Guest LilBambi Posted June 16, 2003 Share Posted June 16, 2003 ExtremeTech: Weekly Spyware Alert: IEAccess Variants: IEAccess/IEDial and IEAccess/HTMLAccess are similar but use different filenames and IDs. Description: IEAccess is an ActiveX control used to download and install premium-rate dialers*, primarily for porn sites. * Dialers are a type of software typically used by vendors serving pornography via the Internet. Once dialer software is downloaded, the user is disconnected from their modem's usual Internet service provider, connected to another phone number, and the user is billed. Dialers do not "spy" on their intended victims, but these malevolent programs can rack up significant long distance phone charges, costing victims time and money. Method of Infection: IEAccess is primarily installed by ActiveX drive-by-download on porn-related pages from nocreditcard.net and sex-explorer.com. These pages may be redirected to or opened by pop-up advertising. *The IEDial variant is known to exploit a security hole to install automatically, without prompting, on Internet Explorer versions earlier than IE6 Service Pack 1. The installer pages exploit this security hole to run an EXE which adds 'Electronic Group' to the list of trusted publishers whose software IE will install automatically without asking.Article has further information and removal instructions. Quote Link to comment Share on other sites More sharing options...
nlinecomputers Posted June 16, 2003 Share Posted June 16, 2003 Note: Spybot S&D update 2002-11-17 and later can remove IEAccess/IEDial.This may be new to Extremetech but it has been out a while. I think Ad-aware will also remove it. I update and use both regularly and try to scan systems that hit my workbench for this crap too. Quote Link to comment Share on other sites More sharing options...
redmaledeer Posted June 16, 2003 Share Posted June 16, 2003 This is a bit off-topic, but after I saw LilBambi's post I went to my Windows 98SE Tools/Internet Options/Security and set everything except Internet to a High level of security. (As a one=computer home user, Internet is all I use.)I figured that if a bad guy could add himself to the list of Trusted Publishers, maybe there would be a way to add himself to my Trusted Sites.What I've done seems harmless. Maybe someone could tell me whether it's any use. Have attacks been mounted that way, or could they be? Would it be a good thing for other people to do?-- Redmaledeer Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted June 16, 2003 Share Posted June 16, 2003 Note: Spybot S&D update 2002-11-17 and later can remove IEAccess/IEDial.This may be new to Extremetech but it has been out a while. I think Ad-aware will also remove it. I update and use both regularly and try to scan systems that hit my workbench for this crap too.nlinecomputers --I also have been using both SpyBot S&D and Ad-aware for a very long time and keep them up to date and run them both once a week.But many folks may not be using these tools as aggressively.Redmaledeer --As a single user on a single computer, what you have done may work out. It sounds a bit restrictive but not seeing your setup and what you do on your computer, only you could answer that. And that may change over time.I would not be able to do that, but I do have many settings set to prompt rather than allow or deny so it lets me decide whether I want to allow it on a case by case basis even in the Internet Zone which is set to my Custom Settings.In the Restricted Zone I have it set to High and in the Intranet Zone set less restrictively because we have a local network.Of course, nothing is carved in stone, all the settings are changeable if you find that you can't get to some place you want to go.If you are not doing it already, I would definitely get SpyBot S&D and update it and run it regularly since as nlinecomputers noted, it has the problem mentioned by ExtremeTech covered. Quote Link to comment Share on other sites More sharing options...
nlinecomputers Posted June 16, 2003 Share Posted June 16, 2003 Fran,No criticism was intended. Was only trying to point out that the Spyware tools can remove this and most other Spyware as well. With the increase of trojan websites that download automaticly software onto your system having an anti-spyware tool or two is required just as Anti-virus software is.Great place for Spyware information is www.spywareinfo.com Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted June 16, 2003 Share Posted June 16, 2003 (edited) nlinecomputers --Didn't take it as criticizm. I didn't think about it ... I do it as a course of habit myself ;)Reminding folks about SpyBot S&D is great info!Thanks! B)BTW: I too feel that anti-spyware software is an essential tool for all computer users. It is one of the first things I put on a client computer because it will take care of many of the ills they are complaining about. Edited June 16, 2003 by LilBambi Quote Link to comment Share on other sites More sharing options...
redmaledeer Posted June 16, 2003 Share Posted June 16, 2003 Thanks to LilBambi for pointing out Prompts. It sounds like a similar idea but more flexible.I do have Spybot S&D, and am working up to also getting AdAware.-- Redmaledeer Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.