| VID |
27309 |
| Severity |
20 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
MALWARE |
| Detailed Description |
The "Cydoor" program has been installed on the system.
The presence of this program is sometimes perceived as Adware that downloads and display ads.
Generally, Adware may track your browsing habits and expose it to a central ad server for advertising purposes. The Cydoor contacts the server www.rgs[1-4].net on port 80 or other servers from this initial server and retrieves the advertisements from these servers, and send out usage statistics.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=100872
http://securityresponse.symantec.com/avcenter/venc/data/adware.cydoor.html
http://www.kephyr.com/spywarescanner/library/cydoor/index.phtml
http://www.spywareguide.com/product_show.php?id=7
http://pestpatrol.com/PestInfo/c/cydoor.asp
* Platforms Affected:
Microsoft Windows Any version |
| Recommendation |
Remove it from your system using the following methods, if it's silently installed without the users knowledge or the use of it dose not match your security policy.
1. Using the uninstaller for it on the Add/Remove Program entry.
2. Using spyware/adware removal program or Vaccine(Anti-Virus) program. You can use the following programs:
- Norton AntiVirus: http://www.symantec.com/downloads
- McAfee VirusScan: http://download.mcafee.com/default.asp |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
