Network Security: Detailed info on Re: strange software

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Incidents

[Top] [All Lists]

Re: strange software > winsupdater.exe

from [Justin] Network Security

[Permanent Link]

Subject:	Re: strange software > winsupdater.exe
Date:	Wed, 16 Mar 2005 13:57:38 -0500

On Wed, 2005-03-16 at 12:53 +1300, Nick FitzGerald wrote:

Filenames are all but totally useless for diagnosing malware, spyware 
_AND_ the normal operation of a system.


Amen.  Trying to disguise itself as something related to Windows Update
is a fairly common tactic for Trojans.

If you suspect the file may be some (new) undesirable thing, send 
copies to your preferred antivirus (and possibly other "security") 
product developers asking them for an analysis and to add detection and 
removal if it turns out that it really is "undesirable" by their 
standard.


Start with Kaspersky.  They have the best track record of detecting
Trojans of any of the scanners I work with.  Go to their website and
upload the file to their online virus scanner:

http://www.kaspersky.com/scanforvirus

Better yet, upload it at VirusTotal.com and it will scan it against
several updated engines.  

Regards,
Justin

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
strange software > winsupdater.exe, SDA Re: strange software > winsupdater.exe, Nick FitzGerald Re: strange software > winsupdater.exe, Justin <= Re: strange software > winsupdater.exe, Jeremy Anderson Re: strange software > winsupdater.exe, Nick FitzGerald Re: strange software > winsupdater.exe, Paul Laudanski Pubstro rash, David Gillett Re: Pubstro rash, Mark Coleman RE: Pubstro rash, Steve Drees RE: Pubstro rash, Alexandre Skyrme Re: Pubstro rash, Jeff Kell RE: Pubstro rash, David Gillett Re: strange software > winsupdater.exe, Mike Barushok

Previous by Date:	Re: strange software > winsupdater.exe, Mike Barushok
Next by Date:	Re: strange software > winsupdater.exe, Jeremy Anderson
Previous by Thread:	Re: strange software > winsupdater.exe, Nick FitzGerald
Next by Thread:	Re: strange software > winsupdater.exe, Jeremy Anderson
Indexes:	[Date] [Thread] [Top] [All Lists]