|
|
 | | From: | Agent_C | | Subject: | Persistent ADware Infection | | Date: | Tue, 18 Jan 2005 17:01:02 -0500 |
|
|
 | I am trying to determine the source of a persistent piece of adware,
which infects my computer on a daily basis.
Every day, sometimes more than once, I get an advisory from Norton
2005 that it has deleted 'access_now.exe' from my temporary
directory. This is the '0Cat Yellow Pages' browser redirect.
What want to know is; how can a 3rd party (I'm assuming a web site)
insert an _executable_ on my computer without my consent? Is there an
Active-X setting that I can adjust to prevent this?
I'm running a fully patched W2k machine.
Thanks,
A_C
|
|
| | From: | Gesecoad | | Subject: | Re: Persistent ADware Infection | | Date: | Wed, 19 Jan 2005 19:16:01 +0800 |
|
|
| Is "Norton 2005" NIS 2005? If so, you can configure it to handle Active-X
the way you want it to be.
"Agent_C" wrote in message
news:qn1ru0poan8qoehmp28o8fa9c31qs0ij2f@4ax.com...
>I am trying to determine the source of a persistent piece of adware,
> which infects my computer on a daily basis.
>
> Every day, sometimes more than once, I get an advisory from Norton
> 2005 that it has deleted 'access_now.exe' from my temporary
> directory. This is the '0Cat Yellow Pages' browser redirect.
>
> What want to know is; how can a 3rd party (I'm assuming a web site)
> insert an _executable_ on my computer without my consent? Is there an
> Active-X setting that I can adjust to prevent this?
>
> I'm running a fully patched W2k machine.
>
> Thanks,
>
> A_C
>
>
|
|
| | From: | Duane Arnold | | Subject: | Re: Persistent ADware Infection | | Date: | Tue, 18 Jan 2005 23:22:48 GMT |
|
|
| Agent_C wrote in
news:qn1ru0poan8qoehmp28o8fa9c31qs0ij2f@4ax.com:
> I am trying to determine the source of a persistent piece of adware,
> which infects my computer on a daily basis.
>
> Every day, sometimes more than once, I get an advisory from Norton
> 2005 that it has deleted 'access_now.exe' from my temporary
> directory. This is the '0Cat Yellow Pages' browser redirect.
You tell IE to not download unsigned Active X Controls.
You tell IE to prompt on signed Active X Control downloads.
>
> What want to know is; how can a 3rd party (I'm assuming a web site)
> insert an _executable_ on my computer without my consent? Is there an
> Active-X setting that I can adjust to prevent this?
Well, if you have download unsigned Active X Controls enabled, then IE is
going to allow the download.
>
> I'm running a fully patched W2k machine.
>
You can use Firefox (free) which works similar to IE but is not open to
attack like IE for your surfing and use IE when you're forced to do so.
Duane :)
|
|
|
