Adware/SweetBar!dldr
Analysis
This Trojan downloads files from the domain '17913.com'. The files are retrieved as
SweetSetup.exe
InetSvr.dll
InetSvrHelper.dll
inetcomm.exe
atl.dll
and installed to the local system. The downloaded files are known as Adware/SweetBar.
Recommended Action
- check the main screen using the web interface to
ensure the latest AV/NIDS database has been downloaded
and installed -- if required, enable the "Allow
Push Update" option
FortiGate systems: