1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. System Infected: WinFixer Activity

System Infected: WinFixer Activity

Severity: Medium

This attack could pose a moderate security threat. It does not require immediate action.

Description

This signature detects SecurityRisk.WinFixer communicating and requesting information from its controlling server.

Additional Information

WinFixer is a Security Risk that may give exaggerated reports of threats on the computer. The program then prompts the user to purchase a registered version of the software in order to remove the reported threats.

Affected

  • Windows 2000
  • Windows 95
  • Windows 98
  • Windows Me
  • Windows NT
  • Windows Server 2003
  • Windows XP

Response

The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.

1. Disable System Restore (Windows Me/XP).
2. Update the virus definitions.
3. Run a full system scan.
4. Delete any values added to the registry.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube