’t affect computer's performance and doesn’t leave any clues like unexpected advertisements or third-party toolbars, so its activity can hardly be easily noticed. Users of broadband lines, such as DSL, LAN or similar, cannot be affected because their computers have no modems installed.

Some dialers are legitimate applications developed by Internet service providers and certain companies. Their task is to ease the process of setting up an Internet connection or to perform marketing campaigns of third parties. Such parties provide their users with the license agreement and inform them about the installation of a dialer. Nevertheless, such programs are quite rare.

Activities that characterize dialers

  • Using a compromised computer to connect to the high-cost phone numbers.
  • Promoting potentially unsafe web sites with pornographic, advertising or other similar content.
  • Causing system modification and altering essential dialup and networking settings. This is done by the dialer for registering itself as a default Internet connection service and connecting a compromised computer over the Internet.
  • Changing web browser’s settings. You can notice changes in your home page and default search engine. In addition, you can be prevented from restoring these settings.
  • Creating numerous links that could lead people to potentially insecure web sites. In addition, a victim may also notice unknown desktop shortcuts to suspicious sites, unknown bookmarks and new entries in his/hers Favorites list.
  • Provides no removal feature.

Infiltration techniques that are used by dialiers

Although the most dialers are very similar to regular viruses, their distribution methods are quite different. They do not spread like other types of malware. In most of the cases, people have to install them on the system as any other software. This can be done either with or without user's content. More information about the major distributors that have been used for the unnoticed installation of dialer parasites is provided below.

  • Pornographic and illegal websites. Sites that are filled with adult-oriented content, illegal music and video files and similar offers should be avoided. Otherwise, they can trick the user to download and manually install a particular dialer on the system. No matter that it is declared that this should be done for getting an ability to receive an access to desired constant, you should not agree with such installation. Such dialers not only fail to provide the uninstaller, but can also lead you to the loss of your money by making Internet connections through high-cost phone numbers.
  • System vulnerabilities. The biggest amount of malicious dialers get into the system by exploiting certain vulnerabilities. Such security holes may appear by failing to update anti-virus/anti-spyware software or web browser. In addition, the malicious dialer may appear on your computer by running into an insecure web site that is filled with the malicious code or by clicking on an unsafe pop-up ad. The affected user cannot notice anything suspicious, as parasites do not display any setup wizards, dialogs or warnings.
  • Spam and malicious email messages. Some dialers are secretly installed on the system by opening spam or malicious e-mail messages. Some part of such parasites arrives to the target PC system as legitimate e-mail attachments. Their installation is made without user's consent and approval.

The most popular examples of dialers

There are lots of different dialers that are considered malicious. The following examples illustrate their behavior on the affected PC system.

661-748-0240 offers access to the Internet via high-cost telephone numbers. It redirects a web browser to certain Internet resources and changes default home page without asking for user permission. This dialer can be secretly installed while visiting some unsafe web sites. The parasite alters the registry, so the threat runs on every Windows startup, and creates a desktop shortcut named Click Me!!!. Most dialers are quite similar to this example and do not pose any threat to the system, but severely violate the privacy of the user.

Trojan.Dialer.yz connects its victim’s computer to the Internet through expensive phone number. It is capable of accessing a predefined Internet resource on required domain without asking a permission from the user. This threat silently erases the web browser's cache and history. The parasite gets into the system from some insecure web sites. The dialer complicates its detection and removal and doesn’t have the functional uninstaller.

Trafficadvance is a way more harmful dialer that not only connects a compromised computer to the Internet using a premium rate phone number, but also terminates some running applications and steals system information. Once executed, it modifies the Windows registry to register itself as a primary Internet connection service. This means that all further Internet connections will be made through expensive phone number instead of local lnternet service provider’s default one. Such activity results in receiving enormous phone bills.

Removing dialer from the PC system

As it was said above, the most of dialers work in the same manner as the computer viruses and, therefore, can be found and removed with the help of reliable anti-spyware program. We can recommend SpyHunter or Malwarebytes Anti Malware that have showed great results when removing dialer from the system.

Beware that in some cases even the most antivirus or spyware remover can fail to get rid of a particular dialer. That is why there are Internet resources such as 2-Spyware.com, which provide manual malware removal instructions. These instructions allow the user to manually delete all the files, directories, registry entries and other objects that belong to a parasite. However, manual removal requires fair system knowledge and therefore can be a quite difficult and tedious task for novices.

Newest Dialers

Svezia Dialer removal steps

May 29th, 2015. Svezia Dialer is a dialer distributed by 7adpower.com. It is promoting 'free' screensavers. More...

Removing 661-748-0240

June 10th, 2013. 661-748-0240 is a Skype number you should definitely stay away from. That's because it is used by cyber criminals to fool unaware people and swindle their money. Similar trickery has already been described in our 'news' section, which is based on a misleading call reporting about dangerous... More...

XLite removal guide

May 1st, 2012. XLite is a typical dialer parasite that connects a compromised computer to the Internet by dialing a high cost phone number using a modem. XLite can get into the system from various malicious web sites and pornographic resources. More...

DATABASE OF Dialers PARASITES

Total Dialers parasites in our DB: 45


    1
  • 661-748-0240 June 10th, 2013 | 81 Comments
    661-748-0240 is a Skype number you should definitely stay away from. That's because it is used by cyber crimin...

  • Active Strip Setup June 9th, 2004 | No Comments
    A downloader for a phone dialer, which gives access to a porn site strip-player.com.

  • Adultoweb Dialer June 9th, 2004 | No Comments
    Adultoweb Dialer is a dialer that changes your dial-up settings and connects to the internet through expensive...

  • Bloiscom Dialer June 8th, 2004 | No Comments
    It is a premium rate dialer application.

  • Bobbie dialer June 9th, 2004 | No Comments
    Bobbie dialer is a dialer that changes your dial-up settings and connects to the internet through expensive or...

  • C2.lop April 1st, 2005 | 12 Comments
    C2.lop Dialer dials a phone numbers without knowledge and permission of end user. User might get enormous phon...

  • Comload May 25th, 2004 | 1 Comments
    Comload is an ActiveX control for premium-rate diallers. Related to Coulomb Dialer. The company site seems to...

  • Crush dialer June 9th, 2004 | No Comments
    Crush dialer is a dialer that changes your dial-up settings and connects to the internet through expensive or ...

  • DateRegon April 23rd, 2004 | No Comments
    Date Regon is a dialer distributed by www.oldgames.se and other sites.

  • DyFuCa August 27th, 2008 | 4 Comments
    Dyfuca is a dialer, which runs at startup and dials to porn servers. This will lead to your phone line being c...

  • E-group Sex Dialer May 1st, 2012 | 1 Comments
    E-group sex dialer changes your modem dial-up settings and connects to the internet using expensive or interna...

  • EZ 1-2-3 Dialer June 9th, 2004 | No Comments
    EZ 1-2-3 Dialer is a dialer that changes your dial-up settings and connects to the internet through expensi...

  • Holystic dialer November 11th, 2004 | No Comments
    A dialer that places a file on the desktop an write info into the registry. Even if you delete an executable f...

  • HotActionDating April 23rd, 2004 | No Comments
    It is a dialer program. As the publisher says, it will dial a 'domestic 900 pay per call telephone number', an...

  • IEDisco September 24th, 2005 | No Comments
    IEDisco is a malicious dialer that connects a compromised computer to the Internet by dialing premium rate or ...

  • Instant Access September 10th, 2008 | 7 Comments
    Instant Access is a dialer that connects a compromised computer to the Internet by dialing premium rate phone ...

  • Instant Access Dialer December 21st, 2007 | No Comments
    Instant Access Dialer is a software that changes settings of dialup connection. This way the infected computer...

  • Mshta Dialer January 13th, 2005 | 8 Comments
    Mshta Dialer is an adult content dialer. Starts working after restart of the computer.

  • NsUpdate Dialer January 14th, 2012 | No Comments
    NSUpdate Dialer is a pornography related dialer. Seems to be somehow related to adware MoneyTree.

  • Proclaim Telcom June 10th, 2004 | No Comments
    Seems to be a variant of NSLite spyware.

  • PVM Dialer February 21st, 2005 | 1 Comments
    PVM Dialer is a pornography related dialer.

  • SCData Dialer June 15th, 2004 | No Comments
    Another porn dialer which also may slow down the performance of your computer.

  • SDBot June 10th, 2004 | No Comments
    It performs as a dialer, and also as a backdoor trojan horse, which receives command through IRC.

  • Sendman Dialer June 15th, 2004 | No Comments
    A dialer, with a help of it webmasters can earn money (as it is said in one German site).

  • Svezia Dialer May 29th, 2015 | No Comments
    Svezia Dialer is a dialer distributed by 7adpower.com. It is promoting 'free' screensavers.

  • Trafficadvance October 6th, 2005 | No Comments
    Trafficadvance is a dialer that connects a compromised computer to the Internet by dialing a high-cost phone n...

  • Trojan.Dialer.yz November 9th, 2015 | 3 Comments
    Why is Trojan.Dialer.yz considered to be so dangerous? Trojan.Dialer.yz usually infects the system by exploit...

  • Trojan.Win32.Dialer.a June 11th, 2004 | No Comments
    Not only a dialer, but also a trojan horse.

  • Trojan.Win32.Dilya June 12th, 2004 | No Comments
    Not only a dialer, but also a trojan horse.

  • TrojanClicker.Win32.Delf.h December 20th, 2007 | No Comments
    Not only a dialer, but also a trojan horse.

  • TrojanClicker.Win32.Feidin June 13th, 2004 | No Comments
    Not only a dialer, but also a trojan horse.

  • TrojanClicker.Win32.GreatPage June 13th, 2004 | No Comments
    Not only a dialer, but also a trojan horse.

  • TrojanClicker.Win32.Ipons June 13th, 2004 | No Comments
    It emulates mouse clicks on selected advertisement websites, possibly to generate revenues.

  • TrojanClicker.Win32.JpgNet June 13th, 2004 | No Comments
    Not only a dialer, but also a trojan horse.

  • Trojanclicker.Win32.Myxq.d June 13th, 2004 | No Comments
    Not only a dialer, but also a trojan horse.

  • TrojanClicker.Win32.Nex June 13th, 2004 | No Comments
    Not only a dialer, but also a trojan horse.

  • TrojanClicker.Win32.Rotarran June 13th, 2004 | No Comments
    This dialer and trojan makes damage to Internet Explorer.

  • TrojanClicker.Win32.VB.bc June 13th, 2004 | No Comments
    Not only a dialer, but also a trojan horse.

  • TrojanClicker.Win32.VB.u June 13th, 2004 | No Comments
    Not only a dialer, but also a trojan horse.

  • TrojanClicker.Win32.VB.y June 13th, 2004 | No Comments
    Not only a dialer, but also a trojan horse.

  • Wonderland April 6th, 2004 | 1 Comments
    Wonderland is a simple ActiveX-controlled dialler originating in Italy. When activated by any web site, it...

  • X-Diver April 6th, 2004 | 1 Comments
    Changes the users dialup settings to use a premium number to look at porn sites. From the publisher: 'X-D...

  • XLite May 1st, 2012 | No Comments
    XLite is a typical dialer parasite that connects a compromised computer to the Internet by dialing a high cost...

  • XLoader April 6th, 2004 | No Comments
    A German ActiveX installer control for premium-rate diallers. With XLoader installed, any site can direct ...

  • Yeaknet September 12th, 2005 | No Comments
    Yeaknet is a dialer that connects a compromised computer to the Internet by dialing a high-cost phone number u...


Like us on Facebook