1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. System Infected: Adware.Webprefix Activity

System Infected: Adware.Webprefix Activity

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects the adware communicating and requesting information from its controlling server.

Additional Information

Adware.Webprefix is an Internet Explorer browser helper object that displays advertisements and may send information about the compromised computer to a controlling web server.

Adware :
Programs that facilitate delivery of advertising content to the user through their own window, or by utilizing another program's interface. In some cases, these programs may gather information from the user's computer, including information related to Internet browser usage or other computing habits, and relay this information back to a remote computer or other location in cyber-space.

Adware can be downloaded from Web sites (typically in shareware or freeware), email messages, and instant messengers. Additionally, a user may unknowingly receive and/or trigger adware by accepting an End User License Agreement from a software program linked to the adware or from visiting a website that downloads the adware with or without an End User License Agreement

Affected

  • Windows 2000, Windows 95, Windows 98, Windows NT, Windows Server 2003, Windows XP

Response

The following instructions pertain to all Symantec antivirus products that support security risk detection.

1. Update the definitions.
2. Run a full system scan.
3. Delete any values added to the registry.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube