Infected with DailyWinner ?
The DailyWinner application is a Browser Helper Object (BHO) tagged as spyware.
Some documents state that the DailyWinner program belongs to a group of different buttons capable of performing specific tasks. Specifically, the DailyWinner application is a Browser Helper Object capable of loading whenever the infected Operating System starts. This BHO is likewise capable of sharing the Internet Explorer's memory context and performing different actions on available modules and windows.
Allegedly, the DailyWinner program is also capable of detecting events, creating windows that may display added pieces of data on a certain page being viewed by the user and monitoring the different actions and messages of the user. It reportedly may not be stopped by firewalls since this can be recognized as a helper. Also, because it is able to integrate itself with the Internet Explorer, anti-malware scanners might deem it part of the application, hiding its true nature.
The DailyWinner program may use the following aliases:
* and Trojan-Downloader.Win32.Miewer.d.
Anti-malware reports also claim that the DailyWinner application can search the pages that the victim may view using the Internet Explorer program and replace the different banner ads with other advertisements. It is likewise able to monitor the different Web activities of the victim, report the victim's different actions to the remote attacker and modify the default homepage of Internet Explorer.
Upon installation of the DailyWinner program, it purportedly listens for any advertising commands coming from the http://dailywinner.net and displays different advertisements through pop-up windows. If the victim visited one of the predetermined websites, it may contact the controlling server located at the same site, then after which it may then open some advertisements.
Supposedly, the link of the visited site will be passed to a certain controlling server and the controlling server will set a certain cookie. This action may purportedly allow the remote intruder to track the user across the different websites.
Some files that the DailyWinner program may create are:
* and kvern16.dll.
It may also enter some Registry keys so that it could run with the Operating System upon start-up.
Its author is DailyWinner.net.
|Threat Level: High Risk|
|Records personal data / keystrokes|
|Hijacks internet browser|
|Allows remote influence|
|Downloads unsolicited files|
|Disables programs / system|
|Makes unauthorized phone calls|
|Exploits a security flaw|
|Floods internet connection|
|Tracks browsing activity with installed applications|
|Tracks browsing activity with cookies|
|Installs without user consent|
|Inadequate uninstall procedures|
|Insufficient privacy disclosure and consent|
|Uses excessive system resources|
|Makes fraudulent claims about spyware detection and removal|
|Performs Silent Updates|
Microsoft is a registered trademark of Microsoft Corporation in the United States and/or other countries.