| VID |
27323 |
| Severity |
20 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
MALWARE |
| Detailed Description |
The "BargainBuddy" program has been installed on the system.
The presence of this program is sometimes perceived as Adware that can display ads, or as BHO that runs automatically every time you start your Internet browser. Generally, Adware and BHO may expose your browsing habits to a central ad server or their creators and replace banner advertisements with other ads, change your home page. The BargainBuddy is consist of a process set to run at startup and BHO(Browser Helper Object), which monitors web pages requested and terms entered into forms. Also, this program updates itself silently through connections to "adp.ikena.com". It's likely to slow performance of Internet Explorer.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://securityresponse.symantec.com/avcenter/venc/data/adware.bargainbuddy.html
http://www.spywareguide.com/product_show.php?id=463
http://www.kephyr.com/spywarescanner/library/bargainbuddy/index.phtml
http://pestpatrol.com/PestInfo/b/bargainbuddy.asp
* Platforms Affected:
Microsoft Windows Any version |
| Recommendation |
Remove it from your system using the following methods, if it's silently installed without the users knowledge or the use of it dose not match your security policy.
1. Using the uninstaller for it on the Add/Remove Program entry.
2. Using spyware/adware removal program or Vaccine(Anti-Virus) program. You can use the following programs:
- Norton AntiVirus: http://www.symantec.com/downloads
- McAfee VirusScan: http://download.mcafee.com/default.asp |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
