Persistent ADware Infection

Persistent ADware Infection
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Persistent ADware Infection Agent_C 01-18-2005
Posted by Agent_C on January 18, 2005, 5:01 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
I am trying to determine the source of a persistent piece of adware,
which infects my computer on a daily basis.

Every day, sometimes more than once, I get an advisory from Norton
2005 that it has deleted 'access_now.exe' from my temporary
directory. This is the '0Cat Yellow Pages' browser redirect.

What want to know is; how can a 3rd party (I'm assuming a web site)
insert an _executable_ on my computer without my consent? Is there an
Active-X setting that I can adjust to prevent this?

I'm running a fully patched W2k machine.

Thanks,

A_C




Posted by Duane Arnold on January 18, 2005, 11:22 pm
If you were  Registered and logged in, you could reply and use other advanced thread options

> I am trying to determine the source of a persistent piece of adware,
> which infects my computer on a daily basis.
>
> Every day, sometimes more than once, I get an advisory from Norton
> 2005 that it has deleted 'access_now.exe' from my temporary
> directory. This is the '0Cat Yellow Pages' browser redirect.

You tell IE to not download unsigned Active X Controls.

You tell IE to prompt on signed Active X Control downloads.
>
> What want to know is; how can a 3rd party (I'm assuming a web site)
> insert an _executable_ on my computer without my consent? Is there an
> Active-X setting that I can adjust to prevent this?

Well, if you have download unsigned Active X Controls enabled, then IE is
going to allow the download.

>
> I'm running a fully patched W2k machine.
>

You can use Firefox (free) which works similar to IE but is not open to
attack like IE for your surfing and use IE when you're forced to do so.

Duane :)





Posted by Gesecoad on January 19, 2005, 7:16 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
Is "Norton 2005" NIS 2005? If so, you can configure it to handle Active-X
the way you want it to be.

>I am trying to determine the source of a persistent piece of adware,
> which infects my computer on a daily basis.
>
> Every day, sometimes more than once, I get an advisory from Norton
> 2005 that it has deleted 'access_now.exe' from my temporary
> directory. This is the '0Cat Yellow Pages' browser redirect.
>
> What want to know is; how can a 3rd party (I'm assuming a web site)
> insert an _executable_ on my computer without my consent? Is there an
> Active-X setting that I can adjust to prevent this?
>
> I'm running a fully patched W2k machine.
>
> Thanks,
>
> A_C
>
>




Similar ThreadsPosted
Possible infection by malware? June 5, 2005, 5:41 pm
MySpace Shuts Down User Profiles Due To Worm Infection December 7, 2006, 1:43 pm
Deleting Troublesome Adware November 25, 2004, 6:11 pm
Are you worried about Spy-/Adware remove them for free December 9, 2005, 2:59 pm
Free Spyware/Adware/Virus Removal March 12, 2005, 11:06 am
Spyware and Adware affect every internet user April 22, 2006, 10:46 am

The site map in XML format XML site map

Contact Us | Privacy Policy