This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects Adware.FindemNow communicating and requesting information from its controlling server.
Adware.FindemNow is a UPX-packed Browser Helper Object that displays an HTML page in Internet Explorer when "about:blank" is supposed to be displayed.
Programs that facilitate delivery of advertising content to the user through their own window, or by utilizing another program's interface. In some cases, these programs may gather information from the user's computer, including information related to Internet browser usage or other computing habits, and relay this information back to a remote computer or other location in cyber-space.
Adware can be downloaded from Web sites (typically in shareware or freeware), email messages, and instant messengers. Additionally, a user may unknowingly receive and/or trigger adware by accepting an End User License Agreement from a software program linked to the adware or from visiting a website that downloads the adware with or without an End User License Agreement
- Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
The following instructions pertain to all Symantec antivirus products that support Security Risk detection.
1. Update the virus definitions.
2. Remove the registry values that the adware added.
3. Restart the computer in Safe mode.
4. Run a full system scan and delete all the files detected as Adware.FindemNow, and then restart in normal mode.
5. Reset the Internet Explorer settings.
6. Remove the lines that were added to the hosts file.