virus logo Virus

Adware/WinAD

description-logoAnalysis

  • This file is an adware application that is used for delivering advertising content.
  • Drops the file ide21201.vxd  in the System folder.
  • Creates the folder Adstatus Service  in the Program Files folder. It also creates the following files under the newly created folder:
    • AdStatComm.dll
    • AdStatKeep.exe
    • AdStatServ.exe
    • PrevAdComm.dll
    • WinProject.dll
    • WinSched.exe
    • WinTaskAd.exe
    • Info.txt
  • Adds the following registry in order to run itself on system startup:
    • key: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    • value: Adstatus Service
    • data: undefinedProgram Filesundefined\undefinedAdwareundefined\AdStatServ.exe

    recommended-action-logoRecommended Action

      FortiGate Systems
    • Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.

    Telemetry logoTelemetry

    Detection Availability

    FortiGate
    Extended
    FortiClient
    FortiMail
    FortiSandbox
    FortiWeb
    Web Application Firewall
    FortiIsolator
    FortiDeceptor
    FortiEDR

    Version Updates

    Date Version Detail
    2024-02-29 92.02027
    2024-02-29 92.02012
    2023-12-25 92.00041
    2023-11-08 91.08616
    2023-11-08 91.08610
    2023-11-06 91.08560
    2023-11-01 91.08413
    2023-09-27 91.07355
    2023-09-27 91.07351
    2023-09-26 91.07333
    ID 2809
    Released Dec 30, 2005
    Description
    Updated    		 Feb 01, 2007
    Aliases not-a-virus:AdWare.Win32.WinAD.s, Adware-WinAd application, Adware_WinAd
    Platform Profile Adware typically display advertising content to the user. This advertising content may take many forms, but is typically in the form of web browser pop-up advertisements. In most circumstances, the user is not aware of the Adware component being installed on the local machine.