1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. System Infected: Adware.WinBo Activity

System Infected: Adware.WinBo Activity

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects Adware.WinBo communicating and requesting information from its controlling server.

Additional Information

Adware.WinBo is an adware program that downloads and displays advertisements.

Spyware :
Programs that have the ability to scan systems or monitor activity and relay information to other computers or locations in cyber-space. Among the information that may be actively or passively gathered and disseminated by Spyware: passwords, log-in details, account numbers, personal information, individual files or other personal documents. Spyware may also gather and distribute information related to the user's computer, applications running on the computer, Internet browser usage or other computing habits.

Spyware frequently attempts to remain unnoticed, either by actively hiding or by simply not making its presence on a system known to the user. Spyware can be downloaded from Web sites (typically in shareware or freeware), email messages, and instant messengers. Additionally, a user may unknowingly receive and/or trigger spyware by accepting an End User License Agreement from a software program linked to the spyware or from visiting a website that downloads the spyware with or without an End User License Agreement

Adware :
Programs that facilitate delivery of advertising content to the user through their own window, or by utilizing another program's interface. In some cases, these programs may gather information from the user's computer, including information related to Internet browser usage or other computing habits, and relay this information back to a remote computer or other location in cyber-space.

Adware can be downloaded from Web sites (typically in shareware or freeware), email messages, and instant messengers. Additionally, a user may unknowingly receive and/or trigger adware by accepting an End User License Agreement from a software program linked to the adware or from visiting a website that downloads the adware with or without an End User License Agreement

Affected

  • Windows 2000
  • Windows 95
  • Windows 98
  • Windows NT
  • Windows Server 2003
  • Windows XP

Response

The following instructions pertain to all Symantec antivirus products that support security risk detection.

1. Update the definitions.
2. Run a full system scan.
3. Delete any values added to the registry.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube