Persistent ADware Infection

- A
- Agent_C
  
  Contact options for registered users
posted
19 years ago

Tue, Jan 18, 2005 10:01 PM

I am trying to determine the source of a persistent piece of adware, which infects my computer on a daily basis.

Every day, sometimes more than once, I get an advisory from Norton

2005 that it has deleted 'access_now.exe' from my temporary directory. This is the '0Cat Yellow Pages' browser redirect.

What want to know is; how can a 3rd party (I'm assuming a web site) insert an _executable_ on my computer without my consent? Is there an Active-X setting that I can adjust to prevent this?

I'm running a fully patched W2k machine.

Thanks,

A_C

- D
- Duane Arnold
  
  Contact options for registered users
Vote on answer
posted
19 years ago

Wed, Jan 19, 2005 4:22 AM

Agent_C wrote in news: snipped-for-privacy@4ax.com:

You tell IE to not download unsigned Active X Controls.

You tell IE to prompt on signed Active X Control downloads.

Well, if you have download unsigned Active X Controls enabled, then IE is going to allow the download.

You can use Firefox (free) which works similar to IE but is not open to attack like IE for your surfing and use IE when you're forced to do so.

Duane :)

- G
- Gesecoad
  
  Contact options for registered users
Vote on answer
posted
19 years ago

Thu, Jan 20, 2005 12:16 AM

Is "Norton 2005" NIS 2005? If so, you can configure it to handle Active-X the way you want it to be.