Korean

<< Back VID 27322 Severity 30 Port 139,445 Protocol TCP Class MALWARE Detailed Description The "N-Case" program has been installed on the system. The presence of this program is sometimes perceived as Hijacker that can reset your browser's home page and/or search settings to point to other sites, or as Adware that can display ads, or as BHO that can runs automatically every time you start your Internet browser. Generally, Spyware, Adware and BHO may violate your privacy or expose your browsing habits to a central ad server or their creators and prevent you from changing your browser's homepage or from visiting a particular site. The N-Case transmits URLs entered and keywords within those URLs to the nCase server (bis.180solutions.com) and delivers targeted ads based on this data. Also, it can silently download and run code from its servers, as an "update" feature. It's likely to slow performance of Internet Explorer. * Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts. * References: http://securityresponse.symantec.com/avcenter/venc/data/adware.ncase.html http://www.kephyr.com/spywarescanner/library/ncase/index.phtml http://www.spywareguide.com/product_show.php?id=507 http://pestpatrol.com/PestInfo/n/ncase.asp * Platforms Affected: Microsoft Windows Any version Recommendation Remove it from your system using the following methods, if it's silently installed without the users knowledge or the use of it dose not match your security policy. 1. Using the uninstaller for it on the Add/Remove Program entry. 2. Using spyware/adware removal program or Vaccine(Anti-Virus) program. You can use the following programs: - Norton AntiVirus: http://www.symantec.com/downloads - McAfee VirusScan: http://download.mcafee.com/default.asp Related URL (CVE) Related URL (SecurityFocus) Related URL (ISS)