Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Backdoors --> Category: infos

CodeRed version X detection Vulnerability Scan


Vulnerability Scan Summary
CodeRed version X detection

Detailed Explanation for this Vulnerability Test
Your machine is infected with the 'Code Red' worm. Your Windows system seems to be compromised.

Solution:
1) Remove the file root.exe from both directories:
\inetpub\scripts

and

\program files\common files\system\msadc

2) Install an updated antivirus program (this will remove the Explorer.exe Trojan)
3) Set SFCDisable in hklm\software\microsoft\windows nt\currentversion\winlogon to: 0
4) Remove the two newly created virtual directories: C and D (Created by the Trojan)
5) Make sure no other files have been modified.

It is recommended that hosts that have been compromised by Code Red X would reinstall the operating system from scratch and patch it accordingly.

Threat Level: High

Additional information:
http://www.securiteam.com/securitynews/5GP0V004UQ.html
http://www.securiteam.com/windowsntfocus/5WP0L004US.html
http://www.cert.org/advisories/CA-2001-11.html
http://www.microsoft.com/technet/itsolutions/security/tools/redfix.asp



Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.