| VID |
24027 |
| Severity |
40 |
| Port |
21554 |
| Protocol |
TCP |
| Class |
BackDoor |
| Detailed Description |
GirlFriend is installed. This backdoor allows anyone to partially take the control of the remote system.
A cracker may use it to steal your password or prevent your from working properlly.
* References:
http://www.iss.net/security_center/static/2324.php
http://www.iss.net/security_center/alerts/advise30.php |
| Recommendation |
To remove GirlFriend from your machine, open regedit to HKLM\Software\Microsoft\Windows\CurrentVersion\Run
and look for a value named "Windll.exe" with the data "c:\windows\windll.exe". Reboot to DOS and delete the C:\windows\windll.exe file, then boot to Windows and remove the "Windll.exe" registry value. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
