System infected by agressive Activex

Sharky Forums


Results 1 to 5 of 5

Thread: System infected by agressive Activex

  1. 06-12-2003, 12:37 PM #1
    Mechanic
    Mechanic is offline
    Hammerhead Shark Mechanic's Avatar
    Join Date
    Jan 2001
    Location
    Cincinnati, Ohio
    Posts
    2,163

    System infected by agressive Activex

    Yesterday I got a popup on my screen and an error message telling me I had a system failure regarding a connection error. It seems that an E-mail I have opened must have contained a hidden and agressive activex file that continually tries to connect me to this site and my Norton Firewall stops it.

    I can find my way around a computer pretty well but this thing has me stumped and I'm sure I'm not the first person to get this and maybe someone has already found the solution. No, I didn't visit any porn sites and no I have no idea where it came from other than my guess that it might have been burried in an e-mail or how it got through Norton VirusScan and Norton Firewall. I didn't download anything and really would love to meet the guy that wrote this software. Angry on my part is an under-statement!

    The web site that this software tries to access is:

    ***WARNING DO NOT ACCIDENTLY GET YOURSELF INFECTED BY CLEANING UP THIS ADDRESS AND CLICKING ON IT***

    ****http://sergey7.offshoreclicks.com/di...p?u=sergey7***

    Any help anyone can give me in removing the hidden software from my system would be greatly appreciated. I have run Norton and AdAware and both come up clean. I removed all activex controls I can find but there are two that are hidden and I can't find them.
    Last edited by Mechanic; 06-12-2003 at 12:55 PM.
    Reply With Quote Reply With Quote
  2. 06-12-2003, 02:18 PM #2
    ua549
    ua549 is offline
    Great White Shark
    Join Date
    Nov 2000
    Posts
    21,595
    First thing is to delete your IE history, temp files and objects.
    Next scan your system for virus, spyware and other pests. I use Pest Patrol. A soft firewall will also indicate what program is attempting to access the Internet. If it is just IE, removing IE objects should cure it. Tools, Internet Options, Settings, View Objects
    Reply With Quote Reply With Quote
  3. 06-12-2003, 03:08 PM #3
    Mechanic
    Mechanic is offline
    Hammerhead Shark Mechanic's Avatar
    Join Date
    Jan 2001
    Location
    Cincinnati, Ohio
    Posts
    2,163
    Thanks for the reply,

    I'm really on a mission!

    Prior to your post I had cleaned everything out of every temp file and history file in XP. Ran Norton VirusScan and Ad-Aware patted myself on the back for being so thorough reboted and in ten minutes another message.

    Finally I did a search on Redlabel.scr, the name on the error message and had the search include all files. I found Redlabel.scr in the screen saver file and another file in the prefetch files. Deleted them both. We will see what happens now.
    Last edited by Mechanic; 06-12-2003 at 03:09 PM.
    Reply With Quote Reply With Quote
  4. 06-12-2003, 03:15 PM #4
    speedstream5621
    speedstream5621 is offline
    Great White Shark
    Join Date
    Jun 2002
    Posts
    7,136
    I'd check that Objects folder. You can get all kind of crap in there; phone dialers, etc.
    Reply With Quote Reply With Quote
  6. 06-12-2003, 03:47 PM #5
    Mechanic
    Mechanic is offline
    Hammerhead Shark Mechanic's Avatar
    Join Date
    Jan 2001
    Location
    Cincinnati, Ohio
    Posts
    2,163
    I found three entries in the registery and removed them all. So far so good!
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules