|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-Disclosure] Microsoft Update Loader msrtwd.exe
From: Harlan Carvey (keydet89
yahoo.com)
Date: Wed Sep 01 2004 - 15:31:44 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> Recently discovered a trojan(? - possibly a virus)
> called msrtwd.exe.
> It's listed in the Registry as "Microsoft Update
> Loader"
>
> Does anyone know anything about this? Google
> doesnt offer much.
Where in the Registry did you find it? Which key(s)?
What about this makes you think it's a Trojan? Did
you run fport/openports and find it listening on a
port? Where does the Registry entry point to within
the file system? Since the file is an .exe file, did
you check it for version information?
Since filenames are the easiest thing about a file to
change, is there any information other than simply the
name that you can provide?
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]