1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. System Infected: Adware.Zeropopup Install Request

System Infected: Adware.Zeropopup Install Request

Severity: Medium

This attack could pose a moderate security threat. It does not require immediate action.

Description

Adware.ZeroPopUp is an Internet Explorer Browser Helper Object that installs an Internet Explorer toolbar with a Search bar and Pop-up stopper. It also takes over the Search settings to point the user to znext.com or searchxl.com.

Additional Information

The system is installed with ZeroPopUp adware.

Adware.ZeroPopUp is an Internet Explorer Browser Helper Object that installs an Internet Explorer toolbar with a Search bar and Pop-up stopper. It also takes over the Search settings to point the user to znext.com or searchxl.com.

This adware is related to an earlier version, TellaFriend.Trojan, but it does not have the Outlook Address book spamming capability.

Adware:
Programs that facilitate delivery of advertising content to the user through their own window, or by utilizing another program's interface. In some cases, these programs may gather information from the user's computer, including information related to Internet browser usage or other computing habits, and relay this information back to a remote computer or other location in cyberspace.

Adware can be downloaded from Web sites (typically in shareware or freeware), email messages, and instant messengers. Additionally, a user may unknowingly receive and/or trigger adware by accepting an End User License Agreement from a software program linked to the adware, or from visiting a Web site that downloads the adware with or without an End User License Agreement.

Affected

  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional
  • Microsoft Windows 2000 Server
  • Microsoft Windows 95
  • Microsoft Windows 98
  • Microsoft Windows 98SE
  • Microsoft Windows ME
  • Microsoft Windows NT 4.0
  • Microsoft Windows Server 2003 Enterprise Edition
  • Microsoft Windows Server 2003 Standard Edition
  • Microsoft Windows XP

Response

For instructions on how to remove this installation from your network, reference Symantec Security Response.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube